Impl. file upload endpoint

build.gradle

@@ -41,6 +41,7 @@ ext {
  radarSpringAuthVersion = '1.2.1'
  springSecurityVersion = '6.0.2'
  hibernateValidatorVersion = '8.0.0.Final'
+ minioVersion = '8.5.10'
 }
 
 sourceSets {
@@ -65,6 +66,7 @@ dependencies {
  implementation('org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure:' + springBootVersion)
  implementation('org.springframework.security.oauth:spring-security-oauth2:' + springOauth2Version)
  runtimeOnly("org.hibernate.validator:hibernate-validator:$hibernateValidatorVersion")
+ implementation("io.minio:minio:$minioVersion")
 
  // Open API spec
  implementation(group: 'org.springdoc', name: 'springdoc-openapi-starter-webmvc-ui', version: springDocVersion)

src/main/java/org/radarbase/appserver/config/ApplicationConfig.java

@@ -31,7 +31,7 @@
 
 @Configuration
 @EnableJpaAuditing
-@EnableConfigurationProperties({FcmServerConfig.class})
+@EnableConfigurationProperties({FcmServerConfig.class, S3StorageProperties.class})
 @EnableTransactionManagement
 @EnableAsync
 @EnableScheduling

src/main/java/org/radarbase/appserver/config/S3StorageProperties.java

@@ -0,0 +1,38 @@
+/*
+ *
+ * * Copyright 2024 The Hyve
+ * *
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ *
+ */
+
+package org.radarbase.appserver.config;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@Data
+@ConfigurationProperties("radar.storage.s3")
+public class S3StorageProperties {
+ private String url;
+ private String accessKey;
+ private String secretKey;
+ private String bucketName;
+ private Path path = new Path();
+
+ @Data
+ public static class Path {
+ private String prefix;
+ private boolean collectPerDay;
+ }
+}

src/main/java/org/radarbase/appserver/controller/PathsUtil.java

@@ -30,11 +30,14 @@ public class PathsUtil {
 
  public static final String USER_PATH = "users";
  public static final String PROJECT_PATH = "projects";
+ public static final String TOPIC_PATH = "topics";
+ public static final String FILE_PATH = "files";
  public static final String MESSAGING_NOTIFICATION_PATH = "messaging/notifications";
  public static final String MESSAGING_DATA_PATH = "messaging/data";
  public static final String PROTOCOL_PATH = "protocols";
  public static final String PROJECT_ID_CONSTANT = "{projectId}";
  public static final String SUBJECT_ID_CONSTANT = "{subjectId}";
+ public static final String TOPIC_ID_CONSTANT = "{topicId}";
  public static final String NOTIFICATION_ID_CONSTANT = "{notificationId}";
  public static final String NOTIFICATION_STATE_EVENTS_PATH = "state_events";
  public static final String QUESTIONNAIRE_SCHEDULE_PATH = "questionnaire/schedule";

src/main/java/org/radarbase/appserver/controller/UploadController.java

@@ -0,0 +1,84 @@
+/*
+ *
+ * * Copyright 2024 The Hyve
+ * *
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ *
+ */
+
+package org.radarbase.appserver.controller;
+
+import lombok.extern.slf4j.Slf4j;
+import org.radarbase.appserver.config.AuthConfig.AuthEntities;
+import org.radarbase.appserver.config.AuthConfig.AuthPermissions;
+import org.radarbase.appserver.service.storage.StorageService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.multipart.MultipartFile;
+import radar.spring.auth.common.Authorized;
+import radar.spring.auth.common.PermissionOn;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+
+/**
+ * Resource Endpoint for uploading assets to a data store.
+ *
+ * @author Pim van Nierop
+ */
+@CrossOrigin
+@RestController
+@ConditionalOnProperty(value = "radar.file-upload.enabled", havingValue = "true")
+@Slf4j
+public class UploadController {
+
+ @Autowired
+ private transient StorageService storageService;
+
+ @Authorized(
+ permission = AuthPermissions.CREATE,
+ entity = AuthEntities.MEASUREMENT,
+ permissionOn = PermissionOn.SUBJECT
+ )
+ @PostMapping(
+ "/" + PathsUtil.PROJECT_PATH + "/" + PathsUtil.PROJECT_ID_CONSTANT +
+ "/" + PathsUtil.USER_PATH + "/" + PathsUtil.SUBJECT_ID_CONSTANT +
+ "/" + PathsUtil.FILE_PATH +
+ "/" + PathsUtil.TOPIC_PATH + "/" + PathsUtil.TOPIC_ID_CONSTANT +
+ "/upload")
+ @CrossOrigin(
+ origins = "*",
+ allowedHeaders = "*",
+ exposedHeaders = "Location", // needed to get the URI of the uploaded file in aRMT
+ methods = { RequestMethod.POST }
+ )
+ public ResponseEntity<?> subjectFileUpload(
+ @RequestParam("file") MultipartFile file,
+ @PathVariable String projectId,
+ @PathVariable String subjectId,
+ @PathVariable String topicId) throws URISyntaxException {
+
+ log.info("Storing file for project: {}, subject: {}, topic: {}", projectId, subjectId, topicId);
+
+ String filePath = storageService.store(file, projectId, subjectId, topicId);
+ return ResponseEntity.created(new URI(filePath)).build();
+ }
+
+}

src/main/java/org/radarbase/appserver/exception/FileStorageException.java

@@ -0,0 +1,17 @@
+package org.radarbase.appserver.exception;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
+public class FileStorageException extends RuntimeException {
+ private static final long serialVersionUID = -793674245766939L;
+
+ public FileStorageException(String message) {
+ super(message);
+ }
+
+ public FileStorageException(String message, Object object) {
+ super(message + " " + object.toString());
+ }
+}

src/main/java/org/radarbase/appserver/exception/InvalidFileDetailsException.java

@@ -0,0 +1,17 @@
+package org.radarbase.appserver.exception;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus(HttpStatus.EXPECTATION_FAILED)
+public class InvalidFileDetailsException extends IllegalArgumentException {
+ private static final long serialVersionUID = -793674245766939L;
+
+ public InvalidFileDetailsException(String message) {
+ super(message);
+ }
+
+ public InvalidFileDetailsException(String message, Object object) {
+ super(message + " " + object.toString());
+ }
+}

src/main/java/org/radarbase/appserver/exception/InvalidPathDetailsException.java

@@ -0,0 +1,17 @@
+package org.radarbase.appserver.exception;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus(HttpStatus.EXPECTATION_FAILED)
+public class InvalidPathDetailsException extends IllegalArgumentException {
+ private static final long serialVersionUID = -793674245766939L;
+
+ public InvalidPathDetailsException(String message) {
+ super(message);
+ }
+
+ public InvalidPathDetailsException(String message, Object object) {
+ super(message + " " + object.toString());
+ }
+}

src/main/java/org/radarbase/appserver/exception/handler/ResponseEntityExceptionHandler.java

@@ -64,6 +64,21 @@ public final ResponseEntity<ErrorDetails> handleInvalidUserDetailsException(Exce
  return handleEntityWithCause(ex, request);
  }
 
+ @ExceptionHandler(InvalidFileDetailsException.class)
+ public final ResponseEntity<ErrorDetails> handleInvalidFileDetailsException(Exception ex, WebRequest request) {
+ return handleEntityWithCause(ex, request);
+ }
+
+ @ExceptionHandler(InvalidPathDetailsException.class)
+ public final ResponseEntity<ErrorDetails> handleInvalidPathDetailsException(Exception ex, WebRequest request) {
+ return handleEntityWithCause(ex, request);
+ }
+
+ @ExceptionHandler(FileStorageException.class)
+ public final ResponseEntity<ErrorDetails> handleFileStorageException(Exception ex, WebRequest request) {
+ return handleEntityWithCause(ex, request);
+ }
+
  public ResponseEntity<ErrorDetails> handleEntityWithCause(Exception ex, WebRequest request) {
  String cause = ex.getCause() != null ? ex.getCause().getMessage() : null;
  HttpStatus status = ex.getClass().getAnnotation(ResponseStatus.class).value();

src/main/java/org/radarbase/appserver/service/storage/MinioClientInitializer.java

@@ -0,0 +1,67 @@
+/*
+ *
+ * * Copyright 2024 The Hyve
+ * *
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ *
+ */
+
+package org.radarbase.appserver.service.storage;
+
+import io.minio.BucketExistsArgs;
+import io.minio.MinioClient;
+import org.radarbase.appserver.config.S3StorageProperties;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Component;
+
+@Component
+@ConditionalOnExpression("${radar.file-upload.enabled:false} and 's3' == '${radar.storage.type:}'")
+public class MinioClientInitializer {
+
+ private transient MinioClient minioClient;
+ private transient String bucketName;
+
+ @Autowired
+ private transient S3StorageProperties s3StorageProperties;
+
+ private void initClient() {
+ try {
+ minioClient =
+ MinioClient.builder()
+ .endpoint(s3StorageProperties.getUrl())
+ .credentials(s3StorageProperties.getAccessKey(), s3StorageProperties.getSecretKey())
+ .build();
+ bucketName = s3StorageProperties.getBucketName();
+ boolean found =
+ minioClient.bucketExists(BucketExistsArgs.builder().bucket(bucketName).build());
+ if (!found) {
+ throw new RuntimeException(String.format("S3 bucket '%s' does not exist", bucketName));
+ }
+ } catch (Exception e) {
+ throw new RuntimeException("Could not connect to S3", e);
+ }
+ }
+
+ public MinioClient getClient() {
+ if (minioClient == null) {
+ initClient();
+ }
+ return minioClient;
+ }
+
+ public String getBucketName() {
+ return bucketName;
+ }
+
+}

src/main/java/org/radarbase/appserver/service/storage/S3StorageService.java

@@ -0,0 +1,79 @@
+/*
+ *
+ * * Copyright 2024 The Hyve
+ * *
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ *
+ */
+
+package org.radarbase.appserver.service.storage;
+
+import io.minio.PutObjectArgs;
+import lombok.extern.slf4j.Slf4j;
+import org.radarbase.appserver.config.S3StorageProperties;
+import org.radarbase.appserver.exception.FileStorageException;
+import org.radarbase.appserver.exception.InvalidFileDetailsException;
+import org.radarbase.appserver.exception.InvalidPathDetailsException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Service;
+import org.springframework.util.Assert;
+import org.springframework.web.multipart.MultipartFile;
+
+
+@Slf4j
+@Service
+@ConditionalOnExpression("${radar.file-upload.enabled:false} and 's3' == '${radar.storage.type:}'")
+public class S3StorageService implements StorageService {
+
+ @Autowired
+ private transient S3StorageProperties s3StorageProperties;
+
+ @Autowired
+ private transient MinioClientInitializer bucketClient;
+
+ public String store(MultipartFile file, String projectId, String subjectId, String topicId) {
+ if (
+ file == null || projectId == null || subjectId == null || topicId == null
+ || file.isEmpty()|| projectId.isEmpty() || subjectId.isEmpty() || topicId.isEmpty()) {
+ throw new InvalidFileDetailsException("File, project, subject and topic IDs must not be empty");
+ }
+
+ try {
+ StoragePath filePath = StoragePath.builder()
+ .prefix(s3StorageProperties.getPath().getPrefix())
+ .projectId(projectId)
+ .subjectId(subjectId)
+ .topicId(topicId)
+ .collectPerDay(s3StorageProperties.getPath().isCollectPerDay())
+ .filename(file.getOriginalFilename())
+ .build();
+
+ log.debug("Attempt storing file at path: {}", filePath.getFullPath());
+
+ bucketClient.getClient().putObject(PutObjectArgs
+ .builder()
+ .bucket(bucketClient.getBucketName())
+ .object(filePath.getFullPath())
+ .stream(file.getInputStream(), file.getSize(), -1)
+ .build());
+
+ return filePath.getFullPath();
+ } catch (IllegalArgumentException e) {
+ throw new InvalidPathDetailsException("There is a problem resolving the path on the object storage", e);
+ } catch (Exception e) {
+ throw new FileStorageException("There is a problem storing the file on the object storage", e);
+ }
+ }
+
+}