WOR-1464 Use new listResourcesV2 endpoint.

broadinstitute · Jan 26, 2024 · e220823 · e220823
1 parent fd5d864
commit e220823
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 11 deletions.
diff --git a/core/src/main/scala/org/broadinstitute/dsde/rawls/dataaccess/HttpSamDAO.scala b/core/src/main/scala/org/broadinstitute/dsde/rawls/dataaccess/HttpSamDAO.scala
@@ -490,19 +490,29 @@ class HttpSamDAO(baseSamServiceURL: String, serviceAccountCreds: Credential, tim
                                  ctx: RawlsRequestContext
   ): Future[Seq[SamUserResource]] =
     retry(when401or5xx) { () =>
-      val callback = new SamApiCallback[util.List[sam.model.UserResourcesResponse]]("listResourcesAndPoliciesV2")
-
-      resourcesApi(ctx).listResourcesAndPoliciesV2Async(resourceTypeName.value, callback)
+      val callback = new SamApiCallback[sam.model.ListResourcesV2200Response]("listResourcesV2")
+
+      resourcesApi(ctx).listResourcesV2Async(
+        "hierarchical",
+        List(resourceTypeName.value).asJava,
+        List.empty.asJava,
+        List.empty.asJava,
+        List.empty.asJava,
+        // it is less performant to return public policies, but there is UI work to be done to remove this
+        true,
+        callback
+      )
 
       callback.future.map { userResourcesResponse =>
-        userResourcesResponse.asScala.map { userResourcesResponse =>
+        val hierarchicalResources = userResourcesResponse.getFilteredResourcesHierarchicalResponse
+        hierarchicalResources.getResources.asScala.map { resource =>
           SamUserResource(
-            userResourcesResponse.getResourceId,
-            toSamRolesAndActions(userResourcesResponse.getDirect),
-            toSamRolesAndActions(userResourcesResponse.getInherited),
-            toSamRolesAndActions(userResourcesResponse.getPublic),
-            userResourcesResponse.getAuthDomainGroups.asScala.map(WorkbenchGroupName).toSet,
-            userResourcesResponse.getMissingAuthDomainGroups.asScala.map(WorkbenchGroupName).toSet
+            resource.getResourceId,
+            toSamRolesAndActions(resource.getPolicies.asScala.filter(p => !p.getInherited && !p.getIsPublic).toList),
+            toSamRolesAndActions(resource.getPolicies.asScala.filter(p => p.getInherited && !p.getIsPublic).toList),
+            toSamRolesAndActions(resource.getPolicies.asScala.filter(p => p.getIsPublic).toList),
+            resource.getAuthDomainGroups.asScala.map(WorkbenchGroupName).toSet,
+            resource.getMissingAuthDomainGroups.asScala.map(WorkbenchGroupName).toSet
           )
         }.toSeq
       }
@@ -514,6 +524,17 @@ class HttpSamDAO(baseSamServiceURL: String, serviceAccountCreds: Credential, tim
       rolesAndActions.getActions.asScala.map(SamResourceAction).toSet
     )
 
+  private def toSamRolesAndActions(
+    filteredHierarchicalResourcePolicies: List[sam.model.FilteredHierarchicalResourcePolicy]
+  ) =
+    SamRolesAndActions(
+      filteredHierarchicalResourcePolicies.flatMap(_.getRoles.asScala.map(r => SamResourceRole(r.getRole))).toSet,
+      filteredHierarchicalResourcePolicies.flatMap(_.getActions.asScala.map(SamResourceAction)).toSet ++
+        filteredHierarchicalResourcePolicies
+          .flatMap(_.getRoles.asScala.flatMap(r => r.getActions.asScala.map(SamResourceAction)))
+          .toSet
+    )
+
   override def getPetServiceAccountKeyForUser(googleProject: GoogleProjectId,
                                               userEmail: RawlsUserEmail
   ): Future[String] =

diff --git a/project/Dependencies.scala b/project/Dependencies.scala
@@ -81,6 +81,7 @@ object Dependencies {
   val mysqlConnector: ModuleID =  "com.mysql"                         % "mysql-connector-j"  % "8.2.0"
   // Update warning for liquibase-core: Here be dragons! See https://broadworkbench.atlassian.net/browse/WOR-1197
   val liquibaseCore: ModuleID =   "org.liquibase"                 % "liquibase-core"        % "4.17.2" // scala-steward:off
+  val jaxrs: ModuleID =  "org.apache.cxf" % "cxf-bundle-jaxrs" % "2.7.18"
 
   val workbenchLibsHash = "8ccaa6d"
 
@@ -132,7 +133,7 @@ object Dependencies {
   val resourceBufferService = excludeJakarta("bio.terra" % "terra-resource-buffer-client" % "0.4.3-SNAPSHOT")
   val billingProfileManager = excludeJakarta("bio.terra" % "billing-profile-manager-client-javax" % "0.1.502-SNAPSHOT")
   val terraCommonLib = tclExclusions(excludeJakarta("bio.terra" % "terra-common-lib" % "0.0.95-SNAPSHOT" classifier "plain"))
-  val sam: ModuleID = excludeJakarta("org.broadinstitute.dsde.workbench" %% "sam-client" % "0.1-d606036")
+  val sam: ModuleID = excludeJakarta("org.broadinstitute.dsde.workbench" %% "sam-client" % "0.1-802eb68")
   val leonardo: ModuleID = "org.broadinstitute.dsde.workbench" % "leonardo-client_2.13" % "1.3.6-d0bf371"
 
   val opencensusScalaCode: ModuleID = "com.github.sebruck" %% "opencensus-scala-core" % "0.7.2"
@@ -265,6 +266,7 @@ object Dependencies {
     workbenchOpenTelemetryTests,
     terraCommonLib,
     sam,
+    jaxrs,
     leonardo
   )
 

diff --git a/project/Merging.scala b/project/Merging.scala
@@ -18,6 +18,8 @@ object Merging {
     case x if x.endsWith("kotlin_module")                => MergeStrategy.first
     case x if x.endsWith("io.netty.versions.properties") => MergeStrategy.concat
     case x if x.endsWith("arrow-git.properties")         => MergeStrategy.concat
+    case PathList("javax", "servlet", _@_*) => MergeStrategy.first // This should be resolved in dependencies
+    case PathList("mozilla", _@_*) => MergeStrategy.first // This should be resolved in dependencies
     case x                                               => oldStrategy(x)
   }
 }