WIP

Author: artem-v

services-api/src/main/java/io/scalecube/services/Reflect.java

@@ -12,6 +12,7 @@
 import io.scalecube.services.annotations.ServiceMethod;
 import io.scalecube.services.annotations.Tag;
 import io.scalecube.services.api.ServiceMessage;
+import io.scalecube.services.auth.AllowedRoles;
 import io.scalecube.services.auth.Secured;
 import io.scalecube.services.methods.MethodInfo;
 import io.scalecube.services.methods.ServiceRoleDefinition;
@@ -400,7 +401,41 @@ public static boolean isSecured(Method method) {
    * @return {@link ServiceRoleDefinition} objects
    */
   public static Collection<ServiceRoleDefinition> serviceRoles(Method method) {
-    return null; // TODO ...
+    if (method.isAnnotationPresent(AllowedRoles.class)) {
+      final var allowedRolesAnnotation = method.getAnnotation(AllowedRoles.class);
+      final var allowedRoles = allowedRolesAnnotation.value();
+      return Arrays.stream(allowedRoles)
+          .map(
+              allowedRole ->
+                  new ServiceRoleDefinition(
+                      allowedRole.name(), new HashSet<>(Arrays.asList(allowedRole.permissions()))))
+          .collect(Collectors.toSet());
+    }
+
+    // If @AllowedRoles/@AllowedRole annotations is not present on service method, then find it on
+    // service class
+
+    Class<?> clazz = method.getDeclaringClass();
+
+    AllowedRoles allowedRolesAnnotation = null;
+    for (; clazz != null; clazz = clazz.getSuperclass()) {
+      allowedRolesAnnotation = clazz.getAnnotation(AllowedRoles.class);
+      if (allowedRolesAnnotation != null) {
+        break;
+      }
+    }
+
+    if (allowedRolesAnnotation != null) {
+      final var allowedRoles = allowedRolesAnnotation.value();
+      return Arrays.stream(allowedRoles)
+          .map(
+              allowedRole ->
+                  new ServiceRoleDefinition(
+                      allowedRole.name(), new HashSet<>(Arrays.asList(allowedRole.permissions()))))
+          .collect(Collectors.toSet());
+    }
+
+    return Set.of();
   }
 
   /**
@@ -410,7 +445,9 @@ public static Collection<ServiceRoleDefinition> serviceRoles(Method method) {
    * @return service role names
    */
   public static Collection<String> allowedRoles(Method method) {
-    return null; // TODO ...
+    return serviceRoles(method).stream()
+        .map(ServiceRoleDefinition::role)
+        .collect(Collectors.toSet());
   }
 
   /**

services-api/src/test/java/io/scalecube/services/methods/ReflectTest.java

@@ -3,15 +3,23 @@
 import static io.scalecube.services.CommunicationMode.REQUEST_CHANNEL;
 import static io.scalecube.services.CommunicationMode.REQUEST_RESPONSE;
 import static io.scalecube.services.CommunicationMode.REQUEST_STREAM;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.hasItem;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
 
 import io.scalecube.services.CommunicationMode;
 import io.scalecube.services.Reflect;
 import io.scalecube.services.annotations.Service;
+import io.scalecube.services.annotations.ServiceMethod;
 import io.scalecube.services.api.ServiceMessage;
+import io.scalecube.services.auth.AllowedRole;
+import io.scalecube.services.auth.AllowedRoles;
 import java.lang.reflect.Method;
 import java.util.Arrays;
+import java.util.List;
+import java.util.Set;
 import java.util.stream.Stream;
-import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.Arguments;
@@ -26,14 +34,14 @@ public class ReflectTest {
   public void testCommunicationMode(String methodName, CommunicationMode expectedMode) {
     // Given:
     Method m =
-        Arrays.stream(TestService.class.getMethods())
+        Arrays.stream(JustService.class.getMethods())
             .filter(meth -> meth.getName().equals(methodName))
             .findFirst()
             .get();
     // When:
     CommunicationMode communicationMode = Reflect.communicationMode(m);
     // Then:
-    Assertions.assertEquals(expectedMode, communicationMode, "Invalid communicationMode");
+    assertEquals(expectedMode, communicationMode, "Invalid communicationMode");
   }
 
   private static Stream<Arguments> argsCommunicationModeProvider() {
@@ -55,14 +63,14 @@ private static Stream<Arguments> argsCommunicationModeProvider() {
   public void testIsRequestTypeServiceMessage(String methodName, boolean expect) {
     // Given:
     Method method =
-        Arrays.stream(ReflectTest.TestService.class.getMethods())
+        Arrays.stream(JustService.class.getMethods())
             .filter(meth -> meth.getName().equals(methodName))
             .findFirst()
             .get();
     // When:
     boolean actual = Reflect.isRequestTypeServiceMessage(method);
     // Then:
-    Assertions.assertEquals(
+    assertEquals(
         expect,
         actual,
         String.format("isRequestTypeServiceMessage(%s) should be %b", methodName, expect));
@@ -88,11 +96,61 @@ public void testSubServiceInterfaces() {
     // When:
     Stream<Class<?>> interfaces = Reflect.serviceInterfaces(new SubServiceImpl());
     // Then:
-    Assertions.assertEquals(
+    assertEquals(
         1, interfaces.count(), "serviceInterfaces(..) should detect interfaces in SubServiceImpl");
   }
 
-  private interface TestService {
+  @ParameterizedTest(name = "[{index}] {0}")
+  @MethodSource("testServiceRolesMethodSource")
+  public void testServiceRoles(String test, SuccessArgs args) throws Exception {
+    final var method = args.serviceInstance.getClass().getMethod("hello");
+    final var serviceRoles = Reflect.serviceRoles(method);
+    assertNotNull(serviceRoles, "serviceRoles");
+    assertEquals(args.list.size(), serviceRoles.size(), "serviceRoles.size");
+    for (var expectedServiceRole : args.list) {
+      assertThat(serviceRoles, hasItem(expectedServiceRole));
+    }
+  }
+
+  private record SuccessArgs(Object serviceInstance, List<ServiceRoleDefinition> list) {}
+
+  private static Stream<Arguments> testServiceRolesMethodSource() {
+    return Stream.of(
+        Arguments.of(
+            "@AllowedRoles declared on class",
+            new SuccessArgs(
+                new ServiceRoleService1Impl(),
+                List.of(
+                    new ServiceRoleDefinition("user", Set.of("read", "write")),
+                    new ServiceRoleDefinition("admin", Set.of("*"))))),
+        Arguments.of(
+            "Repeatable @AllowedRole declared on class",
+            new SuccessArgs(
+                new ServiceRoleService2Impl(),
+                List.of(
+                    new ServiceRoleDefinition("user", Set.of("read", "write")),
+                    new ServiceRoleDefinition("admin", Set.of("*"))))),
+        Arguments.of(
+            "@AllowedRoles declared on method",
+            new SuccessArgs(
+                new ServiceRoleService3Impl(),
+                List.of(
+                    new ServiceRoleDefinition("user", Set.of("read", "write")),
+                    new ServiceRoleDefinition("admin", Set.of("*"))))),
+        Arguments.of(
+            "Repeatable @AllowedRole declared on method",
+            new SuccessArgs(
+                new ServiceRoleService4Impl(),
+                List.of(
+                    new ServiceRoleDefinition("user", Set.of("read", "write")),
+                    new ServiceRoleDefinition("admin", Set.of("*"))))),
+        Arguments.of(
+            "No @AllowedRoles/@AllowedRole annotations declared anywhere",
+            new SuccessArgs(new ServiceRoleService5Impl(), List.of())));
+  }
+
+  private interface JustService {
+
     void fireAndForget(Integer i);
 
     Mono<Void> emptyResponse(Integer i);
@@ -129,4 +187,109 @@ public String name() {
   }
 
   private static class SubServiceImpl extends ServiceImpl {}
+
+  @Service
+  private interface ServiceRoleService1 {
+
+    @ServiceMethod
+    Mono<Void> hello();
+  }
+
+  @AllowedRoles(
+      value = {
+        @AllowedRole(
+            name = "user",
+            permissions = {"read", "write"}),
+        @AllowedRole(
+            name = "admin",
+            permissions = {"*"})
+      })
+  public static class ServiceRoleService1Impl implements ServiceRoleService1 {
+
+    @Override
+    public Mono<Void> hello() {
+      return null;
+    }
+  }
+
+  @Service
+  private interface ServiceRoleService2 {
+
+    @ServiceMethod
+    Mono<Void> hello();
+  }
+
+  @AllowedRole(
+      name = "user",
+      permissions = {"read", "write"})
+  @AllowedRole(
+      name = "admin",
+      permissions = {"*"})
+  public static class ServiceRoleService2Impl implements ServiceRoleService2 {
+
+    @Override
+    public Mono<Void> hello() {
+      return null;
+    }
+  }
+
+  @Service
+  private interface ServiceRoleService3 {
+
+    @ServiceMethod
+    Mono<Void> hello();
+  }
+
+  public static class ServiceRoleService3Impl implements ServiceRoleService3 {
+
+    @AllowedRoles(
+        value = {
+          @AllowedRole(
+              name = "user",
+              permissions = {"read", "write"}),
+          @AllowedRole(
+              name = "admin",
+              permissions = {"*"})
+        })
+    @Override
+    public Mono<Void> hello() {
+      return null;
+    }
+  }
+
+  @Service
+  private interface ServiceRoleService4 {
+
+    @ServiceMethod
+    Mono<Void> hello();
+  }
+
+  public static class ServiceRoleService4Impl implements ServiceRoleService4 {
+
+    @AllowedRole(
+        name = "user",
+        permissions = {"read", "write"})
+    @AllowedRole(
+        name = "admin",
+        permissions = {"*"})
+    @Override
+    public Mono<Void> hello() {
+      return null;
+    }
+  }
+
+  @Service
+  private interface ServiceRoleService5 {
+
+    @ServiceMethod
+    Mono<Void> hello();
+  }
+
+  public static class ServiceRoleService5Impl implements ServiceRoleService5 {
+
+    @Override
+    public Mono<Void> hello() {
+      return null;
+    }
+  }
 }