Hi Myrle, I am refactoring the authentication process in the notification service to use the permitted-feign-client just like you suggested on this branch <https://github.com/ebenezergraham/fineract-cn-notifications/tree/permitted-feign-client-auth> .
Whenever I try setting application <https://github.com/ebenezergraham/fineract-cn-demo-server/commit/17a303f5f7bd4baeef1e5bb34ef1497e67e7bc42#diff-38191dbf1fa40b24acfd43d9d7d36f0dR451#L451-L461> permission for the scheduler user, I get a service exception. Details here <https://pastebin.com/P6Chet1h>. *At your service,* *Ebenezer Graham* *BSc (Hons) Computing* [image: EmailSignature.png] African Leadership University, Power Mill Road, Pamplemousses, Mauritius. *skype*: ebenezer.graham GitHub <https://github.com/ebenezergraham> | LinkedIn <https://www.linkedin.com/in/ebenezer-graham/> | Twitter <https://twitter.com/pactmart> | Facebook <https://www.facebook.com/pactmart> www.pactmart.com | Freelancing made easy. *“Talk is cheap, show me the code.” *- *Linus Torvalds* On Wed, 22 Aug 2018 at 17:15, Myrle Krantz <[email protected]> wrote: > Hey Ebenezer, > > There's a better way to get permissions for accessing customer. I > recommend you use the permitted-feign-client. You can see an example of > this in Rhythm. > > You would be accessing customer like rhythm acesses identity here: > > https://github.com/apache/fineract-cn-rhythm/blob/develop/service/src/main/java/org/apache/fineract/cn/rhythm/service/internal/identity/ApplicationPermissionRequestCreator.java > > You would still need to define a user in whose name to access customer, > but you would no longer need that user's password. Instead you'd give your > application permission to act as that user in the provisioning, like it is > done here: > > https://github.com/apache/fineract-cn-demo-server/blob/develop/src/main/java/org/apache/fineract/cn/dev/ServiceRunner.java#L432 > > This limits the scope of the rights of the application to just what it > needs reducing the damage possible via a security break. And it means you > don't have to save a powerful user's password in plain text in code or in a > configuration file. > > If you need a pair-programming round to help you understand this, ping me > offlist. It's a confusing topic. > > Best Regards, > Myrle > > > On Wed, Aug 22, 2018 at 1:40 PM Ebenezer Graham <[email protected]> > wrote: > >> Thanks myrle, >> >> I have already created a demo email account called >> [email protected] and I created it for the sole >> purpose of testing emails for this service and for other contributors >> to use. Please advise me on this approach. >> >> Also, the password for [email protected] and akyencorp@gmail >> are no longer valid. I created app passwords and so I have already deleted >> those app passwords for my live account and are no longer valid. >> >> *Error:* >> In an attempt to store configurations from the repository I get this >> error: https://pastebin.com/WqvRwXvB >> >> Please check: shouldCreateSMSConfigurationEntity() >> >> https://github.com/ebenezergraham/fineract-cn-notifications/blob/develop/component-test/src/main/java/org/apache/fineract/cn/notification/TestSMSService.java >> >> I am able to retrieve stored configurations but I am unable to create a >> configuration and store. Same issue for email repository >> >> Second Issue: https://pastebin.com/LKz7HcGy >> I have managed to authenticate with identity and getting customer object, >> however, when I trigger an invent from the fims web app, I get 3 >> invocations from the ActiveMQ. How can I resolve this issue? Are my >> assumptions correct to begin with? >> >> >> *At your service,* >> >> *Ebenezer Graham* >> >> *BSc (Hons) Computing* >> >> >> [image: EmailSignature.png] >> >> African Leadership University, >> >> Power Mill Road, Pamplemousses, >> >> Mauritius. >> >> >> >> *skype*: >> ebenezer.graham >> GitHub <https://github.com/ebenezergraham> | LinkedIn >> <https://www.linkedin.com/in/ebenezer-graham/> | Twitter >> <https://twitter.com/pactmart> | Facebook >> <https://www.facebook.com/pactmart> >> www.pactmart.com | Freelancing made easy. >> >> >> *“Talk is cheap, show me the code.” *- *Linus Torvalds* >> >> >> >> On 22 August 2018 at 15:10, Ebenezer Graham <[email protected]> >> wrote: >> >>> Thanks myrle, >>> >>> I have already created a demo email account called >>> [email protected] and I created it for the sole >>> purpose of testing emails for this service and for other contributors >>> to use. Please advise me on this approach. >>> >>> Also, the password for [email protected] and akyencorp@gmail >>> are not the real passwords. I created app passwords and so I have already >>> deleted those app passwords for my live account and are no longer valid. >>> >>> *Error:* >>> In an attempt to store configurations from the repository I get this >>> error: >>> >>> Please check: shouldCreateSMSConfigurationEntity() >>> >>> https://github.com/ebenezergraham/fineract-cn-notifications/blob/develop/component-test/src/main/java/org/apache/fineract/cn/notification/TestSMSService.java >>> >>> I am able to retrieve stored configurations but I am unable to create a >>> configuration and store. Same issue for email repository >>> >>> Second Issue: https://pastebin.com/LKz7HcGy >>> I have managed to authenticate with identity and getting customer >>> object, however, when I trigger an invent from the fims web app, I get 3 >>> invocations from the ActiveMQ. How can I resolve this issue? Are my >>> assumptions correct to begin with? >>> >>> >>> *At your service,* >>> >>> *Ebenezer Graham* >>> >>> *BSc (Hons) Computing* >>> >>> >>> [image: EmailSignature.png] >>> >>> African Leadership University, >>> >>> Power Mill Road, Pamplemousses, >>> >>> Mauritius. >>> >>> >>> >>> *skype*: >>> ebenezer.graham >>> GitHub <https://github.com/ebenezergraham> | LinkedIn >>> <https://www.linkedin.com/in/ebenezer-graham/> | Twitter >>> <https://twitter.com/pactmart> | Facebook >>> <https://www.facebook.com/pactmart> >>> www.pactmart.com | Freelancing made easy. >>> >>> >>> *“Talk is cheap, show me the code.” *- *Linus Torvalds* >>> >>> >>> >>> On 22 August 2018 at 14:45, Myrle Krantz <[email protected]> wrote: >>> >>>> Hey Ebenezer, >>>> >>>> I was just reviewing your PR and realized that you had included >>>> passwords in it. They look like they might be passwords to live >>>> accounts. I strongly suggest you remove them from your latest PR. >>>> >>>> I also checked and it appears you have passwords in code that has >>>> already been merged. If this is true, I suggest you change the >>>> password on the e-mail account: [email protected] >>>> >>>> In general, we don't change git history. It's okay to make mistakes, >>>> and it's important to preserve the commit history of a project. There >>>> are few exceptions I would make, but one of those is for passwords or >>>> other secrets. But only if those passwords or other secrets can't >>>> easily be replaced. I don't believe this is the case here. >>>> >>>> Beyond that, I'm working on putting together feedback on your code and >>>> will post that by the end of the day. >>>> >>>> Best Regards, >>>> Myrle >>>> >>>> >>>> >>>> >>>> On Wed, Aug 22, 2018 at 9:12 AM Ebenezer Graham >>>> <[email protected]> wrote: >>>> > >>>> > Hi Awasum, >>>> > >>>> > I have been able to resolve the authentication problem and now able to >>>> > retrieve customers. >>>> > >>>> > I have also written a component test for the email and sms service. >>>> > >>>> > In an attempt to clean up my repository and squash the commits I >>>> messed up >>>> > my repo hence I have deleted it and forked a new one. >>>> > >>>> > In light of this, would like to find out if it is possible to force >>>> merge >>>> > them so that apache repository takes commits from mine. This is >>>> because >>>> > the one on Apache has some unwanted files such as the sample classes >>>> and >>>> > travis.yml. Please let me know if this is possible. >>>> > >>>> > Also, I have made new PRs. Please review it and provide feedback >>>> > >>>> > Looking forward to your response. >>>> > >>>> > *At your service,* >>>> > >>>> > *Ebenezer Graham* >>>> > >>>> > *BSc (Hons) Computing* >>>> > >>>> > >>>> > [image: EmailSignature.png] >>>> > >>>> > African Leadership University, >>>> > >>>> > Power Mill Road, Pamplemousses, >>>> > >>>> > Mauritius. >>>> > >>>> > >>>> > >>>> > *skype*: >>>> > ebenezer.graham >>>> > GitHub <https://github.com/ebenezergraham> | LinkedIn >>>> > <https://www.linkedin.com/in/ebenezer-graham/> | Twitter >>>> > <https://twitter.com/pactmart> | Facebook >>>> > <https://www.facebook.com/pactmart> >>>> > www.pactmart.com | Freelancing made easy. >>>> > >>>> > >>>> > *“Talk is cheap, show me the code.” *- *Linus Torvalds* >>>> > >>>> > >>>> > >>>> > On 9 July 2018 at 12:25, Awasum Yannick <[email protected]> wrote: >>>> > >>>> > > Hello Graham, >>>> > > >>>> > > You need to create a user, maybe use *operator* and make sure the >>>> user has >>>> > > permission to access customer (READ). Then you have to create a >>>> class which >>>> > > uses this user to connect and authenticate each time with the >>>> identity >>>> > > service before each customer information is retrieved. >>>> > > >>>> > > This user could be defined in the yml file of your service and then >>>> > > injected into the Authentication Class you create. >>>> > > >>>> > > Each event which is emitted most often has the tenant within the >>>> message. >>>> > > just get this tenant and check and set the *TenantContextHolder *if >>>> not >>>> > > already set just before you authenticate. Immediately after >>>> authentication, >>>> > > Set the *UserContextHolder* too >>>> > > >>>> > > Another point is to remember to trim or remove the quotes from the >>>> customer >>>> > > identifier before trying to get more contact details about that >>>> customer: >>>> > > {String}.replaceAll("^\"|\"$", "") >>>> > > >>>> > > I hope this helps >>>> > > >>>> > > Thanks. >>>> > > Awasum Yannick >>>> > > >>>> > > On Tue, Jul 3, 2018 at 11:18 PM Ebenezer Graham < >>>> [email protected]> >>>> > > wrote: >>>> > > >>>> > > > Hello there, >>>> > > > >>>> > > > I would like to retrieve a customer after it has been created, or >>>> > > activated >>>> > > > etc. >>>> > > > >>>> > > > I have coded the logic to send the SMS and email after getting the >>>> > > contact >>>> > > > details, however, I have to get the customer to get the contact >>>> details. >>>> > > > >>>> > > > This is the error I get during my call: >>>> https://pastebin.com/zrebwE8v >>>> > > > >>>> > > > I would like to get clarifications on how to set the tenant and >>>> correctly >>>> > > > make authentication during a rest call. >>>> > > > >>>> > > > I would also like to get a better understanding of how to use the >>>> Anubis, >>>> > > > test and identity microservice in this case >>>> > > > >>>> > > > *At your service,* >>>> > > > >>>> > > > *Ebenezer Graham* >>>> > > > >>>> > > > *BSc (Hons) Computing* >>>> > > > >>>> > > > >>>> > > > [image: EmailSignature.png] >>>> > > > >>>> > > > African Leadership University, >>>> > > > >>>> > > > Power Mill Road, Pamplemousses, >>>> > > > >>>> > > > Mauritius. >>>> > > > >>>> > > > >>>> > > > *skype*: >>>> > > > ebenezer.graham >>>> > > > GitHub <https://github.com/ebenezergraham> | LinkedIn >>>> > > > <https://www.linkedin.com/in/ebenezer-graham/> | Twitter >>>> > > > <https://twitter.com/pactmart> | Facebook >>>> > > > <https://www.facebook.com/pactmart> >>>> > > > www.pactmart.com | Freelancing made easy. >>>> > > > >>>> > > > >>>> > > > *“Talk is cheap, show me the code.” *- *Linus Torvalds* >>>> > > > >>>> > > > >>>> > > > >>>> > > > On 19 May 2018 at 00:41, Ebenezer Graham < >>>> [email protected]> >>>> > > wrote: >>>> > > > >>>> > > > > Hi everyone, >>>> > > > > >>>> > > > > I am Ebenezer a student from the African Leadership University >>>> and I >>>> > > will >>>> > > > > be working on this project under the mentorship of Isaac Kamga. >>>> > > > > >>>> > > > > The idea is to use this thread to discuss the decisions being >>>> made on >>>> > > > this >>>> > > > > project so that the community has visibility on what's >>>> happening and >>>> > > most >>>> > > > > importantly give constructive feedback. >>>> > > > > >>>> > > > > *EventListeners:* >>>> > > > > This is the Doc >>>> > > > > < >>>> > > > https://docs.google.com/document/d/1kme5qrxOrO0WGUEvNgzv5XVkgWtpg >>>> > > 0lbX-CrBH4js7o/edit?usp=sharing >>>> > > > > >>>> > > > > containing the shortlisted events which I believe qualify for >>>> an Email >>>> > > or >>>> > > > > SMS notification. Please review and comment on the doc >>>> suggesting any >>>> > > > > addition or deletion or related feedback. >>>> > > > > >>>> > > > > *UI for the service:* >>>> > > > > This is a link <https://wireframe.cc/pro/pp/5fb6b2e61167290> >>>> to the >>>> > > > > wireframes for the UI of the service. Please give pointers on >>>> what >>>> > > could >>>> > > > be >>>> > > > > added and what should be taken out. >>>> > > > > >>>> > > > > >>>> > > > > *At your service* >>>> > > > > *,* >>>> > > > > >>>> > > > > *Ebenezer Graham* >>>> > > > > >>>> > > > > *BSc (Hons) Computing* >>>> > > > > >>>> > > > > >>>> > > > > [image: EmailSignature.png] >>>> > > > > >>>> > > > > Beau Plan Business Park | West Building >>>> > > > > >>>> > > > > Pamplemousses | Mauritius >>>> > > > > >>>> > > > > >>>> > > > > <http://www.pactmart.com/> >>>> > > > > <http://www.pactmart.com/> >>>> > > > > www.pactmart.com | Freelancing made easy. >>>> > > > > GitHub <https://github.com/ebenezergraham> | LinkedIn >>>> > > > > <https://www.linkedin.com/in/ebenezer-graham/> | Twitter >>>> > > > > <https://twitter.com/pactmart> | Facebook >>>> > > > > <https://www.facebook.com/pactmart> | Website >>>> > > > > <http://ebenezergraham.github.io/> >>>> > > > > >>>> > > > > *skype*: >>>> > > > > ebenezer.graham >>>> > > > > | *Phone*: >>>> > > > > +230 5840 9206 >>>> > > > > >>>> > > > > >>>> > > > > *“Practice isn’t the thing you do once you’re good. It’s the >>>> thing you >>>> > > do >>>> > > > > that makes you good.”* >>>> > > > > -*Malcolm Gladwell* >>>> > > > > >>>> > > > > >>>> > > > > >>>> > > > >>>> > > >>>> >>> >>> >>
