[ID-57]Ability to block/blacklist specific Webtools events (#59)

* add webtoolsBlascklistItems and WebtoolsEventID model

* set the docs for create webtools blacklist

* structure the create blacklist API and fix some docs

* set the permission

* create webtools blacklist API

* fix and set the docs for the GET webtools vlacklist API

* set the GET webtools blacklist API

* add the docs for the delete webtools items

* structure the delete webtools API

* add remove webtools blacklist data API

* in progress

* if DataSourceEventID is blacklisted doesn't show

* add the Changelog.md

* secrets

* fix data to data_source_ids

* add data_calendar_ids to the docs

* add data_calendar_ids to the add webtools blacklist

* add calendar_ids to the webtools blacklist DELETE api

* add the secrets

* resolve "Let's be webtools-blacklist instead of webtoolsblacklist" coment

* in progress

* fix add and remove APIs

* fix

* secrets

* Fix permission path

* It is array of items

* Keep the items unique

* Do not merge the blacklist ids as they are different

* Check is blacklisted

* Check is blacklisted - part 2.

---------

Co-authored-by: Stefan Vitanov <[email protected]>
Co-authored-by: Petyo Stoyanov <[email protected]>

.secrets.baseline

@@ -145,7 +145,7 @@
         "filename": "driver/web/adapter.go",
         "hashed_secret": "a7d09aaaf55864f7ce39a7715aabed433c3fe661",
         "is_verified": false,
-        "line_number": 228
+        "line_number": 232
       }
     ],
     "driver/web/auth.go": [
@@ -172,5 +172,5 @@
       }
     ]
   },
-  "generated_at": "2024-03-15T11:09:08Z"
+  "generated_at": "2024-03-28T07:54:12Z"
 }

CHANGELOG.md

@@ -5,6 +5,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Added
+- Ability to block/blacklist specific Webtools events [#57](https://github.com/rokwire/gateway-building-block/issues/57)
+
 [2.3.2] - 2024-03-27
 - Increase webtools transaction timeout
 

core/apis_admin.go

@@ -193,6 +193,33 @@ func (a appAdmin) DeleteConfig(id string, claims *tokenauth.Claims) error {
 	return nil
 }
 
+func (a appAdmin) AddWebtoolsBlackList(dataSourceIDs []string, dataCalendarIDs []string) error {
+	err := a.app.storage.AddWebtoolsBlacklistData(dataSourceIDs, dataCalendarIDs)
+	if err != nil {
+		return nil
+	}
+
+	return nil
+}
+
+func (a appAdmin) GetWebtoolsBlackList() ([]model.WebToolsItem, error) {
+
+	blacklist, err := a.app.storage.FindWebtoolsBlacklistData()
+	if err != nil {
+		return nil, errors.WrapErrorAction(logutils.ActionInsert, model.TypeConfig, nil, err)
+	}
+	return blacklist, nil
+}
+
+func (a appAdmin) RemoveWebtoolsBlackList(sourceIds []string, calendarids []string) error {
+	err := a.app.storage.RemoveWebtoolsBlacklistData(sourceIds, calendarids)
+	if err != nil {
+		return nil
+	}
+
+	return nil
+}
+
 // newAppAdmin creates new appAdmin
 func newAppAdmin(app *Application) appAdmin {
 	return appAdmin{app: app}

core/apis_bbs.go

@@ -90,15 +90,50 @@ func (a appBBs) DeleteAppointment(uin string, providerid int, sourceid string, a
 	}
 	return ret, nil
 }
+
 func (a appBBs) GetLegacyEvents() ([]model.LegacyEvent, error) {
 
 	leEvents, err := a.app.storage.FindAllLegacyEvents()
 	if err != nil {
 		return nil, err
 	}
 
-	return leEvents, nil
+	blacklist, err := a.app.storage.FindWebtoolsBlacklistData()
+	if err != nil {
+		return nil, err
+	}
+
+	var newLegacyEvents []model.LegacyEvent
+	for _, le := range leEvents {
 
+		isBlacklisted := a.isBlacklisted(blacklist, le)
+		if !isBlacklisted {
+			newLegacyEvents = append(newLegacyEvents, le)
+		}
+	}
+
+	return newLegacyEvents, nil
+
+}
+
+func (a appBBs) isBlacklisted(blacklists []model.WebToolsItem, event model.LegacyEvent) bool {
+	for _, blacklist := range blacklists {
+		switch blacklist.Name {
+		case "webtools_events_ids":
+			for _, id := range blacklist.Data {
+				if event.DataSourceEventID == id {
+					return true
+				}
+			}
+		case "webtools_calendar_ids":
+			for _, id := range blacklist.Data {
+				if event.CalendarID == id {
+					return true
+				}
+			}
+		}
+	}
+	return false
 }
 
 // newAppBBs creates new appBBs

core/interfaces.go

@@ -60,6 +60,9 @@ type Admin interface {
 	CreateConfig(config model.Config, claims *tokenauth.Claims) (*model.Config, error)
 	UpdateConfig(config model.Config, claims *tokenauth.Claims) error
 	DeleteConfig(id string, claims *tokenauth.Claims) error
+	AddWebtoolsBlackList(dataSourceIDs []string, dataCalendarIDs []string) error
+	GetWebtoolsBlackList() ([]model.WebToolsItem, error)
+	RemoveWebtoolsBlackList(sourceids []string, calendarids []string) error
 }
 
 // BBs exposes Building Block APIs for the driver adapters
@@ -127,6 +130,10 @@ type Storage interface {
 	DeleteLegacyEventsByIDs(context storage.TransactionContext, Ids map[string]string) error
 	DeleteLegacyEventsByIDsAndCreator(context storage.TransactionContext, ids []string, accountID string) error
 	FindAllLegacyEvents() ([]model.LegacyEvent, error)
+
+	FindWebtoolsBlacklistData() ([]model.WebToolsItem, error)
+	AddWebtoolsBlacklistData(dataSourceIDs []string, dataCalendarIDs []string) error
+	RemoveWebtoolsBlacklistData(dataSourceIDs []string, dataCalendarIDs []string) error
 }
 
 // StorageListener represents storage listener

core/model/legacyEvents.go

@@ -93,6 +93,12 @@ type WebToolsEvent struct {
 	} `xml:"topic"`
 }
 
+// WebToolsItem represents web tools blacklist ids
+type WebToolsItem struct {
+	Name string   `json:"name" bson:"name"`
+	Data []string `json:"data" bson:"data"`
+}
+
 // LegacyEvent wrapper
 type LegacyEvent struct {
 	AllDay                bool            `json:"allDay" bson:"allDay"`

driven/storage/adapter.go

@@ -369,6 +369,78 @@ func (a *Adapter) FindAllLegacyEvents() ([]model.LegacyEvent, error) {
 	return legacyEvents, err
 }
 
+// AddWebtoolsBlacklistData update data from the database
+func (a *Adapter) AddWebtoolsBlacklistData(dataSourceIDs []string, dataCalendarIDs []string) error {
+	filterSource := bson.M{"name": "webtools_events_ids"}
+	updateSource := bson.M{
+		"$addToSet": bson.M{
+			"data": bson.M{"$each": dataSourceIDs},
+		},
+	}
+
+	_, err := a.db.webtoolsBlacklistItems.UpdateOne(a.context, filterSource, updateSource, nil)
+	if err != nil {
+		return errors.WrapErrorAction(logutils.ActionUpdate, model.TypeExample, filterArgs(filterSource), err)
+	}
+
+	filterCalendar := bson.M{"name": "webtools_calendar_ids"}
+	updateCalendar := bson.M{
+		"$addToSet": bson.M{
+			"data": bson.M{"$each": dataCalendarIDs},
+		},
+	}
+
+	_, err = a.db.webtoolsBlacklistItems.UpdateOne(a.context, filterCalendar, updateCalendar, nil)
+	if err != nil {
+		return errors.WrapErrorAction(logutils.ActionUpdate, model.TypeExample, filterArgs(filterCalendar), err)
+	}
+
+	return nil
+
+}
+
+// RemoveWebtoolsBlacklistData update data from the database
+func (a *Adapter) RemoveWebtoolsBlacklistData(dataSourceIDs []string, dataCalendarIDs []string) error {
+	filterSource := bson.M{"name": "webtools_events_ids"}
+	updateSource := bson.M{
+		"$pull": bson.M{
+			"data": bson.M{"$in": dataSourceIDs},
+		},
+	}
+
+	_, err := a.db.webtoolsBlacklistItems.UpdateOne(a.context, filterSource, updateSource, nil)
+	if err != nil {
+		return errors.WrapErrorAction(logutils.ActionUpdate, model.TypeExample, filterArgs(filterSource), err)
+	}
+
+	filterCalendar := bson.M{"name": "webtools_calendar_ids"}
+	updateCalendar := bson.M{
+		"$pull": bson.M{
+			"data": bson.M{"$in": dataCalendarIDs},
+		},
+	}
+
+	_, err = a.db.webtoolsBlacklistItems.UpdateOne(a.context, filterCalendar, updateCalendar, nil)
+	if err != nil {
+		return errors.WrapErrorAction(logutils.ActionUpdate, model.TypeExample, filterArgs(filterCalendar), err)
+	}
+
+	return nil
+
+}
+
+// FindWebtoolsBlacklistData finds all webtools blacklist from the database
+func (a *Adapter) FindWebtoolsBlacklistData() ([]model.WebToolsItem, error) {
+	filterSource := bson.M{}
+	var dataSource []model.WebToolsItem
+	err := a.db.webtoolsBlacklistItems.Find(a.context, filterSource, &dataSource, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return dataSource, nil
+}
+
 // PerformTransaction performs a transaction
 func (a *Adapter) PerformTransaction(transaction func(context TransactionContext) error, timeoutMilliSeconds int64) error {
 	// transaction

driven/storage/database.go

@@ -43,8 +43,9 @@ type database struct {
 	examples      *collectionWrapper
 	unitcalendars *collectionWrapper
 
-	legacyEvents    *collectionWrapper
-	legacyLocations *collectionWrapper
+	legacyEvents           *collectionWrapper
+	legacyLocations        *collectionWrapper
+	webtoolsBlacklistItems *collectionWrapper
 
 	listeners []Listener
 }
@@ -105,6 +106,12 @@ func (d *database) start() error {
 		return err
 	}
 
+	webtoolsBlacklistItems := &collectionWrapper{database: d, coll: db.Collection("webtools_blacklist_items")}
+	err = d.applyWebtoolsBlacklistItemsChecks(webtoolsBlacklistItems)
+	if err != nil {
+		return err
+	}
+
 	//assign the db, db client and the collections
 	d.db = db
 	d.dbClient = client
@@ -115,6 +122,7 @@ func (d *database) start() error {
 	d.legacyEvents = legacyEvents
 	d.unitcalendars = unitcalendars
 	d.legacyLocations = legacyLocations
+	d.webtoolsBlacklistItems = webtoolsBlacklistItems
 
 	go d.configs.Watch(nil, d.logger)
 
@@ -185,6 +193,13 @@ func (d *database) applyLegacyLocationsChecks(locations *collectionWrapper) erro
 	return nil
 }
 
+func (d *database) applyWebtoolsBlacklistItemsChecks(webtoolsBlacklistItems *collectionWrapper) error {
+	d.logger.Info("apply webtools_blacklist_items checks.....")
+
+	d.logger.Info("legacy webtools_blacklist_items passed")
+	return nil
+}
+
 func (d *database) onDataChanged(changeDoc map[string]interface{}) {
 	if changeDoc == nil {
 		return

driver/web/adapter.go

@@ -106,6 +106,10 @@ func (a Adapter) Start() {
 	adminRouter.HandleFunc("/configs/{id}", a.wrapFunc(a.adminAPIsHandler.updateConfig, a.auth.admin.Permissions)).Methods("PUT")
 	adminRouter.HandleFunc("/configs/{id}", a.wrapFunc(a.adminAPIsHandler.deleteConfig, a.auth.admin.Permissions)).Methods("DELETE")
 
+	adminRouter.HandleFunc("/webtools-blacklist", a.wrapFunc(a.adminAPIsHandler.addwebtoolsblacklist, a.auth.admin.Permissions)).Methods("PUT")
+	adminRouter.HandleFunc("/webtools-blacklist", a.wrapFunc(a.adminAPIsHandler.getwebtoolsblacklist, a.auth.admin.Permissions)).Methods("GET")
+	adminRouter.HandleFunc("/webtools-blacklist", a.wrapFunc(a.adminAPIsHandler.removewebtoolsblacklist, a.auth.admin.Permissions)).Methods("DELETE")
+
 	// BB APIs
 	bbsRouter := mainRouter.PathPrefix("/bbs").Subrouter()
 	bbsRouter.HandleFunc("/examples/{id}", a.wrapFunc(a.bbsAPIsHandler.getExample, a.auth.bbs.Permissions)).Methods("GET")

driver/web/admin_permission_policy.csv

@@ -15,3 +15,5 @@ p, update_configs_gateway, /gateway/api/admin/configs/*, (GET)|(PUT), Update gat
 p, update_configs_gateway, /gateway/api/admin/configs, (GET)|(POST),
 p, delete_configs_gateway, /gateway/api/admin/configs/*, (GET)|(DELETE), Delete gateway configs
 p, delete_configs_gateway, /gateway/api/admin/configs, (GET),
+
+p, webtools_blacklist, /gateway/api/admin/webtools-blacklist, (GET)|(POST)|(PUT)|(DELETE), Webtools blacklist actions

driver/web/apis_admin.go

@@ -17,8 +17,10 @@ package web
 import (
 	"application/core"
 	"application/core/model"
+	Def "application/driver/web/docs/gen"
 	"encoding/json"
 	"net/http"
+	"strings"
 
 	"github.com/gorilla/mux"
 	"github.com/rokwire/core-auth-library-go/v3/authutils"
@@ -235,6 +237,81 @@ func (h AdminAPIsHandler) deleteConfig(l *logs.Log, r *http.Request, claims *tok
 	return l.HTTPResponseSuccess()
 }
 
+func (h AdminAPIsHandler) addwebtoolsblacklist(l *logs.Log, r *http.Request, claims *tokenauth.Claims) logs.HTTPResponse {
+	var requestData Def.PutApiAdminWebtoolsBlacklistJSONBody
+	err := json.NewDecoder(r.Body).Decode(&requestData)
+	if err != nil {
+		return l.HTTPResponseErrorAction(logutils.ActionUnmarshal, logutils.TypeRequestBody, nil, err, http.StatusBadRequest, true)
+	}
+
+	var dataSourceIDs []string
+	for _, w := range *requestData.DataSourceIds {
+		if w != "" {
+			dataSourceIDs = append(dataSourceIDs, w)
+		} else {
+			dataSourceIDs = nil
+		}
+	}
+
+	var dataCalendarIDs []string
+	for _, w := range *requestData.DataCalendarIds {
+		if w != "" {
+			dataCalendarIDs = append(dataCalendarIDs, w)
+		} else {
+			dataCalendarIDs = nil
+		}
+	}
+
+	err = h.app.Admin.AddWebtoolsBlackList(dataSourceIDs, dataCalendarIDs)
+	if err != nil {
+		return l.HTTPResponseErrorAction(logutils.ActionCreate, model.TypeConfig, nil, err, http.StatusInternalServerError, true)
+	}
+
+	return l.HTTPResponseSuccess()
+}
+
+func (h AdminAPIsHandler) getwebtoolsblacklist(l *logs.Log, r *http.Request, claims *tokenauth.Claims) logs.HTTPResponse {
+
+	blacklist, err := h.app.Admin.GetWebtoolsBlackList()
+	if err != nil {
+		return l.HTTPResponseErrorAction(logutils.ActionCreate, model.TypeConfig, nil, err, http.StatusInternalServerError, true)
+	}
+
+	data, err := json.Marshal(blacklist)
+	if err != nil {
+		return l.HTTPResponseErrorAction(logutils.ActionMarshal, model.TypeConfig, nil, err, http.StatusInternalServerError, false)
+	}
+
+	return l.HTTPResponseSuccessJSON(data)
+}
+
+func (h AdminAPIsHandler) removewebtoolsblacklist(l *logs.Log, r *http.Request, claims *tokenauth.Claims) logs.HTTPResponse {
+	var sourceIdsList []string
+	sourceIdsArg := r.URL.Query().Get("source_ids")
+
+	if sourceIdsArg != "" {
+		sourceIdsList = strings.Split(sourceIdsArg, ",")
+	} else {
+		sourceIdsList = nil
+	}
+
+	var calendarIdsList []string
+	calendarIdsArg := r.URL.Query().Get("calendar_ids")
+
+	if calendarIdsArg != "" {
+		calendarIdsList = strings.Split(calendarIdsArg, ",")
+	} else {
+		calendarIdsList = nil
+	}
+
+	err := h.app.Admin.RemoveWebtoolsBlackList(sourceIdsList, calendarIdsList)
+	if err != nil {
+		return l.HTTPResponseErrorAction(logutils.ActionCreate, model.TypeConfig, nil, err, http.StatusInternalServerError, true)
+	}
+
+	return l.HTTPResponseSuccess()
+}
+
 // NewAdminAPIsHandler creates new rest Handler instance
 func NewAdminAPIsHandler(app *core.Application) AdminAPIsHandler {
 	return AdminAPIsHandler{app: app}