Ma77Ball opened a new pull request, #5743: URL: https://github.com/apache/texera/pull/5743
### What changes were proposed in this PR? - Add `RoleAnnotationEnforcer` in `common/auth`: a pure, reflection-based check whose `findUnannotatedEndpoints` flags every HTTP-mapped resource method (detected generically via the JAX-RS `@HttpMethod` meta-annotation, covering GET/POST/PUT/DELETE/PATCH/HEAD/OPTIONS and custom verbs) that lacks `@RolesAllowed`/`@PermitAll`/`@DenyAll` at either the method or its resource class. - Wire all five #5199 microservices (config, access-control, computing-unit-managing, workflow-compiling, file) to call `enforceRoleAnnotations(environment)` at the end of `run()`, reading the live Jersey `ResourceConfig` after every resource is registered; an unannotated endpoint now logs and throws `IllegalStateException` so the service fails to boot instead of exposing a silent public endpoint. - Add `RoleAnnotationEnforcerSpec` for the enforcer logic plus a per-service guard test (over each service's real registered resources) so a forgotten annotation fails in CI without needing a full boot. - Scope is the five microservices only; amber is intentionally left out because its pre-existing endpoints are not all annotated yet and would fail the check (a separate cleanup). ### Any related issues, documentation, discussions? Closes: #5742 ### How was this PR tested? - Run `sbt "Auth/testOnly *RoleAnnotationEnforcerSpec"`, expect 7 cases green (all-annotated passes, unannotated `@GET` flagged, class-level annotation covers methods, `@PermitAll`/`@DenyAll` accepted, non-HTTP methods ignored, `enforce` throws then does not). Verified locally. - Run `sbt "ConfigService/testOnly *ConfigServiceRunSpec"` (and the equivalent `AccessControlService`/`ComputingUnitManagingService`/`WorkflowCompilingService`/`FileService` RunSpecs); expect the new "registered resources should all declare access control" guard to pass, confirming each service's real endpoints are fully annotated. - Reviewer check for the regression: drop a new `@GET` with no role annotation onto any wired resource and start the service (or run that service's RunSpec); expect an `IllegalStateException` naming `Class#method` and a failed boot. - Local environment limitation: this machine runs JDK 25, where the repo's existing Mockito `*RunSpec` cases cannot mock `JerseyEnvironment` and file-service tests hit a JaCoCo 0.8.11 instrumentation crash on an unrelated class; these are pre-existing toolchain issues (baseline fails identically) and run on CI's supported JDK. The new non-mock guard tests were verified locally for config/access-control/computing-unit-managing/workflow-compiling. ### Was this PR authored or co-authored using generative AI tooling? Co-authored with Claude Opus 4.8 in compliance with ASF -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
