Merge pull request #1557 from AtlasOfLivingAustralia/feature/cognito

Feature/cognito

.github/workflows/build.yml

@@ -13,7 +13,7 @@ env:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
 
     steps:
       - uses: actions/checkout@v3
@@ -31,6 +31,30 @@ jobs:
 
       - run: npm install
 
+      - name: Validate Gradle wrapper
+        uses: gradle/[email protected]
+
+      - name: Install and start elasticsearch
+        run: |
+          curl https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.16.3-amd64.deb -o elasticsearch.deb
+          sudo dpkg -i --force-confnew elasticsearch.deb
+          sudo chown -R elasticsearch:elasticsearch /etc/default/elasticsearch
+          sudo sh -c 'echo ES_JAVA_OPTS=\"-Xmx1g -Xms1g\" >> /etc/default/elasticsearch'
+          sudo service elasticsearch restart
+
+      - name: Setup required MERIT folders
+        run: |
+          sudo mkdir -p /data/fieldcapture/cache
+          sudo chmod o+xw /data
+          sudo chmod o+xw /data/fieldcapture
+          sudo chmod o+xw /data/fieldcapture/cache
+
+      - name: Install and start mongodb
+        uses: supercharge/[email protected]
+        with:
+          mongodb-version: '5.0'
+
+
       - name: Read the biocollect version from the gradle.properties file
         id: read_property
         uses: christian-draeger/[email protected]
@@ -53,22 +77,28 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: build biocollect before running js unit test to compile dependent js templates
-        uses: gradle/gradle-build-action@0d13054264b0bb894ded474f08ebb30921341cee
+        uses: gradle/gradle-build-action@v2.4.0
         with:
-          arguments: build
+          arguments: _Events
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Run javascript unit tests
         run: node_modules/karma/bin/karma start karma.conf.js --single-run --browsers ChromeHeadless
 
+      - name: Run BioCollect functional tests
+        run: ./src/main/scripts/runFunctionalTests.sh chromeHeadless /tmp/ecodata feature/cognito
+        env:
+          GITHUB_ACTOR: ${{env.GITHUB_ACTOR}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
       - name: Clean to remove clover instrumentation
-        uses: gradle/gradle-build-action@0d13054264b0bb894ded474f08ebb30921341cee
+        uses: gradle/gradle-build-action@v2.4.0
         with:
           arguments: clean
 
       - name: Publish the JAR to the repository
-        uses: gradle/gradle-build-action@0d13054264b0bb894ded474f08ebb30921341cee
+        uses: gradle/gradle-build-action@v2.4.0
         with:
           arguments: publish
         env:

build.gradle

@@ -1,6 +1,7 @@
 buildscript {
     repositories {
         mavenLocal()
+        maven { url "https://plugins.gradle.org/m2/" }
         maven { url "https://repo.grails.org/grails/core" }
         maven { url "https://nexus.ala.org.au/content/groups/public/" }
     }
@@ -12,6 +13,8 @@ buildscript {
         classpath 'com.bertramlabs.plugins:sass-asset-pipeline:3.2.5'
         classpath 'com.bmuschko:gradle-clover-plugin:3.0.1'
         classpath 'org.grails.plugins:quartz:2.0.13'
+        classpath "gradle.plugin.com.github.william-hill-online:wiremock-gradle-plugin:0.4.3"
+        classpath "com.github.tomakehurst:wiremock-jre8-standalone:2.28.0"
     }
 }
 
@@ -27,6 +30,7 @@ apply plugin: "org.grails.grails-web"
 apply plugin:"com.github.erdi.webdriver-binaries"
 apply plugin: "com.bertramlabs.asset-pipeline"
 apply plugin: "org.grails.grails-gsp"
+apply plugin: "com.github.william-hill-online.wiremock"
 
 if (Boolean.valueOf(enableClover)) {
     apply from: "${project.projectDir}/gradle/clover.gradle"
@@ -81,6 +85,9 @@ dependencies {
     implementation "org.grails:grails-plugin-url-mappings"
     implementation "org.grails:grails-plugin-interceptors"
     implementation "org.grails.plugins:cache"
+    implementation "org.grails.plugins:cache-ehcache:3.0.0"
+    runtimeOnly "javax.xml.bind:jaxb-api:2.3.1"
+    runtimeOnly "org.glassfish.jaxb:jaxb-runtime:2.3.1"
     implementation "org.grails.plugins:async"
     implementation "org.grails:grails-async-gpars"
     implementation "org.grails.plugins:scaffolding"
@@ -129,14 +136,15 @@ dependencies {
     implementation 'org.apache.poi:poi-ooxml-schemas:4.1.2'
 
     implementation "org.grails.plugins:ala-admin-plugin:2.3.0"
-    implementation ("org.grails.plugins:ala-auth:5.1.1")
-    implementation "org.grails.plugins:ala-ws-security-plugin:4.1.2"
-    runtimeOnly "org.grails.plugins:ala-bootstrap3:4.2.0"
+    implementation ("org.grails.plugins:ala-auth:$alaSecurityLibsVersion")
+    implementation ("org.grails.plugins:ala-ws-plugin:$alaSecurityLibsVersion")
+    implementation "org.grails.plugins:ala-ws-security-plugin:$alaSecurityLibsVersion"
+    implementation "au.org.ala:userdetails-service-client:$alaSecurityLibsVersion"
+    runtimeOnly "org.grails.plugins:ala-bootstrap3:4.1.0"
 
     //    swagger API
     implementation 'au.org.ala.plugins:openapi:1.1.0'
 
-    implementation "au.org.ala:userdetails-service-client:1.5.0"
     implementation "org.codehaus.groovy.modules.http-builder:http-builder:0.7.1"
     implementation 'au.org.ala:ala-cas-client:2.5'
     runtimeOnly("org.springframework.boot:spring-boot-properties-migrator")
@@ -146,20 +154,20 @@ dependencies {
 
     if (!Boolean.valueOf(inplace)) {
         implementation "org.grails.plugins:ala-map-plugin:3.0.1"
-        implementation "org.grails.plugins:ecodata-client-plugin:6.0"
+        implementation "org.grails.plugins:ecodata-client-plugin:6.1-COGNITO-SNAPSHOT"
     }
 
     testCompileOnly "org.grails:grails-test-mixins:3.3.0"
     testImplementation "org.grails:grails-gorm-testing-support"
     testImplementation "org.mockito:mockito-core"
     testImplementation "org.grails:grails-web-testing-support"
     testImplementation "org.grails.plugins:geb"
-    testImplementation "org.seleniumhq.selenium:selenium-remote-driver:4.0.0"
-    testImplementation "org.seleniumhq.selenium:selenium-api:4.0.0"
-    testImplementation "org.seleniumhq.selenium:selenium-support:4.0.0"
-    testRuntimeOnly "org.seleniumhq.selenium:selenium-chrome-driver:4.0.0"
-    testRuntimeOnly "org.seleniumhq.selenium:selenium-firefox-driver:4.0.0"
-    testCompileOnly "com.github.tomakehurst:wiremock-jre8-standalone:2.28.0"
+    testImplementation "com.github.tomakehurst:wiremock-jre8-standalone:2.28.0"
+    testImplementation "org.seleniumhq.selenium:selenium-remote-driver:$seleniumVersion"
+    testImplementation "org.seleniumhq.selenium:selenium-api:$seleniumVersion"
+    testImplementation "org.seleniumhq.selenium:selenium-support:$seleniumVersion"
+    testRuntimeOnly "org.seleniumhq.selenium:selenium-chrome-driver:$seleniumVersion"
+    testRuntimeOnly "org.seleniumhq.selenium:selenium-firefox-driver:$seleniumVersion"
     testCompileOnly "com.codeborne:phantomjsdriver:1.3.0"
 }
 
@@ -236,29 +244,22 @@ tasks.withType(Test) {
     useJUnitPlatform()
 }
 
-webdriverBinaries {
-    if (!System.getenv().containsKey('GITHUB_ACTIONS')) {
-        chromedriver {
-            versionRegexp = '.*'
-            architecture = 'X86_64'
-            fallbackTo32Bit = true
-        }
-        geckodriver '0.30.0'
-    }
-}
-
 tasks.withType(Test) {
     systemProperty "geb.env", System.getProperty('geb.env')
     systemProperty "geb.build.reportsDir", reporting.file("geb/integrationTest")
-    if (!System.getenv().containsKey('GITHUB_ACTIONS')) {
-        systemProperty 'webdriver.chrome.driver', System.getProperty('webdriver.chrome.driver')
-        systemProperty 'webdriver.gecko.driver', System.getProperty('webdriver.gecko.driver')
-    } else {
-        systemProperty 'webdriver.chrome.driver', "${System.getenv('CHROMEWEBDRIVER')}/chromedriver"
-        systemProperty 'webdriver.gecko.driver', "${System.getenv('GECKOWEBDRIVER')}/geckodriver"
+    systemProperty 'webdriver.chrome.driver', System.getProperty('webdriver.chrome.driver')
+    systemProperty 'webdriver.gecko.driver', System.getProperty('webdriver.gecko.driver')
+    testLogging {
+        events "passed", "skipped", "failed"
+        exceptionFormat "full"
+        showStandardStreams true
     }
 }
 
+wiremock {
+    dir "${project.projectDir}/src/integration-test/resources/wiremock/"
+    params "--port=8018 --global-response-templating --local-response-templating"
+}
 
 assets {
     minifyJs = true

gradle.properties

@@ -1,7 +1,9 @@
-biocollectVersion=6.6.1-SNAPSHOT
+biocollectVersion=6.7-SNAPSHOT
 grailsVersion=5.1.9
 grailsGradlePluginVersion=5.1.5
 assetPipelineVersion=3.3.4
+alaSecurityLibsVersion=6.1.0
+seleniumVersion=4.9.0
 groovyVersion=3.0.7
 gorm.version=7.2.1
 org.gradle.jvmargs=-Dfile.encoding=UTF-8 -Xmx2048M

grails-app/conf/application.groovy

@@ -32,11 +32,13 @@ environments {
                 sender = "[email protected]"
                 debugUI = true
                 loggerLevel = "DEBUG"
+                auth.baseURL = "https://auth-test.ala.org.au"
         }
 
         test {
-                debugUI: false
-                loggerLevel: "DEBUG"
+                spring.autoconfigure.exclude="au.org.ala.ws.security.AlaWsSecurityConfiguration"
+                debugUI = false
+                loggerLevel = "DEBUG"
                 server.port = "8087"
                 grails.host = "http://devt.ala.org.au"
                 serverName = "${grails.host}:${server.port}"
@@ -46,15 +48,20 @@ environments {
                 app.default.hub='ala'
                 runWithNoExternalConfig = true
                 wiremock.port = 8018
+                grails.config.locations = []
+                security.oidc.discoveryUri = "http://localhost:${wiremock.port}/cas/oidc/.well-known"
+                security.oidc.allowUnsignedIdTokens = true
                 def casBaseUrl = "http://devt.ala.org.au:${wiremock.port}"
 
                 security.cas.appServerName=serverName
                 security.cas.contextPath=
                 security.cas.casServerName="${casBaseUrl}"
+                auth.baseURL = "${casBaseUrl}"
                 security.cas.casServerUrlPrefix="${casBaseUrl}/cas"
                 security.cas.loginUrl="${security.cas.casServerUrlPrefix}/login"
                 security.cas.casLoginUrl="${security.cas.casServerUrlPrefix}/login"
                 security.cas.logoutUrl="${security.cas.casServerUrlPrefix}/logout"
+                security.jwt.discoveryUri="${casBaseUrl}/cas/oidc/.well-known"
                 userDetails.url = "${casBaseUrl}/userdetails/userDetails/"
                 userDetailsSingleUrl = "${userDetails.Url}getUserDetails"
                 userDetailsUrl = "${userDetatails.url}getUserListFull"
@@ -66,6 +73,14 @@ environments {
                 ecodata.service.url = 'http://devt.ala.org.au:8080/ws'
                 pdfgen.baseURL = "http://devt.ala.org.au:${wiremock.port}/"
                 api_key='testapikey'
+                grails.cache.config = {
+                        diskStore {
+                                path '/tmp'
+                        }
+                        defaultCache {
+                                overflowToDisk false
+                        }
+                }
                 spatial.baseUrl = "http://localhost:${wiremock.port}"
                 spatial.baseURL = "http://localhost:${wiremock.port}"
                 spatial.geoserverUrl= spatial.baseUrl + "/geoserver"
@@ -86,9 +101,37 @@ environments {
                 sender = "[email protected]"
                 debugUI = false
                 loggerLevel = "INFO"
+                auth.baseURL = "https://auth.ala.org.au"
         }
 }
 
+casUrl = "${auth.baseURL}/cas/logout"
+appUrl = grails.serverURL
+
+security.cas.enabled = false
+security.cas.uriExclusionFilterPattern = ['/assets/.*','/uploads/.*']
+security.cas.uriFilterPattern = []
+security.cas.readOnlyOfficerRole= "ROLE_FC_READ_ONLY"
+security.cas.alaAdminRole = "ROLE_ADMIN"
+security.cas.officerRole = "ROLE_FC_OFFICER"
+security.cas.adminRole = "ROLE_FC_ADMIN"
+security.cas.casServerName= "${auth.baseURL}"
+security.cas.casServerLoginUrl= "${auth.baseURL}/cas/login"
+security.cas.casServerUrlPrefix= "${auth.baseURL}/cas"
+security.cas.logoutUrl= "${security.cas.casServerUrlPrefix}/logout"
+security.cas.loginUrl= "${security.cas.casServerUrlPrefix}/login"
+
+security.oidc.enabled= true
+security.oidc.discoveryUri= "${auth.baseURL}/cas/oidc/.well-known"
+security.oidc.clientId= "changeMe"
+security.oidc.secret= "changeMe"
+security.oidc.scope= "openid,profile,email,ala,roles"
+security.oidc.allowUnsignedIdTokens= true
+
+security.jwt.enabled= true
+security.jwt.discoveryUri= "${auth.baseURL}/cas/oidc/.well-known"
+security.jwt.fallbackToLegacyBehaviour= true
+
 dataAccessMethods = [
         "oasrdfs",
         "oaordfs",

grails-app/conf/application.yml

@@ -19,39 +19,6 @@ app:
       userId: "X-ALA-userId"
       hostName: "X-ALA-hostname"
 
-auth:
-  baseURL: "https://auth.ala.org.au"
-
-casUrl: "${auth.baseURL}/cas/logout"
-appUrl: "http://devt.ala.org.au:8087/"
-
-security:
-  cas:
-    enabled: false
-    uriExclusionFilterPattern: ['/assets/.*','/uploads/.*']
-    uriFilterPattern: []
-    readOnlyOfficerRole: "ROLE_FC_READ_ONLY"
-    alaAdminRole : "ROLE_ADMIN"
-    officerRole : "ROLE_FC_OFFICER"
-    adminRole : "ROLE_FC_ADMIN"
-    casServerName: "${auth.baseURL}"
-    casServerLoginUrl: "${auth.baseURL}/cas/login"
-    casServerUrlPrefix: "${auth.baseURL}/cas"
-    logoutUrl: "${security.cas.casServerUrlPrefix}/logout"
-    loginUrl: "${security.cas.casServerUrlPrefix}/login"
-
-  oidc:
-    enabled: true
-    discoveryUri: "${auth.baseURL}/cas/oidc/.well-known"
-    clientId: "changeMe"
-    secret: "changeMe"
-    scope: "openid,profile,email,ala,roles"
-    allowUnsignedIdTokens: true
-  jwt:
-    enabled: true
-    discoveryUri: "${auth.baseURL}/cas/oidc/.well-known"
-    fallbackToLegacyBehaviour: true
-
 #External URL
 aekosEnabled: false
 enableReporting: true
@@ -169,15 +136,8 @@ grails:
     codegen:
         defaultPackage: au.org.ala.biocollect
     cache:
-       defaults:
-          eternal: true
-          overflowToDisk: false
-          maxElementsInMemory: 20000
-          timeToLiveSeconds: 3600
-          name: 'vocabListCache'
        ehcache:
-            cacheManagerName : "${appName}-ehcache"
-            reloadable : false
+            ehcacheXmlLocation: 'classpath:biocollect-ehcache.xml'
     mime:
         file:
           extensions: true
@@ -342,5 +302,11 @@ bootstrap4:
 skin:
   layout: "bs4"
 
+---
+
+grails:
+  cors:
+    enabled: true
+
 fathom:
   enabled: true