Merge branch 'release-1.0' into SPSH-1195

dBildungsplattform · Nov 29, 2024 · 59580b9 · 59580b9
2 parents 913f739 + d2c7660
commit 59580b9
Show file tree

Hide file tree

Showing 24 changed files with 252 additions and 26 deletions.
diff --git a/charts/dbildungs-iam-server/config/config.json b/charts/dbildungs-iam-server/config/config.json
@@ -51,7 +51,7 @@
     "BACKEND_FOR_FRONTEND_MODULE_LOG_LEVEL": "debug"
   },
   "ITSLEARNING": {
-    "ENABLED": "false",
+    "ENABLED": false,
     "ENDPOINT": "https://itslearning.example.com",
     "USERNAME": "username",
     "PASSWORD": "password",
@@ -60,7 +60,7 @@
     "ROOT_ERSATZ": "ersatz"
   },
   "OX": {
-    "ENABLED": "false",
+    "ENABLED": false,
     "ENDPOINT": "https://ox_ip:ox_port/webservices/OXUserService",
     "CONTEXT_ID": "1337",
     "CONTEXT_NAME": "contextname",

diff --git a/charts/dbildungs-iam-server/templates/configmap.yaml b/charts/dbildungs-iam-server/templates/configmap.yaml
@@ -24,3 +24,7 @@ data:
   SYSTEM_RENAME_WAITING_TIME_IN_SECONDS: "{{ .Values.backend.env.renameWaitingTimeInSeconds }}"
   SYSTEM_STEP_UP_TIMEOUT_ENABLED: "{{ .Values.backend.env.stepUpTimeoutEnabled }}"
   SYSTEM_STEP_UP_TIMEOUT_IN_SECONDS: "{{ .Values.backend.env.stepUpTimeoutInSeconds }}"
+  ITSLEARNING_ROOT: '{{ .Values.itslearning.root }}'
+  ITSLEARNING_ROOT_OEFFENTLICH: '{{ .Values.itslearning.rootOeffentlich }}'
+  ITSLEARNING_ROOT_ERSATZ: '{{ .Values.itslearning.rootErsatz }}'
+
diff --git a/charts/dbildungs-iam-server/values.yaml b/charts/dbildungs-iam-server/values.yaml
@@ -32,6 +32,11 @@ ldap:
   oeffentlicheSchulenDomain: schule-sh.de
   ersatzschulenDomain: ersatzschule-sh.de
 
+itslearning:
+  root: sh
+  rootOeffentlich: oeffentlich
+  rootErsatz: ersatz
+
 auth:
   # existingSecret: Refers to a secret already present in the cluster, which is required.
   existingSecret: ''

diff --git a/config/config.json b/config/config.json
@@ -63,7 +63,7 @@
         "BACKEND_FOR_FRONTEND_MODULE_LOG_LEVEL": "debug"
     },
     "ITSLEARNING": {
-        "ENABLED": "false",
+        "ENABLED": false,
         "ENDPOINT": "https://itslearning-test.example.com",
         "USERNAME": "username",
         "PASSWORD": "password",
@@ -72,7 +72,7 @@
         "ROOT_ERSATZ": "ersatz"
     },
     "OX": {
-        "ENABLED": "false",
+        "ENABLED": false,
         "ENDPOINT": "http://ox.dev.spsh.dbildungsplattform.de/webservices/",
         "CONTEXT_ID": "1337",
         "CONTEXT_NAME": "contextname",

diff --git a/migrations/.snapshot-dbildungs-iam-server.json b/migrations/.snapshot-dbildungs-iam-server.json
@@ -2052,6 +2052,50 @@
           "unique": false,
           "expression": "create unique index \"person_keycloak_user_id_unique\" on \"person\" (\"keycloak_user_id\") nulls not distinct;"
         },
+        {
+          "keyName": "person_referrer_trgm_index",
+          "columnNames": [
+            "referrer"
+          ],
+          "composite": false,
+          "constraint": false,
+          "primary": false,
+          "unique": false,
+          "expression": "create index \"person_referrer_trgm_index\" on \"person\" using gin (\"referrer\" gin_trgm_ops);"
+        },
+        {
+          "keyName": "person_familienname_trgm_index",
+          "columnNames": [
+            "familienname"
+          ],
+          "composite": false,
+          "constraint": false,
+          "primary": false,
+          "unique": false,
+          "expression": "create index \"person_familienname_trgm_index\" on \"person\" using gin (\"familienname\" gin_trgm_ops);"
+        },
+        {
+          "keyName": "person_vorname_trgm_index",
+          "columnNames": [
+            "vorname"
+          ],
+          "composite": false,
+          "constraint": false,
+          "primary": false,
+          "unique": false,
+          "expression": "create index \"person_vorname_trgm_index\" on \"person\" using gin (\"vorname\" gin_trgm_ops);"
+        },
+        {
+          "keyName": "person_personalnummer_trgm_index",
+          "columnNames": [
+            "personalnummer"
+          ],
+          "composite": false,
+          "constraint": false,
+          "primary": false,
+          "unique": false,
+          "expression": "create index \"person_personalnummer_trgm_index\" on \"person\" using gin (\"personalnummer\" gin_trgm_ops);"
+        },
         {
           "keyName": "person_personalnummer_unique",
           "columnNames": [
@@ -2345,6 +2389,16 @@
           "primary": false,
           "unique": true
         },
+        {
+          "columnNames": [
+            "person_id"
+          ],
+          "composite": false,
+          "keyName": "email_address_person_id_index",
+          "constraint": false,
+          "primary": false,
+          "unique": false
+        },
         {
           "keyName": "email_address_pkey",
           "columnNames": [
@@ -2976,6 +3030,16 @@
           "primary": false,
           "unique": false
         },
+        {
+          "columnNames": [
+            "organisation_id"
+          ],
+          "composite": false,
+          "keyName": "personenkontext_organisation_id_index",
+          "constraint": false,
+          "primary": false,
+          "unique": false
+        },
         {
           "keyName": "personenkontext_person_id_organisation_id_rolle_id_unique",
           "columnNames": [
@@ -3222,6 +3286,16 @@
       "name": "rolle_merkmal",
       "schema": "public",
       "indexes": [
+        {
+          "columnNames": [
+            "rolle_id"
+          ],
+          "composite": false,
+          "keyName": "rolle_merkmal_rolle_id_index",
+          "constraint": false,
+          "primary": false,
+          "unique": false
+        },
         {
           "keyName": "rolle_merkmal_pkey",
           "columnNames": [
@@ -3454,6 +3528,16 @@
       "name": "rolle_systemrecht",
       "schema": "public",
       "indexes": [
+        {
+          "columnNames": [
+            "rolle_id"
+          ],
+          "composite": false,
+          "keyName": "rolle_systemrecht_rolle_id_index",
+          "constraint": false,
+          "primary": false,
+          "unique": false
+        },
         {
           "keyName": "rolle_systemrecht_pkey",
           "columnNames": [

diff --git a/migrations/Migration20241127092339-S.ts b/migrations/Migration20241127092339-S.ts
@@ -0,0 +1,41 @@
+import { Migration } from '@mikro-orm/migrations';
+
+export class Migration20241127092339 extends Migration {
+    public async up(): Promise<void> {
+        this.addSql('create extension if not exists pg_trgm;'); // manually added
+
+        this.addSql('create index "person_referrer_trgm_index" on "person" using gin ("referrer" gin_trgm_ops);;');
+        this.addSql(
+            'create index "person_familienname_trgm_index" on "person" using gin ("familienname" gin_trgm_ops);;',
+        );
+        this.addSql('create index "person_vorname_trgm_index" on "person" using gin ("vorname" gin_trgm_ops);;');
+        this.addSql(
+            'create index "person_personalnummer_trgm_index" on "person" using gin ("personalnummer" gin_trgm_ops);;',
+        );
+
+        this.addSql('create index "email_address_person_id_index" on "email_address" ("person_id");');
+
+        this.addSql('create index "personenkontext_organisation_id_index" on "personenkontext" ("organisation_id");');
+
+        this.addSql('create index "rolle_merkmal_rolle_id_index" on "rolle_merkmal" ("rolle_id");');
+
+        this.addSql('create index "rolle_systemrecht_rolle_id_index" on "rolle_systemrecht" ("rolle_id");');
+    }
+
+    public override async down(): Promise<void> {
+        this.addSql('drop extension if exists pg_trgm;'); // manually added
+
+        this.addSql('drop index "person_referrer_trgm_index";');
+        this.addSql('drop index "person_familienname_trgm_index";');
+        this.addSql('drop index "person_vorname_trgm_index";');
+        this.addSql('drop index "person_personalnummer_trgm_index";');
+
+        this.addSql('drop index "email_address_person_id_index";');
+
+        this.addSql('drop index "personenkontext_organisation_id_index";');
+
+        this.addSql('drop index "rolle_merkmal_rolle_id_index";');
+
+        this.addSql('drop index "rolle_systemrecht_rolle_id_index";');
+    }
+}
diff --git a/src/console/db-init.console.ts b/src/console/db-init.console.ts
@@ -20,6 +20,9 @@ export class DbInitConsole extends CommandRunner {
         this.logger.info('Dropping Schema');
         await this.orm.getSchemaGenerator().dropSchema({ wrap: false });
 
+        this.logger.info('Creating pg_trgm Extension');
+        await this.orm.em.getConnection().execute('CREATE EXTENSION IF NOT EXISTS pg_trgm');
+
         this.logger.info('Creating Schema');
         await this.orm.getSchemaGenerator().createSchema({ wrap: false });
 

diff --git a/src/modules/email/persistence/email-address.entity.ts b/src/modules/email/persistence/email-address.entity.ts
@@ -1,4 +1,4 @@
-import { Entity, Enum, ManyToOne, Property, Ref } from '@mikro-orm/core';
+import { Entity, Enum, Index, ManyToOne, Property, Ref } from '@mikro-orm/core';
 import { PersonEntity } from '../../person/persistence/person.entity.js';
 import { TimestampedEntity } from '../../../persistence/timestamped.entity.js';
 import { EmailAddressStatus } from '../domain/email-address.js';
@@ -13,6 +13,9 @@ export class EmailAddressEntity extends TimestampedEntity {
         deleteRule: 'set null',
         entity: () => PersonEntity,
     })
+    @Index({
+        name: 'email_address_person_id_index',
+    })
     public personId!: Ref<PersonEntity>;
 
     @Property({ primary: true, nullable: false, unique: true })

diff --git a/src/modules/itslearning/event-handlers/itslearning-organisations.event-handler.ts b/src/modules/itslearning/event-handlers/itslearning-organisations.event-handler.ts
@@ -31,7 +31,7 @@ export class ItsLearningOrganisationsEventHandler {
     ) {
         const itsLearningConfig: ItsLearningConfig = configService.getOrThrow<ItsLearningConfig>('ITSLEARNING');
 
-        this.ENABLED = itsLearningConfig.ENABLED === 'true';
+        this.ENABLED = itsLearningConfig.ENABLED;
 
         this.ROOT_OEFFENTLICH = itsLearningConfig.ROOT_OEFFENTLICH;
     }

diff --git a/src/modules/itslearning/event-handlers/itslearning-persons.event-handler.ts b/src/modules/itslearning/event-handlers/itslearning-persons.event-handler.ts
@@ -36,7 +36,7 @@ export class ItsLearningPersonsEventHandler {
     ) {
         const itsLearningConfig: ItsLearningConfig = configService.getOrThrow<ItsLearningConfig>('ITSLEARNING');
 
-        this.ENABLED = itsLearningConfig.ENABLED === 'true';
+        this.ENABLED = itsLearningConfig.ENABLED;
     }
 
     @EventHandler(PersonRenamedEvent)

diff --git a/src/modules/itslearning/event-handlers/itslearning-sync.event-handler.ts b/src/modules/itslearning/event-handlers/itslearning-sync.event-handler.ts
@@ -46,7 +46,7 @@ export class ItsLearningSyncEventHandler {
     ) {
         const itsLearningConfig: ItsLearningConfig = configService.getOrThrow<ItsLearningConfig>('ITSLEARNING');
 
-        this.ENABLED = itsLearningConfig.ENABLED === 'true';
+        this.ENABLED = itsLearningConfig.ENABLED;
     }
 
     @EventHandler(PersonExternalSystemsSyncEvent)

diff --git a/src/modules/ox/domain/ox-event-handler.ts b/src/modules/ox/domain/ox-event-handler.ts
@@ -60,7 +60,7 @@ export class OxEventHandler {
     ) {
         const oxConfig: OxConfig = configService.getOrThrow<OxConfig>('OX');
 
-        this.ENABLED = oxConfig.ENABLED === 'true';
+        this.ENABLED = oxConfig.ENABLED;
         this.authUser = oxConfig.USERNAME;
         this.authPassword = oxConfig.PASSWORD;
         this.contextID = oxConfig.CONTEXT_ID;

diff --git a/src/modules/person/persistence/person.entity.ts b/src/modules/person/persistence/person.entity.ts
@@ -38,6 +38,10 @@ export class PersonEntity extends TimestampedEntity {
     public keycloakUserId!: string;
 
     @AutoMap()
+    @Index({
+        name: 'person_referrer_trgm_index',
+        expression: 'create index "person_referrer_trgm_index" on "person" using gin ("referrer" gin_trgm_ops);',
+    })
     @Property({ nullable: true })
     public referrer?: string;
 
@@ -50,10 +54,19 @@ export class PersonEntity extends TimestampedEntity {
     public readonly stammorganisation?: string;
 
     @AutoMap()
+    @Index({
+        name: 'person_familienname_trgm_index',
+        expression:
+            'create index "person_familienname_trgm_index" on "person" using gin ("familienname" gin_trgm_ops);',
+    })
     @Property()
     public familienname!: string;
 
     @AutoMap()
+    @Index({
+        name: 'person_vorname_trgm_index',
+        expression: 'create index "person_vorname_trgm_index" on "person" using gin ("vorname" gin_trgm_ops);',
+    })
     @Property()
     public vorname!: string;
 
@@ -125,6 +138,11 @@ export class PersonEntity extends TimestampedEntity {
         name: 'person_personalnummer_unique',
         expression: 'create unique index "person_personalnummer_unique" on "person" ("personalnummer") nulls distinct;',
     })
+    @Index({
+        name: 'person_personalnummer_trgm_index',
+        expression:
+            'create index "person_personalnummer_trgm_index" on "person" using gin ("personalnummer" gin_trgm_ops);',
+    })
     @Property({ nullable: true })
     public personalnummer?: string;
 

diff --git a/src/modules/personenkontext/persistence/personenkontext.entity.ts b/src/modules/personenkontext/persistence/personenkontext.entity.ts
@@ -23,6 +23,7 @@ export class PersonenkontextEntity extends TimestampedEntity {
     // TODO EW-636: get from access_token, see SchulConneX (Version 1.003.003.000) page 91
     @AutoMap()
     @Property({ columnType: 'uuid', nullable: true })
+    @Index({ name: 'personenkontext_organisation_id_index' })
     public organisationId!: string;
 
     @ManyToOne({

diff --git a/src/modules/rolle/entity/rolle-merkmal.entity.ts b/src/modules/rolle/entity/rolle-merkmal.entity.ts
@@ -1,10 +1,13 @@
-import { BaseEntity, Entity, Enum, ManyToOne, PrimaryKeyProp, Rel } from '@mikro-orm/core';
+import { BaseEntity, Entity, Enum, Index, ManyToOne, PrimaryKeyProp, Rel } from '@mikro-orm/core';
 import { RollenMerkmal } from '../domain/rolle.enums.js';
 import { RolleEntity } from './rolle.entity.js';
 
 @Entity({ tableName: 'rolle_merkmal' })
 export class RolleMerkmalEntity extends BaseEntity {
     @ManyToOne({ primary: true, entity: () => RolleEntity })
+    @Index({
+        name: 'rolle_merkmal_rolle_id_index',
+    })
     public rolle!: Rel<RolleEntity>;
 
     @Enum({ primary: true, items: () => RollenMerkmal, nativeEnumName: 'rollen_merkmal_enum' })

diff --git a/src/modules/rolle/entity/rolle-systemrecht.entity.ts b/src/modules/rolle/entity/rolle-systemrecht.entity.ts
@@ -1,10 +1,13 @@
-import { BaseEntity, Entity, Enum, ManyToOne, PrimaryKeyProp, Rel } from '@mikro-orm/core';
+import { BaseEntity, Entity, Enum, Index, ManyToOne, PrimaryKeyProp, Rel } from '@mikro-orm/core';
 import { RolleEntity } from './rolle.entity.js';
 import { RollenSystemRecht } from '../domain/rolle.enums.js';
 
 @Entity({ tableName: 'rolle_systemrecht' })
 export class RolleSystemrechtEntity extends BaseEntity {
     @ManyToOne({ primary: true, entity: () => RolleEntity })
+    @Index({
+        name: 'rolle_systemrecht_rolle_id_index',
+    })
     public rolle!: Rel<RolleEntity>;
 
     @Enum({ primary: true, items: () => RollenSystemRecht, nativeEnumName: 'rollen_system_recht_enum' })

diff --git a/src/shared/config/config.env.ts b/src/shared/config/config.env.ts
@@ -8,6 +8,7 @@ import { PrivacyIdeaConfig } from './privacyidea.config.js';
 import { SystemConfig } from './system.config.js';
 import { OxConfig } from './ox.config.js';
 import { RedisConfig } from './redis.config.js';
+import { envToOptionalBoolean } from './utils.js';
 
 export type Config = {
     DB: Partial<DbConfig>;
@@ -56,10 +57,13 @@ export default (): Config => ({
         PASSWORD: process.env['REDIS_PASSWORD'],
     },
     ITSLEARNING: {
-        ENABLED: process.env['ITSLEARNING_ENABLED']?.toLowerCase() as 'true' | 'false',
+        ENABLED: envToOptionalBoolean('ITSLEARNING_ENABLED'),
         ENDPOINT: process.env['ITSLEARNING_ENDPOINT'],
         USERNAME: process.env['ITSLEARNING_USERNAME'],
         PASSWORD: process.env['ITSLEARNING_PASSWORD'],
+        ROOT: process.env['ITSLEARNING_ROOT'],
+        ROOT_OEFFENTLICH: process.env['ITSLEARNING_ROOT_OEFFENTLICH'],
+        ROOT_ERSATZ: process.env['ITSLEARNING_ROOT_ERSATZ'],
     },
     PRIVACYIDEA: {
         ENDPOINT: process.env['PI_BASE_URL'],
@@ -69,7 +73,7 @@ export default (): Config => ({
         REALM: process.env['PI_REALM'],
     },
     OX: {
-        ENABLED: process.env['OX_ENABLED']?.toLowerCase() as 'true' | 'false',
+        ENABLED: envToOptionalBoolean('OX_ENABLED'),
         ENDPOINT: process.env['OX_ENDPOINT'],
         USERNAME: process.env['OX_USERNAME'],
         PASSWORD: process.env['OX_PASSWORD'],