Added ServiceRolesProcessor

Author: artem-v

services-api/src/main/java/io/scalecube/services/Reflect.java

@@ -12,6 +12,7 @@
 import io.scalecube.services.annotations.ServiceMethod;
 import io.scalecube.services.annotations.Tag;
 import io.scalecube.services.api.ServiceMessage;
+import io.scalecube.services.auth.AllowedRole;
 import io.scalecube.services.auth.AllowedRoles;
 import io.scalecube.services.auth.Secured;
 import io.scalecube.services.methods.MethodInfo;
@@ -401,41 +402,39 @@ public static boolean isSecured(Method method) {
    * @return {@link ServiceRoleDefinition} objects
    */
   public static Collection<ServiceRoleDefinition> serviceRoles(Method method) {
+    AllowedRole[] allowedRoles = null;
+
     if (method.isAnnotationPresent(AllowedRoles.class)) {
-      final var allowedRolesAnnotation = method.getAnnotation(AllowedRoles.class);
-      final var allowedRoles = allowedRolesAnnotation.value();
-      return Arrays.stream(allowedRoles)
-          .map(
-              allowedRole ->
-                  new ServiceRoleDefinition(
-                      allowedRole.name(), new HashSet<>(Arrays.asList(allowedRole.permissions()))))
-          .collect(Collectors.toSet());
+      allowedRoles = method.getAnnotation(AllowedRoles.class).value();
+    } else if (method.isAnnotationPresent(AllowedRole.class)) {
+      allowedRoles = method.getAnnotationsByType(AllowedRole.class);
     }
 
-    // If @AllowedRoles/@AllowedRole annotations is not present on service method, then find it on
-    // service class
-
-    Class<?> clazz = method.getDeclaringClass();
+    // If @AllowedRoles/@AllowedRole annotations are not present on service method, then find them
+    // on service class
 
-    AllowedRoles allowedRolesAnnotation = null;
-    for (; clazz != null; clazz = clazz.getSuperclass()) {
-      allowedRolesAnnotation = clazz.getAnnotation(AllowedRoles.class);
-      if (allowedRolesAnnotation != null) {
-        break;
+    if (allowedRoles == null) {
+      for (var clazz = method.getDeclaringClass(); clazz != null; clazz = clazz.getSuperclass()) {
+        if (clazz.isAnnotationPresent(AllowedRoles.class)) {
+          allowedRoles = clazz.getAnnotation(AllowedRoles.class).value();
+          break;
+        }
+        if (clazz.isAnnotationPresent(AllowedRole.class)) {
+          allowedRoles = clazz.getAnnotationsByType(AllowedRole.class);
+          break;
+        }
       }
     }
 
-    if (allowedRolesAnnotation != null) {
-      final var allowedRoles = allowedRolesAnnotation.value();
-      return Arrays.stream(allowedRoles)
-          .map(
-              allowedRole ->
-                  new ServiceRoleDefinition(
-                      allowedRole.name(), new HashSet<>(Arrays.asList(allowedRole.permissions()))))
-          .collect(Collectors.toSet());
-    }
-
-    return Set.of();
+    return allowedRoles != null
+        ? Arrays.stream(allowedRoles)
+            .map(
+                allowedRole ->
+                    new ServiceRoleDefinition(
+                        allowedRole.name(),
+                        new HashSet<>(Arrays.asList(allowedRole.permissions()))))
+            .collect(Collectors.toSet())
+        : Set.of();
   }
 
   /**

services-api/src/main/java/io/scalecube/services/auth/ServiceRolesProcessor.java

@@ -0,0 +1,9 @@
+package io.scalecube.services.auth;
+
+import io.scalecube.services.methods.ServiceRoleDefinition;
+import java.util.Collection;
+
+public interface ServiceRolesProcessor {
+
+  void process(Collection<ServiceRoleDefinition> serviceRoles);
+}

services/src/main/java/io/scalecube/services/Microservices.java

@@ -3,6 +3,7 @@
 import static reactor.core.publisher.Sinks.EmitFailureHandler.busyLooping;
 
 import io.scalecube.services.auth.Authenticator;
+import io.scalecube.services.auth.ServiceRolesProcessor;
 import io.scalecube.services.discovery.api.ServiceDiscovery;
 import io.scalecube.services.discovery.api.ServiceDiscoveryEvent;
 import io.scalecube.services.discovery.api.ServiceDiscoveryFactory;
@@ -262,8 +263,10 @@ private void doInject() {
   }
 
   private void processServiceRoles() {
-    final var serviceRoles = ServiceScanner.collectServiceRoles(serviceInstances);
-    // TODO: take abstract "service roles processor" from context, and invoke "processing"
+    final var serviceRolesProcessor = context.serviceRolesProcessor;
+    if (serviceRolesProcessor != null) {
+      serviceRolesProcessor.process(ServiceScanner.collectServiceRoles(serviceInstances));
+    }
   }
 
   private void startListen() {
@@ -512,8 +515,8 @@ public static final class Context {
     private ServiceDiscoveryFactory discoveryFactory;
     private Supplier<ServiceTransport> transportSupplier;
     private final List<Supplier<Gateway>> gatewaySuppliers = new ArrayList<>();
-    private final Map<String, Supplier<Scheduler>> schedulerSuppliers = new HashMap<>();
     private final Map<String, Scheduler> schedulers = new ConcurrentHashMap<>();
+    private ServiceRolesProcessor serviceRolesProcessor;
 
     public Context() {}
 
@@ -715,7 +718,18 @@ public Context defaultLogger(Logger logger) {
      * @return this
      */
     public Context scheduler(String name, Supplier<Scheduler> supplier) {
-      schedulerSuppliers.put(name, supplier);
+      schedulers.put(name, supplier.get());
+      return this;
+    }
+
+    /**
+     * Setter for {@link ServiceRolesProcessor}.
+     *
+     * @param serviceRolesProcessor serviceRolesProcessor
+     * @return this
+     */
+    public Context serviceRolesProcessor(ServiceRolesProcessor serviceRolesProcessor) {
+      this.serviceRolesProcessor = serviceRolesProcessor;
       return this;
     }
 
@@ -746,7 +760,6 @@ private Context conclude() {
       schedulers.put("single", Schedulers.single());
       schedulers.put("boundedElastic", Schedulers.boundedElastic());
       schedulers.put("immediate", Schedulers.immediate());
-      schedulerSuppliers.forEach((s, supplier) -> schedulers.put(s, supplier.get()));
 
       return this;
     }

services/src/test/java/io/scalecube/services/auth/ServiceRolesProcessorTest.java

@@ -0,0 +1,138 @@
+package io.scalecube.services.auth;
+
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.hasItem;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+
+import io.scalecube.services.Microservices;
+import io.scalecube.services.Microservices.Context;
+import io.scalecube.services.annotations.Service;
+import io.scalecube.services.annotations.ServiceMethod;
+import io.scalecube.services.methods.ServiceRoleDefinition;
+import java.util.List;
+import java.util.Set;
+import org.junit.jupiter.api.Test;
+import org.mockito.ArgumentMatchers;
+import reactor.core.publisher.Mono;
+
+public class ServiceRolesProcessorTest {
+
+  @Test
+  void processSuccessfully() {
+    final var serviceRolesProcessor = mock(ServiceRolesProcessor.class);
+
+    final var expectedServiceRoles =
+        List.of(
+            new ServiceRoleDefinition("admin", Set.of("*")),
+            new ServiceRoleDefinition("user", Set.of("read")),
+            new ServiceRoleDefinition("foo", Set.of("read", "write", "delete")));
+
+    //noinspection unused
+    try (final var microservices =
+        Microservices.start(
+            new Context()
+                .serviceRolesProcessor(serviceRolesProcessor)
+                .services(new Service1Impl(), new Service2Impl(), new Service3Impl()))) {
+      verify(serviceRolesProcessor)
+          .process(
+              ArgumentMatchers.argThat(
+                  serviceRoles -> {
+                    assertNotNull(serviceRoles, "serviceRoles");
+                    assertEquals(
+                        expectedServiceRoles.size(), serviceRoles.size(), "serviceRoles.size");
+                    for (var role : expectedServiceRoles) {
+                      assertThat(serviceRoles, hasItem(role));
+                    }
+                    return true;
+                  }));
+    }
+  }
+
+  @Service
+  private interface Service1 {
+
+    @ServiceMethod
+    Mono<Void> hello();
+  }
+
+  @AllowedRole(
+      name = "admin",
+      permissions = {"*"})
+  public static class Service1Impl implements Service1 {
+
+    @Override
+    public Mono<Void> hello() {
+      return null;
+    }
+  }
+
+  @Service
+  private interface Service2 {
+
+    @ServiceMethod
+    Mono<Void> hello();
+  }
+
+  @Service
+  public static class Service2Impl implements Service2 {
+
+    @AllowedRole(
+        name = "user",
+        permissions = {"read"})
+    @Override
+    public Mono<Void> hello() {
+      return null;
+    }
+  }
+
+  @Service
+  private interface Service3 {
+
+    @ServiceMethod
+    Mono<Void> hello1();
+
+    @ServiceMethod
+    Mono<Void> hello2();
+
+    @ServiceMethod
+    Mono<Void> hello3();
+
+    @ServiceMethod
+    Mono<Void> hello4();
+  }
+
+  @AllowedRole(
+      name = "foo",
+      permissions = {"read"})
+  public static class Service3Impl implements Service3 {
+
+    @Override
+    public Mono<Void> hello1() {
+      return null;
+    }
+
+    @Override
+    public Mono<Void> hello2() {
+      return null;
+    }
+
+    @AllowedRole(
+        name = "foo",
+        permissions = {"write"})
+    @Override
+    public Mono<Void> hello3() {
+      return null;
+    }
+
+    @AllowedRole(
+        name = "foo",
+        permissions = {"delete"})
+    @Override
+    public Mono<Void> hello4() {
+      return null;
+    }
+  }
+}