This module offers a RESTful interface to access the RUDI metadata publically exposed on the RUDI Producer node. It also makes it possible to upload metadata from another module such as the Producer node manager (https://gitlab.aqmo.org/rudidev/rudi-console-proxy)
Author: Olivier Martineau (community@rudi-univ-rennes1.fr)
The API module provides :
- A definition of the RUDI metadata that is compatible with the definition (https://app.swaggerhub.com/apis/OlivierMartineau/RUDI-PRODUCER)
- An external API for fetching open-data metadata (public and accessible without any authentication)
- An internal API for creating, accessing, updating and deleting metadata (https://app.swaggerhub.com/apis/OlivierMartineau/RudiProducer-InternalAPI)
See https://app.swaggerhub.com/apis/OlivierMartineau/RUDI-PRODUCER/ for further information
Use example:
GET /api->GET /api/v1/resourcesGET /api/v1->GET /api/v1/resourcesGET /resources->GET /api/v1/resourcesGET /resources/*->GET /api/v1/resources/*
GET /api/versionGET /api/admin/hashGET /api/admin/apphashGET /api/admin/envGET /api/v1/resourcesGET /api/v1/resources/:id
PUT /resources/*->PUT /api/v1/resources/*PUT /resources/:id/reportPUT /api/v1/resources/:id/reportGET /api/v1/resources/:id/reportGET /api/v1/resources/:id/report/:irid
POST /api/admin/:objectPUT /api/admin/:objectGET /api/admin/:objectGET /api/admin/:object/:idDELETE /api/admin/:object/:idDELETE /api/admin/:objectPOST /api/admin/:object/deletionGET /api/admin/:object/unlinkedGET /api/admin/:object/searchGET /api/admin/searchPOST /api/admin/:object/:id/reportsPUT /api/admin/:object/:id/reportsGET /api/admin/:object/:id/reportsGET /api/admin/:object/:id/reports/:iridGET /api/admin/:object/reportsDELETE /api/admin/:object/:id/reports/:iridDELETE /api/admin/:object/:id/reportsPOST /api/admin/:object/:id/reports/deletion
GET /api/admin/nvGET /api/admin/enumGET /api/admin/enum/:codeGET /api/admin/enum/:code/:langGET /api/admin/licencesGET /api/admin/licence_codesPOST /api/admin/licences/initPOST /api/admin/resources/initGET /api/admin/id_generationGET /api/admin/portal/tokenGET /api/admin/portal/token/checkGET /api/admin/portal/resources/:idPOST /api/admin/portal/resources/:idDELETE /api/admin/portal/resources/:idPOST /api/admin/portal/resources/sendGET /api/admin/logsGET /api/admin/logs/:linesGET /api/admin/logs/searchGET /api/admin/dbDELETE /api/admin/db/:objectDELETE /api/admin/dbGET /api/admin/check/node/urlGET /api/admin/check/portal/urlGET /api/admin/check/portal/resourcesGET /api/admin/check/portal/ids
Configuration files can be found in the "0-ini" directory.
0-ini/conf_default.ini: default configuration and use examples0-ini/conf_custom.ini: user configuration, to be created (if defined, the value of the path variableRUDI_API_USER_CONFis taken as the full path of the custom INI file)
Security section
When the flag should_control_private_requests is true, JWT from incoming requests are controlled.
The parameter profiles indicates the path where is located the security file.
This security file defines the "profiles" for each client that can connect on the internal side of the API.
They are defined each by a section whose name reflects the sub payload field in the JWT.
In this section,
pub_keyindicates the path where is stored the public key associated with the subjectroutes[]indicates the name of a route that is allowed for the user (see "0-ini/profiles.ini" file for a list of route names)
alg: the JWT algorithm (preferably "EdDSA"). It must correspond to the algorithm used to create the private key used to generate this token signature (preferably ed25519).
exp: desired expiration date in Epoch secondssub: a recognized "profile" configuration.req_mtd: the http method used in the requestreq_url: the URL of the request
jti(jwt identifier): a UUIDv4 identifying this JSON web tokeniat(issued at): date of the generation of the token in Epoch secondsclient_id: an identifier for the logged user requesting the resource
$USR: login that has been transmitted to communicate with the token server$PWD: password that has been transmitted to communicate with the token server$DATE: Epoch date in seconds, e.g. now+1200 to get a token that is valid for 20mn$SUB: The value set for the robot/harvester in the filerudi_proxy.inifortoken_server_subjectand associated to a private key (e.g.rudi_token)$MTD: HTTP method for the request to the API (GET|POST|PUT|DELETE)$URL: URL of the request to the API (e.g.: `/api/admin/resources``)$CID: client ID, the way you wish identify the sender of the request (e.g. 'PostmanRobot')$NODE: URL of the producer node (e.g.:https://rm.fenix.rudi-univ-rennes1.fr)
# Create a token
JWT=`curl -X POST --user $USR:$PWD -H 'Content-Type: application/json' -d "{\"exp\":$DATE,\"sub\":\"$SUB\",\"req_mtd\":\"$MTD\",\"req_url\":\"$URL\",\"client_id\":\"$CID\"}" $NODE/crypto/jwt/forge`
# Check a token
curl -X POST --user $USR:$PWD -H 'Content-Type: application/json' -d "\"$JWT\"" $NODE/crypto/jwt/check
# Send the request to the API
curl -X $MTD -H "Authorization: Bearer $JWT" ${NODE}${URL}Two commit processes types are ongoing parallely:
-
MediaFile Each MediaFile get uploaded to the Media module: the upload status determines if the MediaFile status is set to commited. More technically speaking, in case of success
available_formats[i].file_storage_statusis set toavailableavailable_formats[i].file_status_updateis updated
-
Metadata If all the media were set as available, the metadata is sent to the portal and its status set to
pending. If at least one upload fails to be committed, the metadata is set asunavailableand the user has to re-upload the file for the status to be updated anew.
Each MediaFile will be periodically checked.
If the file is found, the field available_formats[i].media_dates.verified is updated.
If available_formats[i].storage_status was set to nonexistant or missing, it is set to available and available_formats[i].status_update date is updated.
If the file is not found and available_formats[i].storage_status === 'available', then available_formats[i].storage_status is set to missing and available_formats[i].status_update date is updated.
In tests/env-rudi-*.postman_environment.json the value for the key cryptoJwtUrl should be replaced with the valid address of the client/crypto module. See Tests documentation.md for further details
The
A migration tool is added to migrate the database from the old version to the new one. By default, the migration script runs automatically at application startup: it checks pending migrations, creates a backup, and applies them if needed. For detailed behavior, configuration, and manual execution, see the migration documentation.
To get started locally with the catalog, follow these instructions. You'll need node and npm installed.
The rudi-node catalog interfaces with a MongoDB Database to store metadatas. To use the catalog locally - for dev per example; you need to install MongoDB.
Once MongoDB is installed and started, you'll need its url. It should looks like mongodb://127.0.0.1:27017- you can find it by running mongosh in a terminal.
See next step to paste the url in config file.
Copy-paste, rename and modify if you wish the two following files :
conf_default.ini > conf_custom.ini
portal_conf_default.ini > portal_conf_custom.ini
Copy paste the base url of your MongoDB database in the conf_custom.ini file (replace with your own):
[database]
db_connection_uri: mongodb://127.0.0.1:27017See Configuration for more details.
Now, everything should be set up; you can start the rudinode-catalog by running :
npm run startThe rudinode-catalog should now be locally accessible.
Notice that for the next times, you only have to run this command to start it.
tip : execute
npm runin bash to see all available shortcuts