[backend] feat(multitenancy): adding builtin connectors for new tenants (#3505)

Dimfacion · Dimfacion · commit 20c2f0a2955e · 2026-05-04T22:40:56.000+02:00
diff --git a/openaev-api/src/main/java/io/openaev/aop/BypassRlsAspect.java b/openaev-api/src/main/java/io/openaev/aop/BypassRlsAspect.java
@@ -5,15 +5,25 @@
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
 
 /**
  * Aspect that enables RLS bypass for methods annotated with {@link BypassRls}. Sets the bypass flag
  * on the current thread before execution and always clears it afterwards.
+ *
+ * <p>The {@link Order} is set to {@code Ordered.LOWEST_PRECEDENCE - 2} so that this aspect runs
+ * <b>before</b> {@code @Transactional} (which defaults to {@code LOWEST_PRECEDENCE}). This is
+ * critical because {@link io.openaev.config.TenantAwareDataSourceConfig} checks the bypass flag at
+ * connection-checkout time: if the flag is not yet set when the transaction opens, the connection
+ * is obtained under the restricted {@code openaev_app} role and PostgreSQL Row-Level Security is
+ * enforced, causing spurious policy violations.
  */
 @Aspect
 @Component
 @Slf4j
+@Order(Ordered.LOWEST_PRECEDENCE - 2)
 public class BypassRlsAspect {
 
   @Around("@annotation(io.openaev.aop.BypassRls)")
diff --git a/openaev-api/src/main/java/io/openaev/integration/ManagerFactory.java b/openaev-api/src/main/java/io/openaev/integration/ManagerFactory.java
@@ -16,7 +16,6 @@
 import io.openaev.rest.injector_contract.InjectorContractService;
 import io.openaev.rest.settings.PreviewFeature;
 import io.openaev.service.PreviewFeatureService;
-import io.openaev.service.tenants.UserTenantService;
 import jakarta.annotation.PostConstruct;
 import jakarta.persistence.EntityManager;
 import java.util.List;
@@ -137,6 +136,6 @@ public void deleteDependencyForTenant(String tenantId) {
 
   @Override
   public List<Class<? extends DependenciesManager>> getPrerequisite() {
-    return List.of(InjectorContractService.class, UserTenantService.class, DataPackProcessor.class);
+    return List.of(InjectorContractService.class, DataPackProcessor.class);
   }
 }
diff --git a/openaev-api/src/main/java/io/openaev/integration/impl/injectors/ovh/OvhInjectorIntegration.java b/openaev-api/src/main/java/io/openaev/integration/impl/injectors/ovh/OvhInjectorIntegration.java
@@ -66,7 +66,7 @@ public OvhInjectorIntegration(
 
   @Override
   protected void innerStart() throws Exception {
-    OvhSmsService ovhSmsService = new OvhSmsService(this.config);
+    OvhSmsService ovhSmsService = new OvhSmsService(injectorContext.getMapper(), this.config);
     this.ovhSmsExecutor =
         new OvhSmsExecutor(injectorContext, ovhSmsService, injectExpectationService);
   }
diff --git a/openaev-api/src/main/java/io/openaev/migration/V5_06__Composite_pk_connectors.java b/openaev-api/src/main/java/io/openaev/migration/V5_06__Composite_pk_connectors.java
@@ -24,7 +24,7 @@
  * </ul>
  */
 @Component
-public class V5_03__Composite_pk_connectors extends BaseJavaMigration {
+public class V5_06__Composite_pk_connectors extends BaseJavaMigration {
 
   @Override
   public void migrate(Context context) throws Exception {
diff --git a/openaev-api/src/main/java/io/openaev/scheduler/jobs/InjectsExecutionJob.java b/openaev-api/src/main/java/io/openaev/scheduler/jobs/InjectsExecutionJob.java
@@ -6,6 +6,7 @@
 import static java.util.Optional.ofNullable;
 import static java.util.stream.Collectors.groupingBy;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.annotations.VisibleForTesting;
 import io.openaev.aop.BypassRls;
 import io.openaev.aop.LogExecutionTime;
@@ -49,6 +50,7 @@
 import org.quartz.Job;
 import org.quartz.JobExecutionContext;
 import org.quartz.JobExecutionException;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.env.Environment;
 import org.springframework.expression.EvaluationContext;
 import org.springframework.expression.EvaluationException;

Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,6 @@`
`16`	`16`	`import io.openaev.rest.injector_contract.InjectorContractService;`
`17`	`17`	`import io.openaev.rest.settings.PreviewFeature;`
`18`	`18`	`import io.openaev.service.PreviewFeatureService;`
`19`		`-import io.openaev.service.tenants.UserTenantService;`
`20`	`19`	`import jakarta.annotation.PostConstruct;`
`21`	`20`	`import jakarta.persistence.EntityManager;`
`22`	`21`	`import java.util.List;`
`@@ -137,6 +136,6 @@ public void deleteDependencyForTenant(String tenantId) {`
`137`	`136`
`138`	`137`	`@Override`
`139`	`138`	`public List<Class<? extends DependenciesManager>> getPrerequisite() {`
`140`		`- return List.of(InjectorContractService.class, UserTenantService.class, DataPackProcessor.class);`
	`139`	`+ return List.of(InjectorContractService.class, DataPackProcessor.class);`
`141`	`140`	`}`
`142`	`141`	`}`
Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ public OvhInjectorIntegration(`
`66`	`66`
`67`	`67`	`@Override`
`68`	`68`	`protected void innerStart() throws Exception {`
`69`		`- OvhSmsService ovhSmsService = new OvhSmsService(this.config);`
	`69`	`+ OvhSmsService ovhSmsService = new OvhSmsService(injectorContext.getMapper(), this.config);`
`70`	`70`	`this.ovhSmsExecutor =`
`71`	`71`	`new OvhSmsExecutor(injectorContext, ovhSmsService, injectExpectationService);`
`72`	`72`	`}`