SORMAS (Surveillance, Outbreak Response Management and Analysis System) is an early warning and management system to fight the spread of infectious diseases.
Internal and external systems often have the need to access the SORMAS data in a query-like manner, e.g. to search for entities with certain values or to limit the returned data to a subset of fields.
Feature Description
OData is an open protocol that does just that using a ReSTful-API.
The Apache Olingo library is an OData implementation. For OData v2 it also provides an extension to automatically map entities based on JPA, that we want to use here.
Note: There is also an extension for v4 provided by SAP, but it's not clear how well this is working, so we should stick to v2.
[ ] Move all entity classes to a new project "sormas-dao". This is necessary, because they will be used by the OData service. Including the whole sormas-backend.jar into it would duplicate the ejbs.
[ ] Create a new project "sormas-odata"
[ ] Add authentification as we have in sormas-rest
[ ] Implement a service based on the Olingo JPA extension
[ ] Add a new user right "SORMAS_ODATA" that is needed to access the service
[ ] Also add a new user role "SORMAS_ODATA" that has this right
[ ] Limit access to GET. For now it should not be possible to manipulate data via PUT, POST, DELETE, etc.
Data security perspective
OData is an OASIS and ISO/IEC standard for accessing data via a ReSTful API. As such, it allows records to be queried and navigated through using standard HTTP calls.
The data is returned as either XML or JSON.
It uses the Apache Olingo OData 2.0 Java library with the JPA processor extension. This allows access to all data mapped via JPA - so in the case of SORMAS, the full database.
Access to SORMAS OData is only possible with the appropriate authorisation. This means that a user must be created in SORMAS who has the SORMAS OData authorisation.
Important: There is no restriction of the data based on the authenticated user.
Translated with www.DeepL.com/Translator (free version)
Situation Description
Internal and external systems often have the need to access the SORMAS data in a query-like manner, e.g. to search for entities with certain values or to limit the returned data to a subset of fields.
Feature Description
OData is an open protocol that does just that using a ReSTful-API. The Apache Olingo library is an OData implementation. For OData v2 it also provides an extension to automatically map entities based on JPA, that we want to use here. Note: There is also an extension for v4 provided by SAP, but it's not clear how well this is working, so we should stick to v2.
See https://olingo.apache.org/doc/odata2/tutorials/CreateWebApp.html and https://www.baeldung.com/olingo
Data security perspective
OData is an OASIS and ISO/IEC standard for accessing data via a ReSTful API. As such, it allows records to be queried and navigated through using standard HTTP calls. The data is returned as either XML or JSON.
It uses the Apache Olingo OData 2.0 Java library with the JPA processor extension. This allows access to all data mapped via JPA - so in the case of SORMAS, the full database.
Examples:
Access to SORMAS OData is only possible with the appropriate authorisation. This means that a user must be created in SORMAS who has the SORMAS OData authorisation.
Important: There is no restriction of the data based on the authenticated user.
Translated with www.DeepL.com/Translator (free version)