servicecatalog / oscm-approval Goto Github PK

Summary
Allow service manager to customize mail templates for the approval tool. Therefore enhance the approval controller to provide for uploading of mail templates that can be used in the technical service.

Details
Provide File Upload option through the oscm-app-approval UI.

• Use AppTemplateService to read and write the template files from and to the APP database.
• Enhance ApprovalInstanceAccess#BasicSettings with a method getMailTemplate to obtain the content of configured mail template
• Adapt EmailWriter to to use the mail body from above getMailTemplate method.

Acceptance criteria

• Service manager of the approval tool can provide own HTML mail templates.
• Mail template is configurable via parameters in the technical service template
• If no mail template is configured, default mail template is used
• If configured template is not found or failed to load, default mail template is used
• If configured template is not found or failed to load, a clear message is found in the logs

Additional context
Ask me

Remove all LDAP related configuration files and Java code.

Increase code coverage.

As second milestone implementation task:

• Adapt authentication in web application to use oscm core realm.

Details:

• User must be present in any organization in the OSCM database
• Form-based login with user key and password (like Swagger UI for oscm-rest-api)
• Idea: Approval tool deligates to IdentityService at SOAP API for authenting the user key
  (1. setBinding, 2. getCurrentUserDetails() != null)

Summary
Provide the approval tool as a service.

Details
Provide the approval tool as a by default available service that the supplier can subscribe to.

Motivation

• Get rid of duplicate code and contained hardwired data access logic (->security+architecture+maintainance improval)
• Get rid of hardcoded and file based configuration -> instead use provisioning settings with subscription-, service-, controller parameters and user defined attributes (flexibility+extensibility)
• Make use of OSCM asynchronous provisioning framework and provided tools
• Configurable credentials and authentication with default secure encrypted parameters of technical service provider

Todo

• Remove the whole package org.oscm.app.dataaccess including AppDataService.
  Note: Currently this data service accesses the bssapp database directly (APP Proxy is bypassed) to obtain the credentials for communication with oscm-core web services (e.g. callback connection via trigger service). By implementing the tool as a APP controller, this authentication can be covered with secure controller parameters like in APP Sample Adapter or with user defined provisioning settings

• Implement an ApprovalServiceController as org.oscm.app.v2_0.intf.APPlatformController. Take the implementation of the APP Sample Controller as a reference.

• Implement a simple technical service template for the ApprovalServiceController

• Build and package controller as oscm-approval.ear and webapplication as oscm-approval.war to be deployed in oscm-app tomee instance

Summary
Add a readme describing what it's about, how to use and how to build from source.

Acceptance criteria

• Description of usage is clear, short and complete
• Short description for building form source
• Correct product terminology is used

Summary
Enhance sample data setup to provide a ready-to-use configuration for using a subscription approval process.

Details
Via SQL dump or respective scripting

• Preconfigure trigger process in the sample data customer organization (suspending subscribe to service trigger, NotificationSerivce endpoint URL etc.)

• Create supplier own marketplace for self-offering services and restrict it for the supplier organization (to keep it internal -> not accessible for the customers)

• Import technical service for the approval tool in the supplier organization

• Create a free marketable service offer for the approval tool and publish it on said supplier marketplace

• Configure approver and connection data in custom attributes of supplier account

Acceptance criteria
After setup with sample data

• Supplier marketplace is accessible and shows the approval tool service as only service
• As supplier the approval tool can be subscribed out of the box
• The customer can subscribe with approval trigger
• The approver can approve the tasks created by the customer

Additional context
N/A

Display the Travis CI Build status and code coverage result in README.md. E.g. see oscm-app.

• maven build container to build approval artifacts
• Integrate database setup scripts in the docker build process
• create approval database in oscm-app

• Update Copyright headers Copyright FUJITSU LIMITED 2020
• Add Apache 2.0 Licence
• Transfer repo to servicecatalog organization

Summary
The Approval Tool should also support Japanese

Details
The OSCM application currently supports 3 languages: English, German and Japanese. However, the Approval Tool does not have translations in Japanese, they should be added

Acceptance criteria
Japanese is supported by the Approval Tool

Additional context
N/A

In the field named "User Id" currently, to log in, enter "User key".

The field name should be changed to the correct one

Summary
Approval tool doesn't recognize locale language

Details
The application should download the language set as default in the browser and if it is in i18n, display the content in that language

Acceptance criteria
German content should appear after logging into the Approval Tool if browser settings are set to German

Additional context
N/A

Configure master branch protection e.g. like in oscm-rest-api.

Summary
Adapt connection to OSCM core triggerservice to use credentials from new controller settings.

Details

• Remove AppDataService and credential loading
• New service to load credentials from settings of given instance

Acceptance criteria

• Credentials for trigger service call back loaded from instance
• Encryption is handled well and secure
• Failure logging with explecit exclusion of sensitive data

Additional context
Later

Increase the test coverage for the connector package as much as possible

Summary
Clear description or/and business justification of what the task is about.

Details
Create controller on base of Sample Adapter Source Code as maven module.

Acceptance criteria

• Controller is deployable in APP

Summary
The unit tests coverage is too low.

Details
The unit tests coverage is too low and some BL is not unit tested at all. The task is to add further unit test to ensure better coverage.

• Refactor code if strongly indicated or point out by creating a separate task issue.
• Start with classes that are not planned for major change in the running sprint
• Coordinate with other developers to synchronize with their code changes.

Acceptance criteria

• Code coverage should be around 60%

Additional context
N/A

Add CodeCov to measure and report the test coverage.

See https://github.com/servicecatalog/oscm-approval/blob/master/README.md.

Summary
The approver may take the decision of approving or rejecting customer subscriptions depending on the costs. Therefore it would be very useful to have the price tag information in the approval request email.

Details
Of course exact costs depend on usage, but basic price tag (e.g. From 12 €) as shown in the marketplace UI would be usefull.
The service id is present from the trigger data. Additional WS call maybe required to obtain the VOServiceDetails, which includes the VOPriceModel. The display price can be computed from VOPriceModel as done here.

Acceptance criteria

• Approver receives email that includes display price and unit, in case if the service is charged
• Approver receives email that includes the information "free of charge", in case if the service has a free price model
• High unit test coverage

Additional context
Ask me.

Add Travis integration to compile, package and test the modules.

Summary
Currently approval process is not related to authentication. Approver is a hard-coded value and is not validated during authentication.

Details

• Store the approver organization in the approval task

Acceptance criteria
TBD

Additional context
TBD