feat: implement Trust Mark Definitions

Sphereon-Opensource · Dec 19, 2024 · 644f5b1 · 644f5b1
1 parent b67d8d0
commit 644f5b1
Show file tree

Hide file tree

Showing 22 changed files with 583 additions and 101 deletions.
diff --git a/...ain/kotlin/com/sphereon/oid/fed/server/admin/controllers/TrustMarkDefinitionController.kt b/...ain/kotlin/com/sphereon/oid/fed/server/admin/controllers/TrustMarkDefinitionController.kt
@@ -0,0 +1,60 @@
+package com.sphereon.oid.fed.server.admin.controllers
+
+import com.sphereon.oid.fed.openapi.models.CreateTrustMarkDefinitionDTO
+import com.sphereon.oid.fed.openapi.models.TrustMarkDefinitionDTO
+import com.sphereon.oid.fed.openapi.models.UpdateTrustMarkDefinitionDTO
+import com.sphereon.oid.fed.services.AccountService
+import com.sphereon.oid.fed.services.TrustMarkService
+import org.springframework.web.bind.annotation.DeleteMapping
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.PathVariable
+import org.springframework.web.bind.annotation.PostMapping
+import org.springframework.web.bind.annotation.PutMapping
+import org.springframework.web.bind.annotation.RequestBody
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RestController
+
+@RestController
+@RequestMapping("/accounts/{username}/trust-mark-definitions")
+class TrustMarkDefinitionController {
+    private val accountService = AccountService()
+    private val trustMarkService = TrustMarkService()
+
+    @GetMapping
+    fun getTrustMarkDefinitions(@PathVariable username: String): List<TrustMarkDefinitionDTO> {
+        return trustMarkService.findAllByAccount(accountService.usernameToAccountId(username))
+    }
+
+    @PostMapping
+    fun createTrustMarkDefinition(
+        @PathVariable username: String,
+        @RequestBody createDto: CreateTrustMarkDefinitionDTO
+    ): TrustMarkDefinitionDTO {
+        return trustMarkService.createTrustMarkDefinition(accountService.usernameToAccountId(username), createDto)
+    }
+
+    @GetMapping("/{id}")
+    fun getTrustMarkDefinitionById(
+        @PathVariable username: String,
+        @PathVariable id: Int
+    ): TrustMarkDefinitionDTO {
+        return trustMarkService.findById(accountService.usernameToAccountId(username), id)
+    }
+
+    @PutMapping("/{id}")
+    fun updateTrustMarkDefinition(
+        @PathVariable username: String,
+        @PathVariable id: Int,
+        @RequestBody updateDto: UpdateTrustMarkDefinitionDTO
+    ): TrustMarkDefinitionDTO {
+        return trustMarkService.updateTrustMarkDefinition(accountService.usernameToAccountId(username), id, updateDto)
+    }
+
+    @DeleteMapping("/{id}")
+    fun deleteTrustMarkDefinition(
+        @PathVariable username: String,
+        @PathVariable id: Int
+    ): TrustMarkDefinitionDTO {
+        return trustMarkService.deleteTrustMarkDefinition(accountService.usernameToAccountId(username), id)
+    }
+}
diff --git a/modules/openapi/src/commonMain/kotlin/com/sphereon/oid/fed/openapi/openapi.yaml b/modules/openapi/src/commonMain/kotlin/com/sphereon/oid/fed/openapi/openapi.yaml
@@ -1441,6 +1441,123 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/ErrorResponse'
+  '/accounts/{username}/trust-mark-definitions':
+    get:
+      summary: Get all Trust Mark Definitions
+      tags:
+        - admin
+      parameters:
+        - name: username
+          in: path
+          required: true
+          schema:
+            type: string
+          description: The username of the tenant account.
+      responses:
+        '200':
+          description: List of trust mark definitions
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/TrustMarkDefinitionDTO'
+
+    post:
+      summary: Create a Trust Mark Definition
+      tags:
+        - admin
+      parameters:
+        - name: username
+          in: path
+          required: true
+          schema:
+            type: string
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/CreateTrustMarkDefinitionDTO'
+      responses:
+        '201':
+          description: Trust mark definition created
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/TrustMarkDefinitionDTO'
+
+  '/accounts/{username}/trust-mark-definitions/{id}':
+    get:
+      summary: Get a Trust Mark Definition by ID
+      tags:
+        - admin
+      parameters:
+        - name: username
+          in: path
+          required: true
+          schema:
+            type: string
+        - name: id
+          in: path
+          required: true
+          schema:
+            type: integer
+      responses:
+        '200':
+          description: Trust mark definition details
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/TrustMarkDefinitionDTO'
+    put:
+      summary: Update a Trust Mark Definition
+      tags:
+        - admin
+      parameters:
+        - name: username
+          in: path
+          required: true
+          schema:
+            type: string
+        - name: id
+          in: path
+          required: true
+          schema:
+            type: integer
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/CreateTrustMarkDefinitionDTO'
+      responses:
+        '200':
+          description: Trust mark definition updated
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/TrustMarkDefinitionDTO'
+
+    delete:
+      summary: Delete a Trust Mark Definition
+      tags:
+        - admin
+      parameters:
+        - name: username
+          in: path
+          required: true
+          schema:
+            type: string
+        - name: id
+          in: path
+          required: true
+          schema:
+            type: integer
+      responses:
+        '204':
+          description: Trust mark definition deleted
+
   '/accounts/{username}/trust-marks':
     post:
       tags:
@@ -3713,3 +3830,74 @@ components:
           description: The identifier of the authority hint.
       required:
         - identifier
+    CreateTrustMarkDefinitionDTO:
+      type: object
+      x-tags:
+        - federation
+      properties:
+        identifier:
+          type: string
+          description: The unique identifier for the Trust Mark Definition.
+          example: "example-identifier"
+        name:
+          type: string
+          description: A human-readable name for the Trust Mark Definition.
+          example: "Example Trust Mark"
+        description:
+          type: string
+          description: A detailed description of the Trust Mark Definition.
+          example: "This is a trust mark for demonstrating compliance with XYZ standards."
+      required:
+        - identifier
+        - name
+    UpdateTrustMarkDefinitionDTO:
+      type: object
+      x-tags:
+        - federation
+      properties:
+        name:
+          type: string
+          description: A human-readable name for the Trust Mark Definition.
+          example: "Example Trust Mark"
+        description:
+          type: string
+          description: A detailed description of the Trust Mark Definition.
+          example: "This is a trust mark for demonstrating compliance with XYZ standards."
+    TrustMarkDefinitionDTO:
+      type: object
+      x-tags:
+        - federation
+      properties:
+        id:
+          type: integer
+          description: The unique identifier of the Trust Mark Definition.
+          example: 123
+        identifier:
+          type: string
+          description: The unique identifier for the Trust Mark Definition.
+          example: "https://www.example.com/oidf/trustmark/underageSafetyVerified"
+        name:
+          type: string
+          description: A human-readable name for the Trust Mark Definition.
+          example: "Example Trust Mark"
+        description:
+          type: string
+          description: A detailed description of the Trust Mark Definition.
+          example: "This is a trust mark for demonstrating compliance with XYZ standards."
+        createdAt:
+          type: string
+          format: date-time
+          description: The timestamp when the Trust Mark Definition was created.
+          example: "2024-12-01T12:00:00Z"
+        updatedAt:
+          type: string
+          format: date-time
+          description: The timestamp when the Trust Mark Definition was last updated.
+          example: "2024-12-15T15:30:00Z"
+          nullable: true
+      required:
+        - id
+        - identifier
+        - name
+        - issuerPolicy
+        - createdAt
diff --git a/modules/persistence/src/commonMain/kotlin/com/sphereon/oid/fed/persistence/Persistence.kt b/modules/persistence/src/commonMain/kotlin/com/sphereon/oid/fed/persistence/Persistence.kt
@@ -10,6 +10,7 @@ import com.sphereon.oid.fed.persistence.models.SubordinateJwkQueries
 import com.sphereon.oid.fed.persistence.models.SubordinateMetadataQueries
 import com.sphereon.oid.fed.persistence.models.SubordinateQueries
 import com.sphereon.oid.fed.persistence.models.SubordinateStatementQueries
+import com.sphereon.oid.fed.persistence.models.TrustMarkDefinitionQueries
 
 expect object Persistence {
     val entityConfigurationStatementQueries: EntityConfigurationStatementQueries
@@ -22,4 +23,5 @@ expect object Persistence {
     val subordinateStatementQueries: SubordinateStatementQueries
     val subordinateJwkQueries: SubordinateJwkQueries
     val subordinateMetadataQueries: SubordinateMetadataQueries
+    val trustMarkDefinitionQueries: TrustMarkDefinitionQueries
 }
diff --git a/modules/persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/1.sqm b/modules/persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/1.sqm
@@ -1,6 +1,7 @@
 CREATE TABLE Account (
     id SERIAL PRIMARY KEY,
     username VARCHAR(255) UNIQUE NOT NULL,
+    identifier TEXT,
     created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
     updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
     deleted_at TIMESTAMP

diff --git a/modules/persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/10.sqm b/modules/persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/10.sqm
@@ -10,3 +10,10 @@ CREATE TABLE SubordinateMetadata (
 );
 
 CREATE INDEX subordinate_metadata_account_id_index ON SubordinateMetadata (account_id);
+CREATE INDEX subordinate_metadata_subordinate_id_index ON SubordinateMetadata (subordinate_id);
+CREATE INDEX subordinate_metadata_account_id_subordinate_id_deleted_at_index
+ON SubordinateMetadata (account_id, subordinate_id, deleted_at);
+
+CREATE UNIQUE INDEX unique_account_subordinate_key_active
+ON SubordinateMetadata (account_id, subordinate_id, key)
+WHERE deleted_at IS NULL;
diff --git a/modules/persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/11.sqm b/modules/persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/11.sqm
@@ -1 +1,19 @@
-ALTER TABLE Account ADD COLUMN identifier VARCHAR(255) NULL;
+CREATE TABLE TrustMarkDefinition (
+    id SERIAL PRIMARY KEY,
+    account_id INT NOT NULL,
+    identifier TEXT NOT NULL,
+    name TEXT NOT NULL,
+    description TEXT,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    deleted_at TIMESTAMP,
+    CONSTRAINT FK_AccountTrustMarkDefinition FOREIGN KEY (account_id) REFERENCES Account (id) ON DELETE CASCADE
+);
+
+CREATE UNIQUE INDEX unique_account_identifier_active
+ON TrustMarkDefinition (account_id, identifier)
+WHERE deleted_at IS NULL;
+
+CREATE INDEX idx_trustmarkdefinitions_account_id ON TrustMarkDefinition (account_id);
+
+CREATE INDEX idx_trustmarkdefinitions_deleted_at ON TrustMarkDefinition (deleted_at);
diff --git a/modules/persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/3.sqm b/modules/persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/3.sqm
@@ -4,9 +4,15 @@ CREATE TABLE Subordinate (
     identifier TEXT NOT NULL,
     created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
     deleted_at TIMESTAMP,
-    CONSTRAINT FK_ParentSubordinate FOREIGN KEY (account_id) REFERENCES Account (id),
-    UNIQUE (account_id, identifier)
+    CONSTRAINT FK_ParentSubordinate FOREIGN KEY (account_id) REFERENCES Account (id)
 );
 
-CREATE INDEX subordinate_account_id_index ON Subordinate (account_id);
-CREATE INDEX subordinate_account_id_subordinate_identifier_index ON Subordinate (account_id, identifier);
+CREATE INDEX subordinate_account_id_index
+ON Subordinate (account_id);
+
+CREATE UNIQUE INDEX unique_account_id_identifier_active
+ON Subordinate (account_id, identifier)
+WHERE deleted_at IS NULL;
+
+CREATE INDEX subordinate_account_id_deleted_at_index
+ON Subordinate (account_id, deleted_at);
diff --git a/.../persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/Account.sq b/.../persistence/src/commonMain/sqldelight/com/sphereon/oid/fed/persistence/models/Account.sq
@@ -1,17 +1,21 @@
 findAll:
-SELECT * FROM Account WHERE deleted_at IS NULL;
+SELECT *
+FROM Account
+WHERE deleted_at IS NULL;
 
 create:
-INSERT INTO Account (username, identifier) VALUES (?, ?) RETURNING *;
+INSERT INTO Account (username, identifier)
+VALUES (?, ?)
+RETURNING *;
 
 delete:
-UPDATE Account SET deleted_at = CURRENT_TIMESTAMP WHERE id = ? RETURNING *;
+UPDATE Account
+SET deleted_at = CURRENT_TIMESTAMP
+WHERE id = ?
+RETURNING *;
 
 findByUsername:
-SELECT * FROM Account WHERE username = ? AND deleted_at IS NULL;
-
-findById:
-SELECT * FROM Account WHERE id = ? AND deleted_at IS NULL;
-
-update:
-UPDATE Account SET username = ? WHERE id = ? AND deleted_at IS NULL RETURNING *;
+SELECT *
+FROM Account
+WHERE username = ?
+AND deleted_at IS NULL;