Merge branch 'develop'

.github/workflows/anchore.yml

@@ -17,7 +17,7 @@ jobs:
           distribution: 'temurin'
           java-version: '21'
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@v3
+        uses: gradle/actions/setup-gradle@v4
       - name: Assemble project
         run: ./gradlew assemble
       - name: Upload jars artifacts

.github/workflows/build.yml

@@ -30,7 +30,7 @@ jobs:
           key: ${{ runner.os }}-sonar
           restore-keys: ${{ runner.os }}-sonar
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@v3
+        uses: gradle/actions/setup-gradle@v4
       - name: Build
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any

.github/workflows/cla.yml

@@ -12,7 +12,7 @@ jobs:
       - name: "CLA Assistant"
         if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
         # Beta Release
-        uses: cla-assistant/github-action@v2.4.0
+        uses: cla-assistant/github-action@v2.5.1
         env: 
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           # the below token should have repo scope and must be manually added by you in the repository's secret

.github/workflows/dependency-submission.yml

@@ -22,4 +22,4 @@ jobs:
           java-version: '21'
 
       - name: Generate and submit dependency graph
-        uses: gradle/actions/dependency-submission@v3
+        uses: gradle/actions/dependency-submission@v4

Jenkinsfile

@@ -1,5 +1,8 @@
 pipeline {
     agent any
+    options {
+        buildDiscarder(logRotator(numToKeepStr: '10',daysToKeepStr: '30'))
+    }
     tools {
         jdk 'JDK 21'
     }

build.gradle.kts

@@ -18,7 +18,7 @@ plugins {
     `kotlin-dsl`
     // only apply the plugin in the subprojects requiring it because it expects a Spring Boot app
     // and the shared lib is obviously not one
-    id("org.springframework.boot") version "3.3.2" apply false
+    id("org.springframework.boot") version "3.3.3" apply false
     id("io.spring.dependency-management") version "1.1.6" apply false
     id("org.graalvm.buildtools.native") version "0.10.2"
     kotlin("jvm") version "1.9.24" apply false
@@ -69,11 +69,11 @@ subprojects {
 
         implementation("io.arrow-kt:arrow-fx-coroutines:1.2.4")
 
-        implementation("org.locationtech.jts.io:jts-io-common:1.19.0")
+        implementation("org.locationtech.jts.io:jts-io-common:1.20.0")
 
         annotationProcessor("org.springframework.boot:spring-boot-configuration-processor")
 
-        runtimeOnly("de.siegmar:logback-gelf:6.0.1")
+        runtimeOnly("de.siegmar:logback-gelf:6.1.0")
         runtimeOnly("io.micrometer:micrometer-registry-prometheus")
 
         testImplementation("org.springframework.boot:spring-boot-starter-test") {

search-service/config/detekt/baseline.xml

@@ -5,28 +5,27 @@
     <ID>ClassNaming:V0_29_JsonLd_migrationTests.kt$V0_29_JsonLd_migrationTests</ID>
     <ID>ClassNaming:V0_29__JsonLd_migration.kt$V0_29__JsonLd_migration : BaseJavaMigration</ID>
     <ID>ComplexCondition:EntitiesQueryUtils.kt$geoQuery == null &amp;&amp; q.isNullOrEmpty() &amp;&amp; typeSelection.isNullOrEmpty() &amp;&amp; attrs.isEmpty()</ID>
-    <ID>ComplexCondition:EntityPayloadService.kt$EntityPayloadService$it &amp;&amp; !inverse || !it &amp;&amp; inverse</ID>
+    <ID>ComplexCondition:EntityQueryService.kt$EntityQueryService$it &amp;&amp; !inverse || !it &amp;&amp; inverse</ID>
     <ID>Filename:V0_29__JsonLd_migration.kt$db.migration.V0_29__JsonLd_migration.kt</ID>
     <ID>LongMethod:AttributeInstanceService.kt$AttributeInstanceService$@Transactional suspend fun create(attributeInstance: AttributeInstance): Either&lt;APIException, Unit&gt;</ID>
     <ID>LongMethod:EnabledAuthorizationServiceTests.kt$EnabledAuthorizationServiceTests$@Test fun `it should return serialized access control entities with other rigths if user is owner`()</ID>
     <ID>LongMethod:EntityAccessControlHandler.kt$EntityAccessControlHandler$@PostMapping("/{subjectId}/attrs", consumes = [MediaType.APPLICATION_JSON_VALUE, JSON_LD_CONTENT_TYPE]) suspend fun addRightsOnEntities( @RequestHeader httpHeaders: HttpHeaders, @PathVariable subjectId: String, @RequestBody requestBody: Mono&lt;String&gt; ): ResponseEntity&lt;*&gt;</ID>
     <ID>LongMethod:PatchAttributeTests.kt$PatchAttributeTests.Companion$@JvmStatic fun mergePatchProvider(): Stream&lt;Arguments&gt;</ID>
     <ID>LongMethod:PatchAttributeTests.kt$PatchAttributeTests.Companion$@JvmStatic fun partialUpdatePatchProvider(): Stream&lt;Arguments&gt;</ID>
-    <ID>LongMethod:QueryServiceTests.kt$QueryServiceTests$@Test fun `it should query temporal entities as requested by query params`()</ID>
-    <ID>LongMethod:QueryServiceTests.kt$QueryServiceTests$@Test fun `it should return an empty list for an attribute if it has no temporal values`()</ID>
+    <ID>LongMethod:TemporalQueryServiceTests.kt$TemporalQueryServiceTests$@Test fun `it should query temporal entities as requested by query params`()</ID>
+    <ID>LongMethod:TemporalQueryServiceTests.kt$TemporalQueryServiceTests$@Test fun `it should return an empty list for an attribute if it has no temporal values`()</ID>
     <ID>LongMethod:TemporalScopeBuilderTests.kt$TemporalScopeBuilderTests$@Test fun `it should build an aggregated temporal representation of scopes`()</ID>
     <ID>LongMethod:V0_29__JsonLd_migration.kt$V0_29__JsonLd_migration$override fun migrate(context: Context)</ID>
-    <ID>LongParameterList:AttributeInstance.kt$AttributeInstance.Companion$( temporalEntityAttribute: UUID, instanceId: URI = generateRandomInstanceId(), timeAndProperty: Pair&lt;ZonedDateTime, TemporalProperty&gt;, value: Triple&lt;String?, Double?, WKTCoordinates?&gt;, payload: ExpandedAttributeInstance, sub: String? )</ID>
-    <ID>LongParameterList:AttributeInstance.kt$AttributeInstance.Companion$( temporalEntityAttribute: UUID, instanceId: URI = generateRandomInstanceId(), timeProperty: TemporalProperty? = TemporalProperty.OBSERVED_AT, modifiedAt: ZonedDateTime? = null, attributeMetadata: AttributeMetadata, payload: ExpandedAttributeInstance, time: ZonedDateTime, sub: String? = null )</ID>
+    <ID>LongParameterList:AttributeInstance.kt$AttributeInstance.Companion$( attributeUuid: UUID, instanceId: URI = generateRandomInstanceId(), timeAndProperty: Pair&lt;ZonedDateTime, TemporalProperty&gt;, value: Triple&lt;String?, Double?, WKTCoordinates?&gt;, payload: ExpandedAttributeInstance, sub: String? )</ID>
+    <ID>LongParameterList:AttributeInstance.kt$AttributeInstance.Companion$( attributeUuid: UUID, instanceId: URI = generateRandomInstanceId(), timeProperty: TemporalProperty? = TemporalProperty.OBSERVED_AT, modifiedAt: ZonedDateTime? = null, attributeMetadata: AttributeMetadata, payload: ExpandedAttributeInstance, time: ZonedDateTime, sub: String? = null )</ID>
+    <ID>LongParameterList:EntityAttributeService.kt$EntityAttributeService$( attribute: Attribute, attributeName: ExpandedTerm, attributeMetadata: AttributeMetadata, mergedAt: ZonedDateTime, observedAt: ZonedDateTime?, attributePayload: ExpandedAttributeInstance, sub: Sub? )</ID>
+    <ID>LongParameterList:EntityAttributeService.kt$EntityAttributeService$( attribute: Attribute, ngsiLdAttribute: NgsiLdAttribute, attributeMetadata: AttributeMetadata, createdAt: ZonedDateTime, attributePayload: ExpandedAttributeInstance, sub: Sub? )</ID>
+    <ID>LongParameterList:EntityAttributeService.kt$EntityAttributeService$( entityId: URI, attributeName: ExpandedTerm, attributeMetadata: AttributeMetadata, createdAt: ZonedDateTime, attributePayload: ExpandedAttributeInstance, sub: Sub? )</ID>
+    <ID>LongParameterList:EntityAttributeService.kt$EntityAttributeService$( entityUri: URI, ngsiLdAttributes: List&lt;NgsiLdAttribute&gt;, expandedAttributes: ExpandedAttributes, createdAt: ZonedDateTime, observedAt: ZonedDateTime?, sub: Sub? )</ID>
+    <ID>LongParameterList:EntityAttributeService.kt$EntityAttributeService$( entityUri: URI, ngsiLdAttributes: List&lt;NgsiLdAttribute&gt;, expandedAttributes: ExpandedAttributes, disallowOverwrite: Boolean, createdAt: ZonedDateTime, sub: Sub? )</ID>
     <ID>LongParameterList:EntityEventService.kt$EntityEventService$( updatedDetails: UpdatedDetails, sub: String?, tenantName: String, entityId: URI, entityTypesAndPayload: Pair&lt;List&lt;ExpandedTerm&gt;, String&gt;, serializedAttribute: Pair&lt;ExpandedTerm, String&gt;, overwrite: Boolean )</ID>
-    <ID>LongParameterList:TemporalEntityAttributeService.kt$TemporalEntityAttributeService$( entityId: URI, attributeName: ExpandedTerm, attributeMetadata: AttributeMetadata, createdAt: ZonedDateTime, attributePayload: ExpandedAttributeInstance, sub: Sub? )</ID>
-    <ID>LongParameterList:TemporalEntityAttributeService.kt$TemporalEntityAttributeService$( entityUri: URI, ngsiLdAttributes: List&lt;NgsiLdAttribute&gt;, expandedAttributes: ExpandedAttributes, createdAt: ZonedDateTime, observedAt: ZonedDateTime?, sub: Sub? )</ID>
-    <ID>LongParameterList:TemporalEntityAttributeService.kt$TemporalEntityAttributeService$( entityUri: URI, ngsiLdAttributes: List&lt;NgsiLdAttribute&gt;, expandedAttributes: ExpandedAttributes, disallowOverwrite: Boolean, createdAt: ZonedDateTime, sub: Sub? )</ID>
-    <ID>LongParameterList:TemporalEntityAttributeService.kt$TemporalEntityAttributeService$( tea: TemporalEntityAttribute, attributeName: ExpandedTerm, attributeMetadata: AttributeMetadata, mergedAt: ZonedDateTime, observedAt: ZonedDateTime?, attributePayload: ExpandedAttributeInstance, sub: Sub? )</ID>
-    <ID>LongParameterList:TemporalEntityAttributeService.kt$TemporalEntityAttributeService$( temporalEntityAttribute: TemporalEntityAttribute, ngsiLdAttribute: NgsiLdAttribute, attributeMetadata: AttributeMetadata, createdAt: ZonedDateTime, attributePayload: ExpandedAttributeInstance, sub: Sub? )</ID>
     <ID>LongParameterList:V0_29__JsonLd_migration.kt$V0_29__JsonLd_migration$( entityId: URI, attributeName: ExpandedTerm, datasetId: URI?, attributePayload: ExpandedAttributeInstance, ngsiLdAttributeInstance: NgsiLdAttributeInstance, defaultCreatedAt: ZonedDateTime )</ID>
     <ID>NestedBlockDepth:V0_29__JsonLd_migration.kt$V0_29__JsonLd_migration$override fun migrate(context: Context)</ID>
-    <ID>SwallowedException:EntitiesQueryUtils.kt$e: IllegalArgumentException</ID>
-    <ID>TooManyFunctions:EntityPayloadService.kt$EntityPayloadService</ID>
+    <ID>SwallowedException:TemporalQueryUtils.kt$e: IllegalArgumentException</ID>
   </CurrentIssues>
 </SmellBaseline>

search-service/src/main/kotlin/com/egm/stellio/search/SearchServiceApplication.kt

@@ -5,7 +5,7 @@ import org.springframework.boot.context.properties.ConfigurationPropertiesScan
 import org.springframework.boot.runApplication
 
 @SpringBootApplication(scanBasePackages = ["com.egm.stellio.search", "com.egm.stellio.shared"])
-@ConfigurationPropertiesScan("com.egm.stellio.search.config", "com.egm.stellio.shared.config")
+@ConfigurationPropertiesScan("com.egm.stellio.search.common.config", "com.egm.stellio.shared.config")
 class SearchServiceApplication
 
 @Suppress("SpreadOperator")

search-service/src/main/kotlin/com/egm/stellio/search/listener/IAMListener.kt → search-service/src/main/kotlin/com/egm/stellio/search/authorization/listener/IAMListener.kt

@@ -1,17 +1,16 @@
-package com.egm.stellio.search.listener
+package com.egm.stellio.search.authorization.listener
 
 import arrow.core.Either
 import arrow.core.flattenOption
 import arrow.core.left
 import arrow.core.raise.either
 import arrow.core.right
-import com.egm.stellio.search.authorization.EntityAccessRightsService
-import com.egm.stellio.search.authorization.SubjectReferential
-import com.egm.stellio.search.authorization.SubjectReferentialService
-import com.egm.stellio.search.authorization.toSubjectInfo
-import com.egm.stellio.search.config.SearchProperties
-import com.egm.stellio.search.service.EntityEventService
-import com.egm.stellio.search.service.EntityPayloadService
+import com.egm.stellio.search.authorization.model.SubjectReferential
+import com.egm.stellio.search.authorization.model.toSubjectInfo
+import com.egm.stellio.search.authorization.service.EntityAccessRightsService
+import com.egm.stellio.search.authorization.service.SubjectReferentialService
+import com.egm.stellio.search.common.config.SearchProperties
+import com.egm.stellio.search.entity.service.EntityService
 import com.egm.stellio.shared.model.*
 import com.egm.stellio.shared.util.AuthContextModel.AUTH_TERM_IS_MEMBER_OF
 import com.egm.stellio.shared.util.AuthContextModel.AUTH_TERM_ROLES
@@ -39,8 +38,7 @@ class IAMListener(
     private val subjectReferentialService: SubjectReferentialService,
     private val searchProperties: SearchProperties,
     private val entityAccessRightsService: EntityAccessRightsService,
-    private val entityPayloadService: EntityPayloadService,
-    private val entityEventService: EntityEventService
+    private val entityService: EntityService
 ) {
 
     private val logger = LoggerFactory.getLogger(javaClass)
@@ -114,19 +112,15 @@ class IAMListener(
         val subjectType = SubjectType.valueOf(entityDeleteEvent.entityTypes.first().uppercase())
         val sub = entityDeleteEvent.entityId.extractSub()
         mono {
+            // delete the entities owned by the user while the user still exists
+            // (if it no longer exists, it fails because of access rights checks)
+            if (searchProperties.onOwnerDeleteCascadeEntities && subjectType == SubjectType.USER) {
+                entityAccessRightsService.getEntitiesIdsOwnedBySubject(sub).getOrNull()?.forEach { entityId ->
+                    entityService.deleteEntity(entityId, sub)
+                }
+                Unit.right()
+            } else Unit.right()
             subjectReferentialService.delete(entityDeleteEvent.entityId.extractSub())
-            val result: Either<APIException, Unit> =
-                if (searchProperties.onOwnerDeleteCascadeEntities && subjectType == SubjectType.USER) {
-                    val entitiesIds = entityAccessRightsService.getEntitiesIdsOwnedBySubject(sub).getOrNull()
-                    entitiesIds?.let { entityAccessRightsService.deleteAllAccessRightsOnEntities(it) }
-                    entitiesIds?.forEach { entityId ->
-                        entityPayloadService.deleteEntity(entityId).getOrNull()?.also {
-                            entityEventService.publishEntityDeleteEvent(null, it)
-                        }
-                    }
-                    Unit.right()
-                } else Unit.right()
-            result
         }.writeContextAndSubscribe(tenantName, entityDeleteEvent)
     }
 

search-service/src/main/kotlin/com/egm/stellio/search/authorization/EntityAccessRights.kt → search-service/src/main/kotlin/com/egm/stellio/search/authorization/model/EntityAccessRights.kt

@@ -1,4 +1,4 @@
-package com.egm.stellio.search.authorization
+package com.egm.stellio.search.authorization.model
 
 import com.egm.stellio.shared.model.ExpandedAttributeInstances
 import com.egm.stellio.shared.model.ExpandedTerm

search-service/src/main/kotlin/com/egm/stellio/search/authorization/Group.kt → search-service/src/main/kotlin/com/egm/stellio/search/authorization/model/Group.kt

@@ -1,4 +1,4 @@
-package com.egm.stellio.search.authorization
+package com.egm.stellio.search.authorization.model
 
 import com.egm.stellio.shared.util.AuthContextModel.AUTH_PROP_NAME
 import com.egm.stellio.shared.util.AuthContextModel.AUTH_REL_IS_MEMBER_OF

search-service/src/main/kotlin/com/egm/stellio/search/authorization/SubjectAccessRight.kt → search-service/src/main/kotlin/com/egm/stellio/search/authorization/model/SubjectAccessRight.kt

@@ -1,4 +1,4 @@
-package com.egm.stellio.search.authorization
+package com.egm.stellio.search.authorization.model
 
 import com.egm.stellio.shared.util.AccessRight
 import java.net.URI

search-service/src/main/kotlin/com/egm/stellio/search/authorization/SubjectReferential.kt → search-service/src/main/kotlin/com/egm/stellio/search/authorization/model/SubjectReferential.kt

@@ -1,6 +1,6 @@
-package com.egm.stellio.search.authorization
+package com.egm.stellio.search.authorization.model
 
-import com.egm.stellio.search.util.deserializeAsMap
+import com.egm.stellio.search.common.util.deserializeAsMap
 import com.egm.stellio.shared.util.GlobalRole
 import com.egm.stellio.shared.util.JsonLdUtils.JSONLD_VALUE_TERM
 import com.egm.stellio.shared.util.JsonUtils

search-service/src/main/kotlin/com/egm/stellio/search/authorization/User.kt → search-service/src/main/kotlin/com/egm/stellio/search/authorization/model/User.kt

@@ -1,4 +1,4 @@
-package com.egm.stellio.search.authorization
+package com.egm.stellio.search.authorization.model
 
 import com.egm.stellio.shared.util.AuthContextModel.AUTH_PROP_FAMILY_NAME
 import com.egm.stellio.shared.util.AuthContextModel.AUTH_PROP_GIVEN_NAME

search-service/src/main/kotlin/com/egm/stellio/search/authorization/AuthorizationService.kt → search-service/src/main/kotlin/com/egm/stellio/search/authorization/service/AuthorizationService.kt

@@ -1,8 +1,8 @@
-package com.egm.stellio.search.authorization
+package com.egm.stellio.search.authorization.service
 
 import arrow.core.Either
 import arrow.core.Option
-import com.egm.stellio.search.model.EntitiesQuery
+import com.egm.stellio.search.entity.model.EntitiesQuery
 import com.egm.stellio.shared.model.APIException
 import com.egm.stellio.shared.model.ExpandedEntity
 import com.egm.stellio.shared.util.Sub

search-service/src/main/kotlin/com/egm/stellio/search/authorization/DisabledAuthorizationService.kt → search-service/src/main/kotlin/com/egm/stellio/search/authorization/service/DisabledAuthorizationService.kt

@@ -1,9 +1,9 @@
-package com.egm.stellio.search.authorization
+package com.egm.stellio.search.authorization.service
 
 import arrow.core.Either
 import arrow.core.Option
 import arrow.core.right
-import com.egm.stellio.search.model.EntitiesQuery
+import com.egm.stellio.search.entity.model.EntitiesQuery
 import com.egm.stellio.shared.model.APIException
 import com.egm.stellio.shared.model.ExpandedEntity
 import com.egm.stellio.shared.util.Sub

search-service/src/main/kotlin/com/egm/stellio/search/authorization/EnabledAuthorizationService.kt → search-service/src/main/kotlin/com/egm/stellio/search/authorization/service/EnabledAuthorizationService.kt

@@ -1,9 +1,9 @@
-package com.egm.stellio.search.authorization
+package com.egm.stellio.search.authorization.service
 
 import arrow.core.*
 import arrow.core.raise.either
 import arrow.fx.coroutines.parMap
-import com.egm.stellio.search.model.EntitiesQuery
+import com.egm.stellio.search.entity.model.EntitiesQuery
 import com.egm.stellio.shared.model.APIException
 import com.egm.stellio.shared.model.AccessDeniedException
 import com.egm.stellio.shared.model.ExpandedEntity