search

zowe / sample-spring-boot-api-service

Zowe REST API service SDK and sample API service that integrates with Zowe API Mediation Layer
Other
26 stars 18 forks source link

Security context switch #23

Closed plavjanik closed 5 years ago

plavjanik commented 5 years ago

Let's start to review it and finish it before it becomes too big. There is a lot of good things to add but they can be done in following PRs.

Resolves #6

This PR adds the following functions:

  1. Basic error handling - return standardized message structure for REST API failures (typical HTTP error and internal server error for unhandled exception). Guidance how to handle your own exception will be added in a separate PR.

  2. A neat tool to upload source for native libraries to z/OS Unix based on Zowe CLI and start the make and create a JCL to start the service from a template. This way you can do all of your development in VSCode with Zowe VSCode Extension. Manual instructions are provided too.

  3. Native code for security functions. It is a part of the sample currently but it will split out into SDK and sample in the next PR.

  4. Java code for security context switch and examples are provided. See https://github.com/zowe/sample-spring-boot-api-service/pull/23/files?short_path=4da568a#diff-4da568a03eb2dc589e168a7e8cef8337

codecov-io commented 5 years ago

Codecov Report

Merging #23 into master will increase coverage by 0.9%. The diff coverage is 80.15%.

Impacted file tree graph

@@            Coverage Diff             @@
##             master     #23     +/-   ##
==========================================
+ Coverage     78.19%   79.1%   +0.9%     
- Complexity       85     117     +32     
==========================================
  Files            29      39     +10     
  Lines           211     335    +124     
  Branches         21      21             
==========================================
+ Hits            165     265    +100     
- Misses           32      56     +24     
  Partials         14      14
Impacted Files Coverage Δ Complexity Δ
...we/sdk/zos/security/platform/MockPlatformUser.java 75% <ø> (ø) 3 <0> (?)
...ity/authentication/ZosAuthenticationException.java 75% <ø> (ø) 1 <0> (?)
...we/sample/apiservice/config/WebSecurityConfig.java 100% <ø> (ø) 3 <0> (ø) :arrow_down:
...rity/authentication/ZosAuthenticationProvider.java 76.47% <ø> (ø) 8 <0> (?)
...owe/sdk/zos/security/platform/SafPlatformUser.java 88.88% <ø> (ø) 3 <0> (?)
...ecurity/service/ZosJniPlatformSecurityService.java 0% <0%> (ø) 0 <0> (?)
...e/sdk/zos/security/platform/SafPlatformThread.java 0% <0%> (ø) 0 <0> (?)
...main/java/org/zowe/sdk/zos/security/jni/Secur.java 0% <0%> (ø) 0 <0> (?)
...zos/security/platform/SafPlatformClassFactory.java 0% <0%> (ø) 0 <0> (?)
...in/java/org/zowe/sample/apiservice/wto/ZosWto.java 0% <0%> (ø) 0 <0> (ø) :arrow_down:
... and 23 more

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 103f16b...ce33ea1. Read the comment docs.

dkelosky commented 5 years ago

Good point about keeping it from getting too big!

plavjanik commented 5 years ago

I have added unit tests for the code that was not covered and can run off z/OS.

Later, we will run z/OS-specific integration tests on River and that will increase coverage by these integration tests.

We keep the z/OS-specific code in smaller classes so we can test the application logic with mock and this allows us to have good coverage even when some code cannot be tested.