Merge branch 'main' into aul-UID2-5549-ui-refactor

# Conflicts:
#	pom.xml
#	webroot/adm/salt.html
#	webroot/adm/service.html
#	webroot/js/participantSummary.js

Author: aulme

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>com.uid2</groupId>
     <artifactId>uid2-admin</artifactId>
-    <version>6.3.1-alpha-187-SNAPSHOT</version>
+    <version>6.5.7</version>
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -16,7 +16,7 @@
         <!-- check micrometer.version vertx-micrometer-metrics consumes before bumping up -->
         <micrometer.version>1.12.2</micrometer.version>
         <junit-jupiter.version>5.11.2</junit-jupiter.version>
-        <uid2-shared.version>10.1.0</uid2-shared.version>
+        <uid2-shared.version>10.3.0</uid2-shared.version>
         <okta-jwt.version>0.5.10</okta-jwt.version>
         <image.version>${project.version}</image.version>
     </properties>

src/main/java/com/uid2/admin/vertx/Endpoints.java

@@ -67,8 +67,8 @@ public enum Endpoints {
     API_PRIVATE_SITES_REFRESH_NOW("/api/private-sites/refreshNow"),
 
     API_SALT_SNAPSHOTS("/api/salt/snapshots"),
+    API_SALT_REBUILD("/api/salt/rebuild"),
     API_SALT_ROTATE("/api/salt/rotate"),
-    API_SALT_ROTATE_ZERO("/api/salt/rotate-zero"),
 
     API_SEARCH("/api/search"),
 
@@ -82,6 +82,7 @@ public enum Endpoints {
     API_SERVICE_ADD("/api/service/add"),
     API_SERVICE_UPDATE("/api/service/update"),
     API_SERVICE_DELETE("/api/service/delete"),
+    API_SERVICE_REMOVE_LINK_ID_REGEX("/api/service/remove-link-id-regex"),
 
     API_SHARING_LISTS("/api/sharing/lists"),
     API_SHARING_LIST_SITEID("/api/sharing/list/:siteId"),

src/main/java/com/uid2/admin/vertx/service/SaltService.java

@@ -54,23 +54,23 @@ public void setupRoutes(Router router) {
         router.get(API_SALT_SNAPSHOTS.toString()).handler(
                 auth.handle(this::handleSaltSnapshots, Role.MAINTAINER));
 
-        router.post(API_SALT_ROTATE.toString()).blockingHandler(auth.handle((ctx) -> {
+        router.post(API_SALT_REBUILD.toString()).blockingHandler(auth.handle(ctx -> {
             synchronized (writeLock) {
-                this.handleSaltRotate(ctx);
+                this.handleSaltRebuild(ctx);
             }
-        }, new AuditParams(List.of("fraction", "min_ages_in_seconds", "target_date"), Collections.emptyList()), Role.SUPER_USER, Role.SECRET_ROTATION));
+        }, new AuditParams(List.of(), Collections.emptyList()), Role.MAINTAINER));
 
-        router.post(API_SALT_ROTATE_ZERO.toString()).blockingHandler(auth.handle((ctx) -> {
+        router.post(API_SALT_ROTATE.toString()).blockingHandler(auth.handle((ctx) -> {
             synchronized (writeLock) {
-                this.handleSaltRotateZero(ctx);
+                this.handleSaltRotate(ctx);
             }
-        }, new AuditParams(List.of(), Collections.emptyList()), Role.MAINTAINER));
+        }, new AuditParams(List.of("fraction", "min_ages_in_seconds", "target_date"), Collections.emptyList()), Role.SUPER_USER, Role.SECRET_ROTATION));
     }
 
     private void handleSaltSnapshots(RoutingContext rc) {
         try {
             final JsonArray ja = new JsonArray();
-            this.saltProvider.getSnapshots().stream()
+            saltProvider.getSnapshots().stream()
                     .forEachOrdered(s -> ja.add(toJson(s)));
 
             rc.response()
@@ -82,30 +82,21 @@ private void handleSaltSnapshots(RoutingContext rc) {
         }
     }
 
-    private void handleSaltRotate(RoutingContext rc) {
+    private void handleSaltRebuild(RoutingContext rc) {
         try {
-            final Optional<Double> fraction = RequestUtil.getDouble(rc, "fraction");
-            if (fraction.isEmpty()) return;
-            final Duration[] minAges = RequestUtil.getDurations(rc, "min_ages_in_seconds");
-            if (minAges == null) return;
-
-
-            final TargetDate targetDate =
-                    RequestUtil.getDate(rc, "target_date", DateTimeFormatter.ISO_LOCAL_DATE)
-                            .map(TargetDate::new)
-                            .orElse(TargetDate.now().plusDays(1))
-            ;
+            Instant now = Instant.now();
 
             // force refresh
-            this.saltProvider.loadContent();
+            saltProvider.loadContent();
 
             // mark all the referenced files as ready to archive
             storageManager.archiveSaltLocations();
 
-            final List<RotatingSaltProvider.SaltSnapshot> snapshots = this.saltProvider.getSnapshots();
-            final RotatingSaltProvider.SaltSnapshot lastSnapshot = snapshots.getLast();
+            // Unlike in regular salt rotation, this should be based on the currently effective snapshot.
+            // The latest snapshot may be in the future, and we may have changes that shouldn't be activated yet.
+            var effectiveSnapshot = saltProvider.getSnapshot(now);
 
-            final SaltRotation.Result result = saltRotation.rotateSalts(lastSnapshot, minAges, fraction.get(), targetDate);
+            var result = saltRotation.rotateSaltsZero(effectiveSnapshot, TargetDate.now(), now);
             if (!result.hasSnapshot()) {
                 ResponseUtil.error(rc, 200, result.getReason());
                 return;
@@ -122,21 +113,28 @@ private void handleSaltRotate(RoutingContext rc) {
         }
     }
 
-    private void handleSaltRotateZero(RoutingContext rc) {
+    private void handleSaltRotate(RoutingContext rc) {
         try {
-            Instant now = Instant.now();
+            final Optional<Double> fraction = RequestUtil.getDouble(rc, "fraction");
+            if (fraction.isEmpty()) return;
+            final Duration[] minAges = RequestUtil.getDurations(rc, "min_ages_in_seconds");
+            if (minAges == null) return;
 
-            // force refresh
-            this.saltProvider.loadContent();
+            final TargetDate targetDate =
+                    RequestUtil.getDate(rc, "target_date", DateTimeFormatter.ISO_LOCAL_DATE)
+                            .map(TargetDate::new)
+                            .orElse(TargetDate.now().plusDays(1));
 
-            // mark all the referenced files as ready to archive
+            // Force refresh
+            saltProvider.loadContent();
+
+            // Mark all the referenced files as ready to archive
             storageManager.archiveSaltLocations();
 
-            // Unlike in regular salt rotation, this should be based on the currently effective snapshot.
-            // The latest snapshot may be in the future, and we may have changes that shouldn't be activated yet.
-            var effectiveSnapshot = this.saltProvider.getSnapshot(now);
+            final List<RotatingSaltProvider.SaltSnapshot> snapshots = saltProvider.getSnapshots();
+            final RotatingSaltProvider.SaltSnapshot lastSnapshot = snapshots.getLast();
 
-            var result = saltRotation.rotateSaltsZero(effectiveSnapshot, TargetDate.now(), now);
+            final SaltRotation.Result result = saltRotation.rotateSalts(lastSnapshot, minAges, fraction.get(), targetDate);
             if (!result.hasSnapshot()) {
                 ResponseUtil.error(rc, 200, result.getReason());
                 return;

src/main/java/com/uid2/admin/vertx/service/ServiceLinkService.java

@@ -19,6 +19,7 @@
 import org.slf4j.LoggerFactory;
 
 import java.util.*;
+import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 
 import static com.uid2.admin.vertx.Endpoints.*;
@@ -118,6 +119,12 @@ private void handleServiceLinkAdd(RoutingContext rc) {
                 return;
             }
 
+            String linkIdRegex = serviceProvider.getService(serviceId).getLinkIdRegex();
+            if (!isValidLinkId(linkId, linkIdRegex)) {
+                ResponseUtil.error(rc, 400, "link_id " + linkId + " does not match service_id " + serviceId + " link_id_regex: " + linkIdRegex);
+                return;
+            }
+
             Set<Role> serviceRoles = serviceProvider.getService(serviceId).getRoles();
             final Set<Role> roles;
             try {
@@ -270,4 +277,11 @@ private Set<Role> validateRoles(JsonArray rolesToValidate, Set<Role> serviceRole
         }
         return roles;
     }
+
+    private boolean isValidLinkId(String linkId, String serviceRegex) {
+        if (serviceRegex == null) {
+            return true;
+        }
+        return Pattern.matches(serviceRegex, linkId);
+    }
 }