Skip to content

Kpmp 6695 monitor ep#58

Merged
Dert1129 merged 5 commits into
developfrom
KPMP-6695_Monitor_EP
Jun 1, 2026
Merged

Kpmp 6695 monitor ep#58
Dert1129 merged 5 commits into
developfrom
KPMP-6695_Monitor_EP

Conversation

@zwright

@zwright zwright commented May 26, 2026
edited by coderabbitai Bot
Loading

Copy link
Copy Markdown
Contributor

Summary by CodeRabbit

  • New Features
    • Added a public status endpoint (/v1/status) that provides system health information and current participant count.
    • Authorization system now permits configured endpoints to be publicly accessible while maintaining protection for authenticated user sessions.

Review Change Stack

@coderabbitai

coderabbitai Bot commented May 26, 2026

Copy link
Copy Markdown

Walkthrough

This PR adds a public monitoring endpoint at /v1/status by introducing a MonitorController and extending the authorization filter to whitelist specific endpoints that bypass session requirements. The configuration, authorization logic, and new endpoint work together to expose participant count information without authentication.

Changes

Status Endpoint Authorization and Implementation

Layer / File(s) Summary
Authorization whitelist configuration
src/main/resources/application.properties, src/main/java/org/kpmp/filters/AuthorizationFilter.java		 Configuration property user.auth.allow.endpoints is introduced with value /v1/status, and AuthorizationFilter injects this list as allowedEndpoints alongside kpmpGroup.
Authorization filter gate update
src/main/java/org/kpmp/filters/AuthorizationFilter.java		 Authorization condition in doFilter is broadened to allow requests when either an existing session is valid or the request URI is contained in allowedEndpoints.
Status monitoring endpoint
src/main/java/org/kpmp/monitor/MonitorController.java		 MonitorController is added with GET /v1/status handler that queries SlideService for participant count, logs the request, and returns a composed status string.
🚥 Pre-merge checks | ✅ 2
✅ Passed checks (2 passed)
Check name Status Explanation
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch KPMP-6695_Monitor_EP

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot reviewed May 26, 2026
View reviewed changes

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
src/main/java/org/kpmp/filters/AuthorizationFilter.java (1)

84-89: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Short-circuit whitelisted endpoints before user/session resolution.

Line 88 allows bypass, but Lines 85-87 still execute first. That can break /v1/status for unauthenticated calls (or trigger avoidable auth work) before the whitelist is even checked.

Suggested fix 
-        Cookie[] cookies = request.getCookies();
-        ShibbolethUser user = shibUserService.getUser(request);
-        String shibId = user.getShibId();
-
-        if (hasExistingSession(shibId, cookies, request) || allowedEndpoints.contains(request.getRequestURI())) {
+        if (allowedEndpoints.contains(request.getRequestURI())) {
+            chain.doFilter(request, response);
+            return;
+        }
+
+        Cookie[] cookies = request.getCookies();
+        ShibbolethUser user = shibUserService.getUser(request);
+        String shibId = user.getShibId();
+
+        if (hasExistingSession(shibId, cookies, request)) {
             chain.doFilter(request, response);
         } else {
🧹 Nitpick comments (1)
src/main/java/org/kpmp/monitor/MonitorController.java (1)

27-27: 🏗️ Heavy lift

Avoid full participant fetch on a monitoring endpoint.

Line 27 materializes all participants just to compute a count. For a frequently-polled status endpoint, this is an expensive path; prefer a dedicated count query (countParticipants()-style) in SlideService.

Suggested direction 
-        String status = "Status OK. " + slideService.getAllParticipants().size() + " participants found.";
+        long participantCount = slideService.countParticipants();
+        String status = "Status OK. " + participantCount + " participants found.";
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d5d7d727-cb22-4c34-bb6a-30ce213b9dea

📥 Commits

Reviewing files that changed from the base of the PR and between e49a533 and b821377.

📒 Files selected for processing (3)
  • src/main/java/org/kpmp/filters/AuthorizationFilter.java
  • src/main/java/org/kpmp/monitor/MonitorController.java
  • src/main/resources/application.properties

Comment thread src/main/java/org/kpmp/filters/AuthorizationFilter.java
@Dert1129 Dert1129 merged commit d764630 into develop Jun 1, 2026
1 check passed
@Dert1129 Dert1129 deleted the KPMP-6695_Monitor_EP branch June 1, 2026 13:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@Dert1129 Dert1129 Dert1129 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@zwright @Dert1129