Skip to content

Commit

Permalink
feat: remove permissions, reduce default allocation
Browse files Browse the repository at this point in the history
  • Loading branch information
astappiev committed Nov 20, 2024
1 parent c485321 commit 26f3778
Show file tree
Hide file tree
Showing 9 changed files with 7 additions and 34 deletions.
2 changes: 2 additions & 0 deletions interweb-core/src/main/resources/application.properties
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
quarkus.rest-client.http2=true
quarkus.rest-client.connect-timeout=30000
quarkus.rest-client.read-timeout=60000

%test.quarkus.log.console.level=DEBUG
%test.quarkus.log.console.format=%d{HH:mm:ss} %-5p [%c{2.}] (%t) %s%e%n
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@

import de.l3s.interweb.server.Roles;
import de.l3s.interweb.server.features.api.ApiKey;
import de.l3s.interweb.server.features.user.User;

@ApplicationScoped
public class ApiKeyIdentityProvider implements IdentityProvider<ApiKeyAuthenticationRequest> {
Expand All @@ -31,14 +30,6 @@ public Uni<SecurityIdentity> authenticate(ApiKeyAuthenticationRequest request, A
.addCredential(key)
.setAnonymous(false)
.addRole(Roles.APPLICATION)
.addPermissionChecker(permission -> {
try {
final User.Permission req = User.Permission.valueOf(permission.getName());
return Uni.createFrom().item(key.user.permissions.contains(req));
} catch (IllegalArgumentException e) {
return null;
}
})
.build());
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ public RestResponse<ErrorResponse> mapException(ForbiddenException x) {

@ServerExceptionMapper
public RestResponse<ErrorResponse> mapException(LimitExceededException x) {
return RestResponse.status(Response.Status.PAYMENT_REQUIRED, ErrorResponse.of("Monthly allowance exceeded. Please contact support."));
return RestResponse.status(Response.Status.PAYMENT_REQUIRED, ErrorResponse.of("Monthly number of paid requests exceeded. Please contact L3S support."));
}

@ServerExceptionMapper
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.ws.rs.ForbiddenException;

import io.smallrye.mutiny.Uni;
import io.vertx.core.eventbus.EventBus;
Expand All @@ -15,7 +14,6 @@
import de.l3s.interweb.server.features.api.ApiRequestChat;
import de.l3s.interweb.server.features.api.UsageService;
import de.l3s.interweb.server.features.models.ModelsService;
import de.l3s.interweb.server.features.user.User;

@ApplicationScoped
public class ChatService {
Expand All @@ -33,11 +31,8 @@ public Uni<CompletionsResults> completions(CompletionsQuery query, ApiKey apikey
return modelsService.getModel(query.getModel()).chain(model -> {
if (model.isFree()) {
return completions(query, model);
} else if (apikey.user.permissions.contains(User.Permission.paid_models)) {
return usageService.allocate(apikey.user)
.chain(exceeded -> completions(query, model));
} else {
return Uni.createFrom().failure(new ForbiddenException("Please contact support to get access to this model"));
return usageService.allocate(apikey.user).chain(exceeded -> completions(query, model));
}
}).invoke(results -> {
bus.send("api-request-chat", ApiRequestChat.of(results, apikey));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ public ModelsService(@All List<ModelsConnector> connectors) {
if (connector.validate()) {
providers.put(connector.getId(), connector);
} else {
log.error("Connector skipped due to failed validation: " + connector.getClass().getName());
log.warn("Connector skipped due to failed validation: " + connector.getClass().getName());
}
});

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@
import jakarta.ws.rs.Path;
import jakarta.ws.rs.core.Context;

import io.quarkus.security.PermissionsAllowed;
import io.quarkus.security.identity.SecurityIdentity;
import io.smallrye.mutiny.Uni;
import org.eclipse.microprofile.openapi.annotations.parameters.Parameter;
Expand Down Expand Up @@ -71,7 +70,6 @@ public Uni<SearchResults> search(@Parameter(description = "The search query", ex
}

@POST
@PermissionsAllowed("search")
public Uni<SearchResults> search(@NotNull @Valid SearchQuery query, @HeaderParam("Cache-Control") String cacheControl) {
ApiKey apikey = securityIdentity.getCredential(ApiKey.class);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

import java.security.Principal;
import java.time.Instant;
import java.util.Set;

import jakarta.persistence.*;
import jakarta.validation.constraints.Email;
Expand All @@ -24,11 +23,6 @@
@Table(name = "user")
public class User extends PanacheEntityBase implements Principal {

public enum Permission {
search,
paid_models,
}

@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Schema(readOnly = true)
Expand All @@ -46,16 +40,10 @@ public enum Permission {
@NotNull
public boolean approved = false;

@Enumerated(EnumType.STRING)
@ElementCollection(targetClass = Permission.class, fetch = FetchType.EAGER)
@CollectionTable(name = "user_permission", joinColumns = @JoinColumn(name = "user_id"))
@Column(name = "permission", nullable = false)
public Set<Permission> permissions;

@NotNull
@Schema(readOnly = true)
@Column(name = "monthly_budget")
public Double monthlyBudget = 100d;
public Double monthlyBudget = 10d;

@UpdateTimestamp
public Instant updated;
Expand Down
2 changes: 1 addition & 1 deletion interweb-server/src/main/resources/application.properties
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ quarkus.cache.caffeine."models".expire-after-write=PT10M
quarkus.native.additional-build-args=-march=x86-64-v2

quarkus.datasource.db-kind=mariadb
quarkus.datasource.jdbc.url=jdbc:${quarkus.datasource.reactive_url}
quarkus.datasource.jdbc.url=jdbc:${quarkus.datasource.reactive.url}
quarkus.datasource.reactive.max-size=20
%dev.quarkus.hibernate-orm.log.sql=true

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ class RequestApiKeyAuthTest {
@BeforeEach
public void setup() {
User user = Mockito.mock(User.class);
Mockito.when(user.permissions).thenReturn(Set.of(User.Permission.search));

PanacheMock.mock(ApiKey.class);
ApiKey testKey = Mockito.mock(ApiKey.class);
Expand Down

0 comments on commit 26f3778

Please sign in to comment.