Add authenticated annotation to endpoints that have actions

src/main/java/com/redhat/pctsec/model/BrewBuild.java

@@ -1,10 +1,12 @@
 package com.redhat.pctsec.model;
 
 import jakarta.persistence.Entity;
+import org.eclipse.microprofile.openapi.annotations.media.Schema;
 
 import java.net.URI;
 import java.net.URL;
 
+
 @Entity
 public class BrewBuild extends BuildType {
 

src/main/java/com/redhat/pctsec/model/Git.java

@@ -4,6 +4,7 @@ import jakarta.persistence.Entity;
 import jakarta.persistence.GeneratedValue;
 import jakarta.persistence.GenerationType;
 import jakarta.persistence.Id;
+import org.eclipse.microprofile.openapi.annotations.media.Schema;
 
 import java.net.URI;
 import java.util.UUID;

src/main/java/com/redhat/pctsec/model/ScanRequest.java

@@ -43,21 +43,37 @@ public class ScanRequest {
 
     private RequestType type;
 
-    @OneToOne(fetch=FetchType.EAGER, cascade = CascadeType.ALL)
+    @OneToOne(fetch=FetchType.LAZY, cascade = CascadeType.ALL)
     @JoinColumn(name = "brew_build_id", referencedColumnName = "id")
     @JsonInclude(JsonInclude.Include.NON_NULL)
     public BrewBuild brewBuild;
 
-    @OneToOne(fetch=FetchType.EAGER, cascade = CascadeType.ALL)
+    @OneToOne(fetch=FetchType.LAZY, cascade = CascadeType.ALL)
     @JoinColumn(name = "pnc_build_id", referencedColumnName = "id")
     @JsonInclude(JsonInclude.Include.NON_NULL)
     public PNCBuild pncBuild;
 
-    @OneToOne(fetch=FetchType.EAGER, cascade = CascadeType.ALL)
+    @OneToOne(fetch=FetchType.LAZY, cascade = CascadeType.ALL)
     @JoinColumn(name = "git_id", referencedColumnName = "id")
     @JsonInclude(JsonInclude.Include.NON_NULL)
     public Git git;
 
+    public String getOshScanOptions() {
+        return oshScanOptions;
+    }
+
+    public void setOshScanOptions(String oshScanOptions) {
+        this.oshScanOptions = oshScanOptions;
+    }
+
+    public String getScanProperties() {
+        return scanProperties;
+    }
+
+    public void setScanProperties(String scanProperties) {
+        this.scanProperties = scanProperties;
+    }
+
     @Column(name="scan_properties")
     public String scanProperties;
     public ScanRequest() {

src/main/java/com/redhat/pctsec/model/ScanRequests.java

@@ -9,7 +9,6 @@ import java.util.*;
 import java.util.stream.Collectors;
 
 import jakarta.persistence.*;
-import jakarta.transaction.Transactional;
 
 @ApplicationScoped
 @Entity
@@ -26,7 +25,7 @@ public class ScanRequests {
 
 
     @Column(name="scan_properties")
-    private String scanProperties;
+    private String globalScanProperties;
 
     @Column(name="scan_metadata")
     private String scanMetadata;
@@ -34,7 +33,7 @@ public class ScanRequests {
 
     public ScanRequests(){
         //Default to the Snyk scan
-        this.scanProperties = "-p snyk-only-unstable --tarball-build-script=\":\"";
+        this.globalScanProperties = "-p snyk-only-unstable --tarball-build-script=\":\"";
         this.scanRequests = new HashSet<>();
     }
 
@@ -94,12 +93,12 @@ public class ScanRequests {
         this.scanRequests = scanRequests;
     }
 
-    public String getScanProperties() {
-        return scanProperties;
+    public String getGlobalScanProperties() {
+        return globalScanProperties;
     }
 
-    public void setScanProperties(String scanProperties) {
-        this.scanProperties = scanProperties;
+    public void setGlobalScanProperties(String globalScanProperties) {
+        this.globalScanProperties = globalScanProperties;
     }
 
     public String getScanMetadata() {

src/main/java/com/redhat/pctsec/model/ScanTask.java

@@ -4,14 +4,23 @@ package com.redhat.pctsec.model;
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import io.vertx.core.eventbus.impl.EventBusImpl;
 import io.vertx.mutiny.core.eventbus.EventBus;
+import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.enterprise.context.Dependent;
 import jakarta.inject.Inject;
+import jakarta.persistence.*;
 
-//@ApplicationScoped
-@Dependent
+import java.util.UUID;
+
+
+@Entity
+@ApplicationScoped
 public class ScanTask {
 
+    @Id
+    @GeneratedValue
+    protected UUID id;
     @JsonIgnore
+    @Transient
     @Inject
     EventBus bus;
     public ScanTaskState state;
@@ -22,6 +31,8 @@ public class ScanTask {
 
     public String tektonRunId;
 
+    @OneToOne(fetch=FetchType.EAGER, cascade = CascadeType.ALL)
+    @JoinColumn(name = "scan_result_id", referencedColumnName = "id")
     public ScanRequest scanRequest;
 
 

src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanRequestResource.java

@@ -1,14 +1,13 @@
 package com.redhat.pctsec.rest.v1alpha1;
 
-import com.redhat.pctsec.model.Scan;
 import com.redhat.pctsec.model.ScanRequest;
-import com.redhat.pctsec.model.ScanRequests;
 import com.redhat.pctsec.model.jpa.ScanRequestRepository;
 import com.redhat.pctsec.model.osh.paramMapper;
+import io.quarkus.security.Authenticated;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
+import jakarta.transaction.Transactional;
 import jakarta.ws.rs.*;
-import org.eclipse.microprofile.config.inject.ConfigProperty;
 import picocli.CommandLine;
 
 import java.util.UUID;
@@ -16,14 +15,14 @@ import java.util.UUID;
 @Path("/api/v1a/ScanRequest/{id}")
 public class ScanRequestResource {
     @Inject
-    ScanRequestRepository sr;
+    ScanRequestRepository scanRequestRepository;
 
 
     @GET
     @Produces({"application/json"})
     public ScanRequest getScanRequest(String id)
     {
-        ScanRequest scanRequest = sr.findById(UUID.fromString(id));
+        ScanRequest scanRequest = scanRequestRepository.findById(UUID.fromString(id));
         return scanRequest;
     }
 
@@ -31,18 +30,20 @@ public class ScanRequestResource {
     @Path("ScanProperties/{scanProperties}")
     @Consumes({"application/octet-stream"})
     @Produces({"application/json"})
+    @Authenticated
+    @Transactional
     public ScanRequest patchScanRequest(String id, String scanProperties)
     {
-        ScanRequest scanRequest = sr.findById(UUID.fromString(id));
+        ScanRequest scanRequest = scanRequestRepository.findById(UUID.fromString(id));
 
         try {
             paramMapper pm = new paramMapper(scanProperties);
-           } catch(CommandLine.UnmatchedArgumentException e)
+            }catch(CommandLine.UnmatchedArgumentException e)
             {
                 throw new BadRequestException("Invalid OSH Parameter");
             }
-        scanRequest.scanProperties = scanProperties;
-        sr.persist(scanRequest);
+        scanRequest.setScanProperties(scanProperties);
+        scanRequestRepository.persist(scanRequest);
         return scanRequest;
     }
 

src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanRequestsResource.java

@@ -5,16 +5,16 @@ import com.redhat.pctsec.model.ScanRequest;
 import com.redhat.pctsec.model.ScanRequests;
 import com.redhat.pctsec.model.jpa.ScanRepository;
 import com.redhat.pctsec.model.jpa.ScanRequestsRepository;
+import io.quarkus.security.Authenticated;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
-import jakarta.ws.rs.GET;
-import jakarta.ws.rs.Path;
-import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.*;
+import org.jboss.resteasy.reactive.common.NotImplementedYet;
 
 import java.util.UUID;
 
 @ApplicationScoped
-@Path("/api/v1a/ScanRequests")
+@Path("/api/v1a/ScanRequests/{id}")
 public class ScanRequestsResource {
 
     @Inject
@@ -22,7 +22,6 @@ public class ScanRequestsResource {
 
 
     @GET
-    @Path("{id}")
     @Produces({"application/json"})
     public ScanRequests getScanRequests(String id)
     {
@@ -30,4 +29,13 @@ public class ScanRequestsResource {
         return scanRequests;
     }
 
+    @POST
+    @Produces({"application/json"})
+    @Consumes({"application/json"})
+    @Authenticated
+    public ScanRequests addScanRequest(String id, ScanRequest scanRequest)
+    {
+        throw new NotImplementedYet();
+    }
+
 }

src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanResource.java

@@ -53,6 +53,7 @@ public class ScanResource {
     }
 
     @GET
+    @Path("All")
     @Produces({"application/json"})
     public List<Scan> list()
     {
@@ -70,11 +71,11 @@ public class ScanResource {
 
     @GET
     @Path("{id}/run")
+    @Authenticated
     public List<ScanTask> scanRequestExe(String id)
     {
         Scan s = sr.findById(UUID.fromString(id));
         return s.scanRequests.execute(bus);
-        //return "We'd normally have a json payload here, with pipeline UID";
     }
 
 
@@ -82,6 +83,7 @@ public class ScanResource {
     @Path("single/git")
     @Produces({"application/json"})
     @Transactional
+    @Authenticated
     public Scan singleGit(@RestQuery String repo, @RestQuery String ref)
     {
         Scan s = new Scan();
@@ -95,6 +97,7 @@ public class ScanResource {
     @Path("single/brew")
     @Produces({"application/json"})
     @Transactional
+    @Authenticated
     public Scan singleGit(@RestQuery String brewId)
     {
         Scan s = new Scan();
@@ -107,6 +110,7 @@ public class ScanResource {
     @Path("single/pnc")
     @Produces({"application/json"})
     @Transactional
+    @Authenticated
     public Scan singlePNC(@RestQuery String pncId)
     {
         Scan s = new Scan();