Fix #852: Allow scoping operation to a single activation ID

- Add validation - Add API docs for swagger - Add foreignKey - Fix documentations
wultra · Nov 15, 2023 · 475efc2 · 475efc2
1 parent 1d24e02
commit 475efc2
Show file tree

Hide file tree

Showing 5 changed files with 58 additions and 11 deletions.
diff --git a/docs/PowerAuth-Server-1.6.0.md b/docs/PowerAuth-Server-1.6.0.md
@@ -22,9 +22,12 @@ existing `pa_application.id` and `pa_operation_application.operation_id` contain
 existing `pa_operation.id`. If necessary, manually remove orphaned records in `pa_operation_application`. Consider
 creating a backup before this operation.
 
-### Add application_id column
+### Add activation_id Column
 
-Add new column `application_id` to `pa_operation` table. Storing `application_id` brings enhancements for developers:
+Add a new column `activation_id` to the `pa_operation` table. This column is a foreign key that references
+the `activation_id` column in the `pa_activation` table. Storing the `activation_id` in the `pa_operation` table
+provides several enhancements for developers:
+
+* It allows the creation of a new operation tied to a specific mobile device, identified by its activation ID.
+* It ensures that the operation can only be approved on that specific mobile device, again identified by its activation ID.
 
-* Create a new operation on a specific mobile device (activation ID).
-* Approve the operation just on that specific mobile device (activation ID).
diff --git a/docs/WebServices-Methods.md b/docs/WebServices-Methods.md
@@ -2017,13 +2017,14 @@ REST endpoint: `POST /rest/v3/operation/create`
 | Type                  | Name                    | Description                                                                                      |
 |-----------------------|-------------------------|--------------------------------------------------------------------------------------------------|
 | `String`              | `userId`                | The identifier of the user                                                                       |
-| `String`              | `applicationId`         | An identifier of an application                                                                  |
+| `List<String>`        | `applications`          | List of associated applications                                                                  |
+| `String`              | `activationFlag`        | Activation flag associated with the operation                                                    |
 | `String`              | `templateName`          | Name of the template used for creating the operation                                             |
 | `Date`                | `timestampExpires`      | Timestamp of when the operation will expire, overrides expiration period from operation template |
 | `String`              | `externalId`            | External identifier of the operation, i.e., ID from transaction system                           |
 | `Map<String, String>` | `parameters`            | Parameters of the operation, will be filled to the operation data                                |
-| `Boolean`             | `proximityCheckEnabled` | Whether proximity check should be used. Overrides configuration from operation template.         |
-| `String`              | `activationId`          | Activation Id of a specific device.                                                              |
+| `Boolean`             | `proximityCheckEnabled` | Whether proximity check should be used, overrides configuration from operation template          |
+| `String`              | `activationId`          | Activation Id of a specific device                                                               |
 
 #### Response
 

diff --git a/docs/db/changelog/changesets/powerauth-java-server/1.6.x/20231112-add-activation-id.xml b/docs/db/changelog/changesets/powerauth-java-server/1.6.x/20231112-add-activation-id.xml
@@ -6,12 +6,32 @@
     <changeSet id="1" logicalFilePath="powerauth-java-server/1.6.x/20231112-add-activation-id.xml" author="Jan Dusil">
         <preConditions onFail="MARK_RAN">
             <not>
-                <columnExists tableName="pa_operation" columnName="activation_id" />
+                <columnExists tableName="pa_operation" columnName="activation_id"/>
             </not>
         </preConditions>
         <comment>Add activation_id column to pa_operation</comment>
         <addColumn tableName="pa_operation">
-            <column name="activation_id" type="varchar(37)" />
+            <column name="activation_id" type="varchar(37)"/>
         </addColumn>
     </changeSet>
+
+    <changeSet id="2" logicalFilePath="powerauth-java-server/1.6.x/20231112-add-fk-to-activation-id.xml"
+               author="Jan Dusil">
+        <preConditions onFail="MARK_RAN">
+            <tableExists tableName="pa_activation"/>
+            <tableExists tableName="pa_operation"/>
+            <columnExists tableName="pa_activation" columnName="activation_id"/>
+            <columnExists tableName="pa_operation" columnName="activation_id"/>
+            <not>
+                <foreignKeyConstraintExists foreignKeyTableName="pa_operation"
+                                            foreignKeyName="pa_operation_activation_id_fk"/>
+            </not>
+        </preConditions>
+        <comment>Add foreign key constraint to activation_id in pa_operation</comment>
+        <addForeignKeyConstraint constraintName="pa_operation_activation_id_fk"
+                                 baseTableName="pa_operation"
+                                 baseColumnNames="activation_id"
+                                 referencedTableName="pa_activation"
+                                 referencedColumnNames="activation_id"/>
+    </changeSet>
 </databaseChangeLog>
diff --git a/.../main/java/com/wultra/security/powerauth/client/model/request/OperationCreateRequest.java b/.../main/java/com/wultra/security/powerauth/client/model/request/OperationCreateRequest.java
@@ -18,6 +18,7 @@
 
 package com.wultra.security.powerauth.client.model.request;
 
+import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 
 import java.util.*;
@@ -30,14 +31,31 @@
 @Data
 public class OperationCreateRequest {
 
+    @Schema(description = "The identifier of the user", requiredMode = Schema.RequiredMode.REQUIRED)
     private String userId;
+
+    @Schema(description = "List of associated applications", requiredMode = Schema.RequiredMode.REQUIRED)
     private List<String> applications = new ArrayList<>();
+
+    @Schema(description = "Activation flag associated with the operation", requiredMode = Schema.RequiredMode.NOT_REQUIRED)
     private String activationFlag;
+
+    @Schema(description = "Name of the template used for creating the operation", requiredMode = Schema.RequiredMode.REQUIRED)
     private String templateName;
+
+    @Schema(description = "Timestamp of when the operation will expire, overrides expiration period from operation template", requiredMode = Schema.RequiredMode.NOT_REQUIRED)
     private Date timestampExpires;
+
+    @Schema(description = "External identifier of the operation, i.e., ID from transaction system", requiredMode = Schema.RequiredMode.NOT_REQUIRED)
     private String externalId;
+
+    @Schema(description = "Parameters of the operation, will be filled to the operation data", requiredMode = Schema.RequiredMode.NOT_REQUIRED)
     private final Map<String, String> parameters = new LinkedHashMap<>();
+
+    @Schema(description = "Whether proximity check should be used, overrides configuration from operation template", requiredMode = Schema.RequiredMode.NOT_REQUIRED)
     private Boolean proximityCheckEnabled;
+
+    @Schema(description = "Activation Id of a specific device", requiredMode = Schema.RequiredMode.NOT_REQUIRED, maxLength = 37)
     private String activationId;
 
 }
diff --git a/...com/wultra/security/powerauth/client/model/validator/OperationCreateRequestValidator.java b/...com/wultra/security/powerauth/client/model/validator/OperationCreateRequestValidator.java
@@ -27,11 +27,13 @@
  */
 public class OperationCreateRequestValidator {
 
+    private static final int MAX_ACTIVATION_ID_LENGTH = 37;
+
     public static String validate(OperationCreateRequest source) {
         if (source == null) {
-            return "Operation create request must not be null";
+            return "Operation create request must not be null when creating operation";
         }
-        if (source.getApplications() == null || source.getApplications().size() == 0) {
+        if (source.getApplications() == null || source.getApplications().isEmpty()) {
             return "Application ID list must not be null or empty when creating operation";
         }
         if (source.getUserId() == null) {
@@ -46,6 +48,9 @@ public static String validate(OperationCreateRequest source) {
         if (source.getTemplateName().isEmpty()) {
             return "Template name must not be empty when creating operation";
         }
+        if (source.getActivationId() != null && source.getActivationId().length() > MAX_ACTIVATION_ID_LENGTH) {
+            return "Activation ID must not exceed 37 characters when creating operation";
+        }
         return null;
     }