Refactor solution and workspace file management handling

- Replaced `deleteAllS3WorkspaceObjects` and `deleteAllS3SolutionObjects` with `deleteWorkspaceFiles` and `deleteSolutionFiles` respectively
- Enhanced error handling during S3 file deletions with specific exceptions.
- Expanded supported MIME types for solution and workspace file uploads.
- Added RBAC tests for `listSolutionFiles` functionality with comprehensive role validation.
- Updated integration tests for file deletion operations in solution and workspace services.

Author: jreynard-code

solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceIntegrationTest.kt

@@ -2225,10 +2225,18 @@ class SolutionServiceIntegrationTest : CsmTestBase() {
     solutionApiService.createSolutionFile(
         organizationSaved.id, solutionSaved.id, multipartFile, true, null)
 
-    solutionApiService.deleteAllS3SolutionObjects(organizationSaved.id, solutionSaved)
-
-    assertEquals(
-        0, solutionApiService.listSolutionFiles(organizationSaved.id, solutionSaved.id).size)
+    solutionApiService.deleteSolutionFiles(organizationSaved.id, solutionSaved.id)
+
+    var numberOfTry = 0
+    var solutionFilesIsEmpty: Boolean
+    do {
+      solutionFilesIsEmpty =
+          solutionApiService.listSolutionFiles(organizationSaved.id, solutionSaved.id).isEmpty()
+      numberOfTry++
+      Thread.sleep(50)
+    } while (numberOfTry < 100 && !solutionFilesIsEmpty)
+
+    assertTrue(solutionFilesIsEmpty)
   }
 
   @Test

solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceRBACTest.kt

@@ -694,6 +694,99 @@ class SolutionServiceRBACTest : CsmTestBase() {
             }
           }
 
+  @TestFactory
+  fun `test Organization RBAC listSolutionFiles`() =
+      mapOf(
+              ROLE_VIEWER to false,
+              ROLE_EDITOR to false,
+              ROLE_USER to false,
+              ROLE_NONE to true,
+              ROLE_ADMIN to false,
+          )
+          .map { (role, shouldThrow) ->
+            DynamicTest.dynamicTest("Test Organization RBAC listSolutionFiles : $role") {
+              every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER
+
+              val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)
+              organizationSaved = organizationApiService.createOrganization(organization)
+              val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)
+              solutionSaved = solutionApiService.createSolution(organizationSaved.id, solution)
+              val fileName = "my_file.txt"
+              val multipartFile =
+                  MockMultipartFile(
+                      "file",
+                      fileName,
+                      MediaType.MULTIPART_FORM_DATA_VALUE,
+                      InputStream.nullInputStream())
+
+              solutionApiService.createSolutionFile(
+                  organizationSaved.id, solutionSaved.id, multipartFile, false, null)
+
+              every { getCurrentAccountIdentifier(any()) } returns TEST_USER_MAIL
+
+              if (shouldThrow) {
+                val exception =
+                    assertThrows<CsmAccessForbiddenException> {
+                      solutionApiService.listSolutionFiles(organizationSaved.id, solutionSaved.id)
+                    }
+                assertEquals(
+                    "RBAC ${organizationSaved.id} - User does not have permission $PERMISSION_READ",
+                    exception.message)
+              } else {
+                assertDoesNotThrow {
+                  solutionApiService.listSolutionFiles(organizationSaved.id, solutionSaved.id)
+                }
+              }
+            }
+          }
+
+  @TestFactory
+  fun `test Solution RBAC listSolutionFiles`() =
+      mapOf(
+              ROLE_VIEWER to false,
+              ROLE_EDITOR to false,
+              ROLE_USER to false,
+              ROLE_NONE to true,
+              ROLE_ADMIN to false,
+          )
+          .map { (role, shouldThrow) ->
+            DynamicTest.dynamicTest("Test Solution RBAC listSolutionFiles : $role") {
+              every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER
+
+              val organization =
+                  makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)
+              organizationSaved = organizationApiService.createOrganization(organization)
+              val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role)
+              solutionSaved = solutionApiService.createSolution(organizationSaved.id, solution)
+              val fileName = "my_file.txt"
+              val multipartFile =
+                  MockMultipartFile(
+                      "file",
+                      fileName,
+                      MediaType.MULTIPART_FORM_DATA_VALUE,
+                      InputStream.nullInputStream())
+
+              solutionApiService.createSolutionFile(
+                  organizationSaved.id, solutionSaved.id, multipartFile, false, null)
+
+              every { getCurrentAccountIdentifier(any()) } returns TEST_USER_MAIL
+
+              if (shouldThrow) {
+                val exception =
+                    assertThrows<CsmAccessForbiddenException> {
+                      solutionApiService.listSolutionFiles(organizationSaved.id, solutionSaved.id)
+                    }
+                assertEquals(
+                    "RBAC ${solutionSaved.id} - User does not have permission $PERMISSION_READ",
+                    exception.message)
+              } else {
+                assertDoesNotThrow {
+                  solutionApiService.listSolutionFiles(organizationSaved.id, solutionSaved.id)
+                }
+              }
+            }
+          }
+
   @TestFactory
   fun `test Organization RBAC updateSolution`() =
       mapOf(

solution/src/integrationTest/resources/application-solution-test.yml

@@ -55,23 +55,6 @@ csm:
       type: hashid
     event-publisher:
       type: in_process
-    images:
-      scenario-fetch-parameters: cosmo-tech/fetch-scenario-parameters
-      send-datawarehouse: cosmo-tech/azure-data-explorer-connector
-      scenario-data-upload: cosmo-tech/azure-storage-publish:latest
-    containers:
-      - name: "ADTTwingraphImport"
-        imageRegistry: "ghcr.io"
-        imageName: "cosmo-tech/adt-twincache-connector"
-        imageVersion: "0.3.0"
-      - name: "AzureStorageTwingraphImport"
-        imageRegistry: "ghcr.io"
-        imageName: "cosmo-tech/azstorage-twincache-connector"
-        imageVersion: "1.2.0"
-      - name: "TwincacheConnector"
-        imageRegistry: "ghcr.io"
-        imageName: "cosmo-tech/twincache-connector"
-        imageVersion: "0.4.1"
     upload:
       authorized-mime-types:
         workspaces:
@@ -83,6 +66,15 @@ csm:
           - text/plain
           - text/x-yaml
           - application/json
+        solutions:
+          - application/zip
+          - application/xml
+          - application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
+          - application/x-tika-ooxml
+          - text/csv
+          - text/plain
+          - text/x-yaml
+          - application/json
     authorization:
       tenant-id-jwt-claim: "iss"
       # Note that the way @Value works in Spring does not make it possible to inject this sole YAML list.

solution/src/main/kotlin/com/cosmotech/solution/SolutionApiServiceInterface.kt

@@ -20,6 +20,4 @@ interface SolutionApiServiceInterface : SolutionApiService {
       solutionId: String,
       runTemplateId: String
   ): Boolean
-
-  fun deleteAllS3SolutionObjects(organizationId: String, solution: Solution)
 }

solution/src/main/kotlin/com/cosmotech/solution/service/SolutionServiceImpl.kt

@@ -2,6 +2,7 @@
 // Licensed under the MIT license.
 package com.cosmotech.solution.service
 
+import com.amazonaws.SdkClientException
 import com.cosmotech.api.CsmPhoenixService
 import com.cosmotech.api.containerregistry.ContainerRegistryService
 import com.cosmotech.api.events.OrganizationUnregistered
@@ -44,6 +45,7 @@ import com.cosmotech.solution.domain.SolutionRole
 import com.cosmotech.solution.domain.SolutionSecurity
 import com.cosmotech.solution.domain.SolutionUpdateRequest
 import com.cosmotech.solution.repository.SolutionRepository
+import io.awspring.cloud.s3.S3Exception
 import io.awspring.cloud.s3.S3Template
 import java.time.Instant
 import kotlin.collections.mutableListOf
@@ -56,6 +58,7 @@ import org.springframework.data.domain.Pageable
 import org.springframework.scheduling.annotation.Async
 import org.springframework.stereotype.Service
 import org.springframework.web.multipart.MultipartFile
+import software.amazon.awssdk.awscore.exception.AwsServiceException
 import software.amazon.awssdk.services.s3.S3Client
 import software.amazon.awssdk.services.s3.model.ListObjectsV2Request
 
@@ -71,7 +74,7 @@ class SolutionServiceImpl(
     private val containerRegistryService: ContainerRegistryService,
     private val s3Client: S3Client,
     private val s3Template: S3Template,
-    private val resourceScanner: ResourceScanner,
+    private val resourceScanner: ResourceScanner
 ) : CsmPhoenixService(), SolutionApiServiceInterface {
 
   override fun listSolutions(organizationId: String, page: Int?, size: Int?): List<Solution> {
@@ -193,7 +196,7 @@ class SolutionServiceImpl(
   }
 
   override fun listSolutionFiles(organizationId: String, solutionId: String): List<SolutionFile> {
-    val solution = getSolution(organizationId, solutionId)
+    val solution = getVerifiedSolution(organizationId, solutionId)
 
     logger.debug("List all files for solution #{} ({})", solution.id, solution.name)
     return getSolutionFiles(organizationId, solutionId)
@@ -418,7 +421,7 @@ class SolutionServiceImpl(
         file.originalFilename,
         destination)
 
-    resourceScanner.scanMimeTypes(file, csmPlatformProperties.upload.authorizedMimeTypes.workspaces)
+    resourceScanner.scanMimeTypes(file, csmPlatformProperties.upload.authorizedMimeTypes.solutions)
     val fileRelativeDestinationBuilder = StringBuilder()
     if (destination.isNullOrBlank()) {
       fileRelativeDestinationBuilder.append(file.originalFilename)
@@ -433,9 +436,8 @@ class SolutionServiceImpl(
     val objectKey =
         "$organizationId/$solutionId/$SOLUTION_FILES_BASE_FOLDER/$fileRelativeDestinationBuilder"
 
-    if (!overwrite && s3Template.objectExists(csmPlatformProperties.s3.bucketName, objectKey)) {
-      throw IllegalArgumentException(
-          "File '$fileRelativeDestinationBuilder' already exists, not overwriting it")
+    require(overwrite || !s3Template.objectExists(csmPlatformProperties.s3.bucketName, objectKey)) {
+      "File '$fileRelativeDestinationBuilder' already exists, not overwriting it"
     }
 
     s3Template.upload(csmPlatformProperties.s3.bucketName, objectKey, file.inputStream)
@@ -705,7 +707,7 @@ class SolutionServiceImpl(
     return solution
   }
 
-  override fun deleteAllS3SolutionObjects(organizationId: String, solution: Solution) {
+  fun deleteAllS3SolutionObjects(organizationId: String, solution: Solution) {
     logger.debug("Deleting all files for solution #{} ({})", solution.id, solution.name)
     val solutionFiles = getSolutionFiles(organizationId, solution.id)
     if (solutionFiles.isEmpty()) {
@@ -720,10 +722,17 @@ class SolutionServiceImpl(
   private fun deleteS3SolutionObject(organizationId: String, solution: Solution, fileName: String) {
     logger.debug(
         "Deleting file resource from solution #{} ({}): {}", solution.id, solution.name, fileName)
-
-    s3Template.deleteObject(
-        csmPlatformProperties.s3.bucketName,
-        "$organizationId/${solution.id}/$SOLUTION_FILES_BASE_FOLDER/$fileName")
+    try {
+      s3Template.deleteObject(
+          csmPlatformProperties.s3.bucketName,
+          "$organizationId/${solution.id}/$SOLUTION_FILES_BASE_FOLDER/$fileName")
+    } catch (e: AwsServiceException) {
+      logger.error("Something wrong happened during $fileName deletion", e)
+    } catch (e: SdkClientException) {
+      logger.error("Something wrong happened during $fileName deletion", e)
+    } catch (e: S3Exception) {
+      logger.error("Something wrong happened during $fileName deletion", e)
+    }
   }
 
   private fun getSolutionFiles(organizationId: String, solutionId: String): List<SolutionFile> {

workspace/src/integrationTest/kotlin/com/cosmotech/workspace/service/WorkspaceServiceIntegrationTest.kt

@@ -233,10 +233,18 @@ class WorkspaceServiceIntegrationTest : CsmTestBase() {
     workspaceApiService.createWorkspaceFile(
         organizationSaved.id, workspaceSaved.id, multipartFile, true, null)
 
-    workspaceApiService.deleteAllS3WorkspaceObjects(organizationSaved.id, workspaceSaved)
-
-    assertEquals(
-        0, workspaceApiService.listWorkspaceFiles(organizationSaved.id, workspaceSaved.id).size)
+    workspaceApiService.deleteWorkspaceFiles(organizationSaved.id, workspaceSaved.id)
+
+    var numberOfTry = 0
+    var workspaceFilesIsEmpty: Boolean
+    do {
+      workspaceFilesIsEmpty =
+          workspaceApiService.listWorkspaceFiles(organizationSaved.id, workspaceSaved.id).isEmpty()
+      numberOfTry++
+      Thread.sleep(50)
+    } while (numberOfTry < 100 && !workspaceFilesIsEmpty)
+
+    assertTrue(workspaceFilesIsEmpty)
   }
 
   @Test

workspace/src/main/kotlin/com/cosmotech/workspace/WorkspaceApiServiceInterface.kt

@@ -13,6 +13,4 @@ interface WorkspaceApiServiceInterface : WorkspaceApiService {
       workspaceId: String,
       requiredPermission: String = PERMISSION_READ
   ): Workspace
-
-  fun deleteAllS3WorkspaceObjects(organizationId: String, workspace: Workspace)
 }

workspace/src/main/kotlin/com/cosmotech/workspace/service/WorkspaceServiceImpl.kt

@@ -2,6 +2,7 @@
 // Licensed under the MIT license.
 package com.cosmotech.workspace.service
 
+import com.amazonaws.SdkClientException
 import com.cosmotech.api.CsmPhoenixService
 import com.cosmotech.api.events.OrganizationUnregistered
 import com.cosmotech.api.events.WorkspaceDeleted
@@ -37,6 +38,7 @@ import com.cosmotech.workspace.domain.WorkspaceRole
 import com.cosmotech.workspace.domain.WorkspaceSecurity
 import com.cosmotech.workspace.domain.WorkspaceUpdateRequest
 import com.cosmotech.workspace.repository.WorkspaceRepository
+import io.awspring.cloud.s3.S3Exception
 import io.awspring.cloud.s3.S3Template
 import java.time.Instant
 import kotlinx.coroutines.CoroutineScope
@@ -50,6 +52,7 @@ import org.springframework.data.domain.Pageable
 import org.springframework.scheduling.annotation.Async
 import org.springframework.stereotype.Service
 import org.springframework.web.multipart.MultipartFile
+import software.amazon.awssdk.awscore.exception.AwsServiceException
 import software.amazon.awssdk.services.s3.S3Client
 import software.amazon.awssdk.services.s3.model.ListObjectsV2Request
 
@@ -350,13 +353,20 @@ internal class WorkspaceServiceImpl(
         workspace.id,
         workspace.name,
         fileName)
-
-    s3Template.deleteObject(
-        csmPlatformProperties.s3.bucketName,
-        "$organizationId/${workspace.id}/$WORKSPACE_FILES_BASE_FOLDER/$fileName")
+    try {
+      s3Template.deleteObject(
+          csmPlatformProperties.s3.bucketName,
+          "$organizationId/${workspace.id}/$WORKSPACE_FILES_BASE_FOLDER/$fileName")
+    } catch (e: AwsServiceException) {
+      logger.error("Something wrong happened during $fileName deletion", e)
+    } catch (e: SdkClientException) {
+      logger.error("Something wrong happened during $fileName deletion", e)
+    } catch (e: S3Exception) {
+      logger.error("Something wrong happened during $fileName deletion", e)
+    }
   }
 
-  override fun deleteAllS3WorkspaceObjects(organizationId: String, workspace: Workspace) {
+  fun deleteAllS3WorkspaceObjects(organizationId: String, workspace: Workspace) {
     logger.debug("Deleting all files for workspace #{} ({})", workspace.id, workspace.name)
     val workspaceFiles = getWorkspaceFiles(organizationId, workspace.id)
     if (workspaceFiles.isEmpty()) {