Merge pull request #246 from os2display/release/2.5.1

Release 2.5.1

Author: tuj

CHANGELOG.md

@@ -4,6 +4,15 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+## [2.5.1] - 2025-06-23
+
+- [#245](https://github.com/os2display/display-api-service/pull/245)
+  - Added resource endpoint for limiting access to instant book interactive slide.
+- [#243](https://github.com/os2display/display-api-service/pull/243)
+  - Changed resource name in calendar api feed type resource selector.
+- [#242](https://github.com/os2display/display-api-service/pull/242)
+  - Changed calendar api feed type to use display name from resources feed instead of events feed.
+
 ## [2.5.0] - 2025-05-09
 
 - [#240](https://github.com/os2display/display-api-service/pull/240)

docs/feed/calender-api-feed.md

@@ -38,12 +38,14 @@ By default, the three endpoints should return data as follows:
     {
         "id": "Resource Id 1",
         "locationId": "Location Id 1",
+        "name": "Resource-1",
         "displayName": "Resource 1",
         "includedInEvents": true
     },
     {
         "id": "Resource Id 2",
         "locationId": "Location Id 1",
+        "name": "Resource-2",
         "displayName": "Resource 2",
         "includedInEvents": false
     }
@@ -52,7 +54,8 @@ By default, the three endpoints should return data as follows:
 
 * The `id` (Mapping key: RESOURCE_ID) should be unique for the resource.
 * The `locationId` (Mapping key: RESOURCE_LOCATION_ID) is the id of the location the resource belongs to.
-* The `displayName` (Mapping key: RESOURCE_DISPLAY_NAME) is the name the resource is presented by in templates and admin.
+* The `name` (Mapping key: RESOURCE_NAME) is the name the resource is presented by in the admin selector.
+* The `displayName` (Mapping key: RESOURCE_DISPLAY_NAME) is the name the resource is presented by in templates.
 * The `includedInEvents` (Mapping key: RESOURCE_INCLUDED_IN_EVENTS) determines if the resource is included in the events
 endpoint.
   This property can be excluded in the data. If this is the case, it defaults to `true`.
@@ -102,6 +105,7 @@ CALENDAR_API_FEED_SOURCE_CUSTOM_MAPPINGS='{
     "LOCATION_DISPLAY_NAME": "Example2",
     "RESOURCE_ID": "Example3",
     "RESOURCE_LOCATION_ID": "Example4",
+    "RESOURCE_NAME": "Example12",
     "RESOURCE_DISPLAY_NAME": "Example5",
     "RESOURCE_INCLUDED_IN_EVENTS": "Example6",
     "EVENT_TITLE": "Example7",

infrastructure/itkdev/display-api-service/etc/confd/templates/env.local.tmpl

@@ -67,3 +67,5 @@ EVENTDATABASE_API_V2_CACHE_EXPIRE_SECONDS={{ getenv "APP_EVENTDATABASE_API_V2_CA
 
 TRACK_SCREEN_INFO={{ getenv "APP_TRACK_SCREEN_INFO" "false" }}
 TRACK_SCREEN_INFO_UPDATE_INTERVAL_SECONDS={{ getenv "APP_TRACK_SCREEN_INFO_UPDATE_INTERVAL_SECONDS" "300" }}
+
+APP_KEY_VAULT_JSON={{ getenv "APP_KEY_VAULT_JSON" "{}" }}

infrastructure/os2display/display-api-service/etc/confd/templates/env.local.tmpl

@@ -67,3 +67,5 @@ EVENTDATABASE_API_V2_CACHE_EXPIRE_SECONDS={{ getenv "APP_EVENTDATABASE_API_V2_CA
 
 TRACK_SCREEN_INFO={{ getenv "APP_TRACK_SCREEN_INFO" "false" }}
 TRACK_SCREEN_INFO_UPDATE_INTERVAL_SECONDS={{ getenv "APP_TRACK_SCREEN_INFO_UPDATE_INTERVAL_SECONDS" "300" }}
+
+APP_KEY_VAULT_JSON={{ getenv "APP_KEY_VAULT_JSON" "{}" }}

src/Feed/CalendarApiFeedType.php

@@ -72,24 +72,35 @@ public function getData(Feed $feed): array
                 return [];
             }
 
-            $resources = $configuration['resources'];
+            $requestedResources = $configuration['resources'];
+
+            $allResources = $this->loadResources();
 
             $events = [];
 
-            foreach ($resources as $resource) {
-                $events += $this->getResourceEvents($resource);
+            foreach ($requestedResources as $requestedResource) {
+                $events = array_merge($events, $this->getResourceEvents($requestedResource));
             }
 
             $modifiedResults = static::applyModifiersToEvents($events, $this->eventModifiers, $enabledModifiers);
 
-            $resultsAsArray = array_map(fn (CalendarEvent $event) => [
-                'id' => Ulid::generate(),
-                'title' => $event->title,
-                'startTime' => $event->startTimeTimestamp,
-                'endTime' => $event->endTimeTimestamp,
-                'resourceTitle' => $event->resourceDisplayName,
-                'resourceId' => $event->resourceId,
-            ], $modifiedResults);
+            $resultsAsArray = array_map(function (CalendarEvent $event) use ($allResources) {
+                $resourceDisplayName = $event->resourceDisplayName;
+
+                // Override resource title with resource display name from resources list.
+                if (isset($allResources[$event->resourceId])) {
+                    $resourceDisplayName = $allResources[$event->resourceId]->displayName;
+                }
+
+                return [
+                    'id' => Ulid::generate(),
+                    'title' => $event->title,
+                    'startTime' => $event->startTimeTimestamp,
+                    'endTime' => $event->endTimeTimestamp,
+                    'resourceTitle' => $resourceDisplayName,
+                    'resourceId' => $event->resourceId,
+                ];
+            }, $modifiedResults);
 
             // Sort bookings by start time.
             usort($resultsAsArray, fn (array $a, array $b) => $a['startTime'] > $b['startTime'] ? 1 : -1);
@@ -217,7 +228,7 @@ public function getConfigOptions(Request $request, FeedSource $feedSource, strin
 
                 $resourceOptions = array_map(fn (Resource $resource) => [
                     'id' => Ulid::generate(),
-                    'title' => $resource->displayName,
+                    'title' => $resource->name.' ('.$resource->displayName.')',
                     'value' => $resource->id,
                 ], $resources);
 
@@ -357,13 +368,16 @@ private function loadResources(): array
 
                     // Only include resources that are included in events endpoint.
                     if ($includeValue) {
+                        $id = $resourceEntry[$this->getMapping('resourceId')];
+
                         $resource = new Resource(
-                            $resourceEntry[$this->getMapping('resourceId')],
+                            $id,
+                            $resourceEntry[$this->getMapping('resourceName')],
                             $resourceEntry[$this->getMapping('resourceLocationId')],
                             $resourceEntry[$this->getMapping('resourceDisplayName')],
                         );
 
-                        $resources[] = $resource;
+                        $resources[$id] = $resource;
                     }
                 }
 
@@ -472,6 +486,7 @@ private function createMappings(array $customMappings): array
             'locationDisplayName' => $customMappings['LOCATION_DISPLAY_NAME'] ?? 'displayName',
             'resourceId' => $customMappings['RESOURCE_ID'] ?? 'id',
             'resourceLocationId' => $customMappings['RESOURCE_LOCATION_ID'] ?? 'locationId',
+            'resourceName' => $customMappings['RESOURCE_NAME'] ?? 'name',
             'resourceDisplayName' => $customMappings['RESOURCE_DISPLAY_NAME'] ?? 'displayName',
             'resourceIncludedInEvents' => $customMappings['RESOURCE_INCLUDED_IN_EVENTS'] ?? 'includedInEvents',
             'eventTitle' => $customMappings['EVENT_TITLE'] ?? 'title',

src/Feed/OutputModel/Calendar/Resource.php

@@ -8,6 +8,7 @@ class Resource
 {
     public function __construct(
         public string $id,
+        public string $name,
         public string $locationId,
         public string $displayName,
     ) {}

src/InteractiveSlide/InstantBook.php

@@ -9,12 +9,12 @@
 use App\Entity\Tenant\InteractiveSlide;
 use App\Entity\Tenant\Slide;
 use App\Entity\User;
-use App\Exceptions\InteractiveSlideException;
 use App\Service\InteractiveSlideService;
 use App\Service\KeyVaultService;
 use Psr\Cache\CacheItemInterface;
 use Psr\Cache\InvalidArgumentException;
 use Symfony\Bundle\SecurityBundle\Security;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\HttpKernel\Exception\ConflictHttpException;
 use Symfony\Component\HttpKernel\Exception\ServiceUnavailableHttpException;
 use Symfony\Component\Security\Core\User\UserInterface;
@@ -36,6 +36,7 @@ class InstantBook implements InteractiveSlideInterface
     private const string SCOPE = 'https://graph.microsoft.com/.default';
     private const string GRANT_TYPE = 'password';
     private const string CACHE_PREFIX = 'MS-INSTANT-BOOK';
+    private const string CACHE_ALLOWED_RESOURCES_PREFIX = 'INSTANT-BOOK-ALLOWED-RESOURCES-';
     private const string CACHE_KEY_TOKEN_PREFIX = self::CACHE_PREFIX.'-TOKEN-';
     private const string CACHE_KEY_OPTIONS_PREFIX = self::CACHE_PREFIX.'-OPTIONS-';
     private const string CACHE_PREFIX_SPAM_PROTECT_PREFIX = self::CACHE_PREFIX.'-SPAM-PROTECT-';
@@ -58,23 +59,29 @@ public function __construct(
 
     public function getConfigOptions(): array
     {
+        // All secrets are retrieved from the KeyVault. Therefore, the input for the different configurations are the
+        // keys into the KeyVault where the values can be retrieved.
         return [
             'tenantId' => [
                 'required' => true,
-                'description' => 'The key in the KeyVault for the tenant id of the App',
+                'description' => 'The key in the KeyVault for the tenant id of the Microsoft Graph App',
             ],
             'clientId' => [
                 'required' => true,
-                'description' => 'The key in the KeyVault for the client id of the App',
+                'description' => 'The key in the KeyVault for the client id of the Microsoft Graph App',
             ],
             'username' => [
                 'required' => true,
-                'description' => 'The key in the KeyVault for the Microsoft Graph username that should perform the action.',
+                'description' => 'The key in the KeyVault for the username that should perform the action.',
             ],
             'password' => [
                 'required' => true,
                 'description' => 'The key in the KeyVault for the password of the user.',
             ],
+            'resourceEndpoint' => [
+                'required' => false,
+                'description' => 'The key in the KeyVault for the resources endpoint. This should supply a json list of resources that can be booked. The resources should have ResourceMail and allowInstantBooking ("True"/"False") properties set.',
+            ],
         ];
     }
 
@@ -83,7 +90,7 @@ public function performAction(UserInterface $user, Slide $slide, InteractionSlid
         return match ($interactionRequest->action) {
             self::ACTION_GET_QUICK_BOOK_OPTIONS => $this->getQuickBookOptions($slide, $interactionRequest),
             self::ACTION_QUICK_BOOK => $this->quickBook($slide, $interactionRequest),
-            default => throw new InteractiveSlideException('Action not allowed'),
+            default => throw new BadRequestHttpException('Action not allowed'),
         };
     }
 
@@ -98,7 +105,7 @@ private function authenticate(array $configuration): array
         $password = $this->keyValueService->getValue($configuration['password']);
 
         if (4 !== count(array_filter([$tenantId, $clientId, $username, $password]))) {
-            throw new \Exception('tenantId, clientId, username, password must all be set.');
+            throw new BadRequestHttpException('tenantId, clientId, username, password must all be set.');
         }
 
         $url = self::LOGIN_ENDPOINT.$tenantId.self::OAUTH_PATH;
@@ -124,7 +131,7 @@ private function getToken(Tenant $tenant, InteractiveSlide $interactive): string
         $configuration = $interactive->getConfiguration();
 
         if (null === $configuration) {
-            throw new \Exception('InteractiveNoConfiguration');
+            throw new BadRequestHttpException('InteractiveSlide has no configuration');
         }
 
         return $this->interactiveSlideCache->get(
@@ -161,13 +168,16 @@ function (CacheItemInterface $item) use ($slide, $resource, $interactionRequest)
                 $interactive = $this->interactiveService->getInteractiveSlide($tenant, $interactionRequest->implementationClass);
 
                 if (null === $interactive) {
-                    throw new \Exception('InteractiveNotFound');
+                    throw new \Exception('InteractiveSlide not found');
                 }
 
+                // Optional limiting of available resources.
+                $this->checkPermission($interactive, $resource);
+
                 $feed = $slide->getFeed();
 
                 if (null === $feed) {
-                    throw new \Exception('Slide.feed not set.');
+                    throw new \Exception('Slide feed not set.');
                 }
 
                 if (!in_array($resource, $feed->getConfiguration()['resources'] ?? [])) {
@@ -247,7 +257,7 @@ private function createEntry(string $resource, array $schedules, string $startFo
      */
     private function quickBook(Slide $slide, InteractionSlideRequest $interactionRequest): array
     {
-        $resource = $this->getValueFromInterval('resource', $interactionRequest);
+        $resource = (string) $this->getValueFromInterval('resource', $interactionRequest);
         $durationMinutes = $this->getValueFromInterval('durationMinutes', $interactionRequest);
 
         $now = new \DateTime();
@@ -273,25 +283,28 @@ function (CacheItemInterface $item) use ($now): \DateTime {
         $interactive = $this->interactiveService->getInteractiveSlide($tenant, $interactionRequest->implementationClass);
 
         if (null === $interactive) {
-            throw new \Exception('InteractiveNotFound');
+            throw new BadRequestHttpException('Interactive not found');
         }
 
+        // Optional limiting of available resources.
+        $this->checkPermission($interactive, $resource);
+
         $feed = $slide->getFeed();
 
         if (null === $feed) {
-            throw new \Exception('Slide.feed not set.');
+            throw new BadRequestHttpException('Slide feed not set.');
         }
 
         if (!in_array($resource, $feed->getConfiguration()['resources'] ?? [])) {
-            throw new \Exception('Resource not in feed resources');
+            throw new BadRequestHttpException('Resource not in feed resources');
         }
 
         $token = $this->getToken($tenant, $interactive);
 
         $configuration = $interactive->getConfiguration();
 
         if (null === $configuration) {
-            throw new \Exception('InteractiveNoConfiguration');
+            throw new BadRequestHttpException('Interactive no configuration');
         }
 
         $username = $this->keyValueService->getValue($configuration['username']);
@@ -411,13 +424,13 @@ private function getValueFromInterval(string $key, InteractionSlideRequest $inte
         $interval = $interactionRequest->data['interval'] ?? null;
 
         if (null === $interval) {
-            throw new \Exception('interval not set.');
+            throw new BadRequestHttpException('interval not set.');
         }
 
         $value = $interval[$key] ?? null;
 
         if (null === $value) {
-            throw new \Exception("interval.'.$key.' not set.");
+            throw new BadRequestHttpException("interval.'.$key.' not set.");
         }
 
         return $value;
@@ -431,4 +444,51 @@ private function getHeaders(string $token): array
             'Accept' => 'application/json',
         ];
     }
+
+    private function checkPermission(InteractiveSlide $interactive, string $resource): void
+    {
+        $configuration = $interactive->getConfiguration();
+        // Optional limiting of available resources.
+        if (null !== $configuration && !empty($configuration['resourceEndpoint'])) {
+            $allowedResources = $this->getAllowedResources($interactive);
+
+            if (!in_array($resource, $allowedResources)) {
+                throw new \Exception('Not allowed');
+            }
+        }
+    }
+
+    private function getAllowedResources(InteractiveSlide $interactive): array
+    {
+        return $this->interactiveSlideCache->get(self::CACHE_ALLOWED_RESOURCES_PREFIX.$interactive->getId(), function (CacheItemInterface $item) use ($interactive) {
+            $item->expiresAfter(60 * 60);
+
+            $configuration = $interactive->getConfiguration();
+
+            $key = $configuration['resourceEndpoint'] ?? null;
+
+            if (null === $key) {
+                throw new \Exception('resourceEndpoint not set');
+            }
+
+            $resourceEndpoint = $this->keyValueService->getValue($key);
+
+            if (null === $resourceEndpoint) {
+                throw new \Exception('resourceEndpoint value not set');
+            }
+
+            $response = $this->client->request('GET', $resourceEndpoint);
+            $content = $response->toArray();
+
+            $allowedResources = [];
+
+            foreach ($content as $resource) {
+                if ('True' === $resource['allowInstantBooking']) {
+                    $allowedResources[] = $resource['ResourceMail'];
+                }
+            }
+
+            return $allowedResources;
+        });
+    }
 }