demos: Creating demo for Multi-ACL Account (#611)

Demo for Multi-ACL Account

Author: raphaeldelio

demos/roms-multi-acl-account/README.md

@@ -0,0 +1,32 @@
+# 🔐 Multi-ACL Account Demo (Redis OM Spring)
+
+This demo illustrates how to use **Redis ACLs** in a Spring Boot application with **Redis OM Spring** to separate read and write responsibilities across different Redis users.
+
+## 🧪 What It Tests
+
+- `userA` can **read and write** data.
+- `userB` can **only read**.
+- Attempts by `userB` to write throw a `NOPERM` error.
+
+## 🔧 Redis ACL Configuration (Testcontainers)
+
+```conf
+user default off on >redispass allcommands allkeys
+
+user userA on >passwordA +@all allkeys
+user userB on >passwordB +@read +ping +ft.create allkeys
+```
+
+## 🐳 Running the Demo
+
+This demo uses Testcontainers with Redis Open Source 8 and a custom ACL config. No external Redis setup is required.
+
+To run the integration test:
+
+./gradlew :demos:roms-multi-acl-account:test
+
+
+## Notes
+- Each Redis user is wired with a distinct JedisConnectionFactory, RedisModulesClient, and CustomRedisKeyValueTemplate.
+- Read and write repositories are configured using @EnableRedisDocumentRepositories pointing to the appropriate templates.
+- RedisSearch indexes must be created using a user with +ft.create permission.

demos/roms-multi-acl-account/build.gradle

@@ -0,0 +1,57 @@
+plugins {
+	id 'java'
+	id 'org.springframework.boot'
+	id 'io.spring.dependency-management'
+}
+
+java {
+	toolchain {
+		languageVersion = JavaLanguageVersion.of(21)
+	}
+}
+
+// Don't publish this module
+tasks.matching { it.name.startsWith('publish') }.configureEach {
+	enabled = false
+}
+
+repositories {
+	mavenLocal()
+	mavenCentral()
+	maven {
+		name = 'Spring Milestones'
+		url = 'https://repo.spring.io/milestone'
+	}
+	maven {
+		name = 'Spring Snapshots'
+		url = 'https://repo.spring.io/snapshot'
+	}
+}
+
+dependencies {
+	implementation project(':redis-om-spring')
+
+	// Important for RedisOM annotation processing!
+	annotationProcessor project(':redis-om-spring')
+	testAnnotationProcessor project(':redis-om-spring')
+
+	// Lombok
+	compileOnly 'org.projectlombok:lombok'
+	annotationProcessor 'org.projectlombok:lombok'
+	testCompileOnly 'org.projectlombok:lombok'
+	testAnnotationProcessor 'org.projectlombok:lombok'
+
+	// Test dependencies
+	testImplementation 'org.springframework.boot:spring-boot-starter-test'
+	testImplementation "com.redis:testcontainers-redis:${testcontainersRedisVersion}"
+	testImplementation "org.testcontainers:junit-jupiter"
+}
+
+// Use -parameters flag for Spring
+tasks.withType(JavaCompile).configureEach {
+	options.compilerArgs << '-parameters'
+}
+
+test {
+	useJUnitPlatform()
+}

demos/roms-multi-acl-account/src/main/java/com/redis/romsmultiaclaccount/RomsMultiAclAccountApplication.java

@@ -0,0 +1,13 @@
+package com.redis.romsmultiaclaccount;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class RomsMultiAclAccountApplication {
+
+  public static void main(String[] args) {
+    SpringApplication.run(RomsMultiAclAccountApplication.class, args);
+  }
+
+}

demos/roms-multi-acl-account/src/main/java/com/redis/romsmultiaclaccount/config/ReadRepoConfig.java

@@ -0,0 +1,13 @@
+package com.redis.romsmultiaclaccount.config;
+
+import org.springframework.context.annotation.Configuration;
+
+import com.redis.om.spring.annotations.EnableRedisDocumentRepositories;
+
+@Configuration
+@EnableRedisDocumentRepositories(
+    basePackages = { "com.redis.romsmultiaclaccount.repository.read", "com.redis.romsmultiaclaccount.model" },
+    keyValueTemplateRef = "readKeyValueTemplate", redisTemplateRef = "readRedisOperations"
+)
+class ReadRepoConfig {
+}

demos/roms-multi-acl-account/src/main/java/com/redis/romsmultiaclaccount/config/RedisConnectionFactoryConfig.java

@@ -0,0 +1,203 @@
+package com.redis.romsmultiaclaccount.config;
+
+import java.time.Duration;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnThreading;
+import org.springframework.boot.autoconfigure.data.redis.RedisProperties;
+import org.springframework.boot.autoconfigure.thread.Threading;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.core.task.SimpleAsyncTaskExecutor;
+import org.springframework.data.redis.connection.RedisStandaloneConfiguration;
+import org.springframework.data.redis.connection.jedis.JedisClientConfiguration;
+import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
+import org.springframework.data.redis.core.RedisOperations;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.data.redis.core.mapping.RedisMappingContext;
+import org.springframework.lang.Nullable;
+
+import com.google.gson.GsonBuilder;
+import com.redis.om.spring.CustomRedisKeyValueTemplate;
+import com.redis.om.spring.RedisJSONKeyValueAdapter;
+import com.redis.om.spring.RedisOMProperties;
+import com.redis.om.spring.client.RedisModulesClient;
+import com.redis.om.spring.indexing.RediSearchIndexer;
+import com.redis.om.spring.ops.RedisModulesOperations;
+import com.redis.om.spring.vectorize.Embedder;
+
+@Configuration
+@EnableConfigurationProperties(
+  { RedisProperties.class }
+)
+public class RedisConnectionFactoryConfig {
+
+  private static final Log logger = LogFactory.getLog(RedisConnectionFactoryConfig.class);
+
+  private final RedisProperties redisProperties;
+
+  public RedisConnectionFactoryConfig(RedisProperties redisProperties) {
+    this.redisProperties = redisProperties;
+  }
+
+  @Bean(
+      name = "writeJedisConnectionFactory"
+  )
+  @ConditionalOnThreading(
+    Threading.PLATFORM
+  )
+  public JedisConnectionFactory writeJedisConnectionFactory() {
+    return createJedisConnectionFactory("userA", "passwordA");
+  }
+
+  @Bean(
+      name = "writeJedisConnectionFactoryVirtual"
+  )
+  @ConditionalOnThreading(
+    Threading.VIRTUAL
+  )
+  public JedisConnectionFactory writeJedisConnectionFactoryVirtual() {
+    JedisConnectionFactory factory = createJedisConnectionFactory("userA", "passwordA");
+    SimpleAsyncTaskExecutor executor = new SimpleAsyncTaskExecutor("redis-write-");
+    executor.setVirtualThreads(true);
+    factory.setExecutor(executor);
+    return factory;
+  }
+
+  @Primary
+  @Bean(
+      name = "readJedisConnectionFactory"
+  )
+  public JedisConnectionFactory readJedisConnectionFactory() {
+    return createJedisConnectionFactory("userB", "passwordB");
+  }
+
+  private JedisConnectionFactory createJedisConnectionFactory(String username, String password) {
+    RedisStandaloneConfiguration config = new RedisStandaloneConfiguration(redisProperties.getHost(), redisProperties
+        .getPort());
+    config.setDatabase(redisProperties.getDatabase());
+    config.setUsername(username);
+    config.setPassword(password);
+
+    JedisClientConfiguration clientConfig = JedisClientConfiguration.builder().connectTimeout(Duration.ofMillis(
+        redisProperties.getTimeout().toMillis())).build();
+
+    return new JedisConnectionFactory(config, clientConfig);
+  }
+
+  @Bean(
+      name = "writeRedisModulesClient"
+  )
+  public RedisModulesClient writeRedisModulesClient(@Qualifier(
+    "writeJedisConnectionFactory"
+  ) JedisConnectionFactory factory, @Qualifier(
+    "omGsonBuilder"
+  ) GsonBuilder builder) {
+    return new RedisModulesClient(factory, builder);
+  }
+
+  @Bean(
+      name = "readRedisModulesClient"
+  )
+  public RedisModulesClient readRedisModulesClient(@Qualifier(
+    "readJedisConnectionFactory"
+  ) JedisConnectionFactory factory, @Qualifier(
+    "omGsonBuilder"
+  ) GsonBuilder builder) {
+    return new RedisModulesClient(factory, builder);
+  }
+
+  @Bean(
+      name = "writeRedisModulesOperations"
+  )
+  public RedisModulesOperations<?> writeRedisModulesOperations(@Qualifier(
+    "writeRedisModulesClient"
+  ) RedisModulesClient client, @Qualifier(
+    "writeJedisConnectionFactory"
+  ) JedisConnectionFactory factory, @Qualifier(
+    "omGsonBuilder"
+  ) GsonBuilder builder) {
+    return new RedisModulesOperations<>(client, new StringRedisTemplate(factory), builder);
+  }
+
+  @Bean(
+      name = "readRedisModulesOperations"
+  )
+  public RedisModulesOperations<?> readRedisModulesOperations(@Qualifier(
+    "readRedisModulesClient"
+  ) RedisModulesClient client, @Qualifier(
+    "readJedisConnectionFactory"
+  ) JedisConnectionFactory factory, @Qualifier(
+    "omGsonBuilder"
+  ) GsonBuilder builder) {
+    return new RedisModulesOperations<>(client, new StringRedisTemplate(factory), builder);
+  }
+
+  @Bean(
+      name = "writeRedisOperations"
+  )
+  public RedisOperations<String, String> writeRedisOperations(@Qualifier(
+    "writeJedisConnectionFactory"
+  ) JedisConnectionFactory factory) {
+    return new StringRedisTemplate(factory);
+  }
+
+  @Bean(
+      name = "readRedisOperations"
+  )
+  public RedisOperations<String, String> readRedisOperations(@Qualifier(
+    "readJedisConnectionFactory"
+  ) JedisConnectionFactory factory) {
+    return new StringRedisTemplate(factory);
+  }
+
+  @Bean(
+      name = "writeKeyValueTemplate"
+  )
+  public CustomRedisKeyValueTemplate getWriteRedisJSONKeyValueTemplate(@Qualifier(
+    "writeRedisOperations"
+  ) RedisOperations<?, ?> redisOps, @Qualifier(
+    "writeRedisModulesOperations"
+  ) RedisModulesOperations<?> redisModulesOperations, @Qualifier(
+    "redisEnhancedMappingContext"
+  ) RedisMappingContext mappingContext, RediSearchIndexer indexer, @Qualifier(
+    "omGsonBuilder"
+  ) GsonBuilder gsonBuilder, RedisOMProperties properties, @Nullable @Qualifier(
+    "featureExtractor"
+  ) Embedder embedder) {
+    return new CustomRedisKeyValueTemplate(new RedisJSONKeyValueAdapter(redisOps, redisModulesOperations,
+        mappingContext, indexer, gsonBuilder, embedder, properties), mappingContext);
+  }
+
+  @Bean(
+      name = "readKeyValueTemplate"
+  )
+  public CustomRedisKeyValueTemplate getReadRedisJSONKeyValueTemplate(@Qualifier(
+    "readRedisOperations"
+  ) RedisOperations<?, ?> redisOps, @Qualifier(
+    "readRedisModulesOperations"
+  ) RedisModulesOperations<?> redisModulesOperations, @Qualifier(
+    "redisEnhancedMappingContext"
+  ) RedisMappingContext mappingContext, RediSearchIndexer indexer, @Qualifier(
+    "omGsonBuilder"
+  ) GsonBuilder gsonBuilder, RedisOMProperties properties, @Nullable @Qualifier(
+    "featureExtractor"
+  ) Embedder embedder) {
+    return new CustomRedisKeyValueTemplate(new RedisJSONKeyValueAdapter(redisOps, redisModulesOperations,
+        mappingContext, indexer, gsonBuilder, embedder, properties), mappingContext);
+  }
+
+  @Primary
+  @Bean(
+      name = "redisModulesOperations"
+  )
+  public RedisModulesOperations<?> redisModulesOperationsAlias(@Qualifier(
+    "readRedisModulesOperations"
+  ) RedisModulesOperations<?> readOps) {
+    return readOps;
+  }
+}

demos/roms-multi-acl-account/src/main/java/com/redis/romsmultiaclaccount/config/WriteRepoConfig.java

@@ -0,0 +1,13 @@
+package com.redis.romsmultiaclaccount.config;
+
+import org.springframework.context.annotation.Configuration;
+
+import com.redis.om.spring.annotations.EnableRedisDocumentRepositories;
+
+@Configuration
+@EnableRedisDocumentRepositories(
+    basePackages = { "com.redis.romsmultiaclaccount.repository.write", "com.redis.romsmultiaclaccount.model" },
+    keyValueTemplateRef = "writeKeyValueTemplate", redisTemplateRef = "writeRedisOperations"
+)
+class WriteRepoConfig {
+}

demos/roms-multi-acl-account/src/main/java/com/redis/romsmultiaclaccount/model/Customer.java

@@ -0,0 +1,56 @@
+package com.redis.romsmultiaclaccount.model;
+
+import org.springframework.data.annotation.Id;
+
+import com.redis.om.spring.annotations.Document;
+import com.redis.om.spring.annotations.Searchable;
+
+@Document
+public class Customer {
+  @Id
+  private String id;
+
+  @Searchable
+  private String name;
+
+  @Searchable
+  private String email;
+
+  public Customer() {
+  }
+
+  public Customer(String id, String name, String email) {
+    this.id = id;
+    this.name = name;
+    this.email = email;
+  }
+
+  public Customer(String name, String email) {
+    this.name = name;
+    this.email = email;
+  }
+
+  public String getId() {
+    return id;
+  }
+
+  public void setId(String id) {
+    this.id = id;
+  }
+
+  public String getName() {
+    return name;
+  }
+
+  public void setName(String name) {
+    this.name = name;
+  }
+
+  public String getEmail() {
+    return email;
+  }
+
+  public void setEmail(String email) {
+    this.email = email;
+  }
+}