Separate config from backend services

api/handlers/config.go

@@ -29,7 +29,21 @@ func (t Template) Render(w io.Writer, name string, data interface{}, c echo.Cont
 	return t.templates.ExecuteTemplate(w, name, data)
 }
 
-// Store configuration that need to be passed around to handler funcs.
+// Config holds the configuration settings for the REST API server.
+type Config struct {
+	// Only settings that are typically environment-specific and can be loaded from
+	// external sources like configuration files, environment variables, or remote
+	// configuration services, should go here.
+
+	// Read DEV_GUIDE.md to learn about these
+	AuthLevel       int
+	AdminRoleName   string
+	ServiceRoleName string
+}
+
+// RESTHandler encapsulates the operational components and dependencies necessary for handling
+// RESTful API requests by different handler functions and orchestrating interactions with
+// various backend services and resources.
 type RESTHandler struct {
 	Name         string
 	Title        string
@@ -41,11 +55,7 @@ type RESTHandler struct {
 	MessageQueue *jobs.MessageQueue
 	ActiveJobs   *jobs.ActiveJobs
 	ProcessList  *pr.ProcessList
-
-	// Read DEV_GUIDE.md to learn about these
-	AuthLevel       int
-	AdminRoleName   string
-	ServiceRoleName string
+	Config       *Config
 }
 
 // Pretty print a JSON
@@ -79,8 +89,10 @@ func NewRESTHander() *RESTHandler {
 			"http://www.opengis.net/spec/ogcapi-processes-1/1.0/conf/job-list",
 			"http://www.opengis.net/spec/ogcapi-processes-1/1.0/conf/dismiss",
 		},
-		AdminRoleName:   os.Getenv("AUTH_ADMIN_ROLE"),
-		ServiceRoleName: os.Getenv("AUTH_SERVICE_ROLE"),
+		Config: &Config{
+			AdminRoleName:   os.Getenv("AUTH_ADMIN_ROLE"),
+			ServiceRoleName: os.Getenv("AUTH_SERVICE_ROLE"),
+		},
 	}
 
 	dbType, exist := os.LookupEnv("DB_SERVICE")

api/handlers/handlers.go

@@ -164,11 +164,11 @@ func (rh *RESTHandler) Execution(c echo.Context) error {
 		return c.JSON(http.StatusBadRequest, errResponse{Message: "'processID' incorrect"})
 	}
 
-	if rh.AuthLevel > 0 {
+	if rh.Config.AuthLevel > 0 {
 		roles := strings.Split(c.Request().Header.Get("X-ProcessAPI-User-Roles"), ",")
 
 		// admins are allowed to execute all processes, else you need to have a role with same name as processId
-		if !utils.StringInSlice(rh.AdminRoleName, roles) && !utils.StringInSlice(processID, roles) {
+		if !utils.StringInSlice(rh.Config.AdminRoleName, roles) && !utils.StringInSlice(processID, roles) {
 			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
 		}
 	}
@@ -302,10 +302,10 @@ func (rh *RESTHandler) JobDismissHandler(c echo.Context) error {
 	jobID := c.Param("jobID")
 	if j, ok := rh.ActiveJobs.Jobs[jobID]; ok {
 
-		if rh.AuthLevel > 0 {
+		if rh.Config.AuthLevel > 0 {
 			roles := strings.Split(c.Request().Header.Get("X-ProcessAPI-User-Roles"), ",")
 
-			if (*j).SUBMITTER() != c.Request().Header.Get("X-ProcessAPI-User-Email") && !utils.StringInSlice(rh.AdminRoleName, roles) {
+			if (*j).SUBMITTER() != c.Request().Header.Get("X-ProcessAPI-User-Email") && !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
 				return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
 			}
 		}
@@ -563,10 +563,10 @@ func (rh *RESTHandler) ListJobsHandler(c echo.Context) error {
 		}
 	}
 
-	if rh.AuthLevel > 0 {
+	if rh.Config.AuthLevel > 0 {
 		roles := strings.Split(c.Request().Header.Get("X-ProcessAPI-User-Roles"), ",")
 
-		if !utils.StringInSlice(rh.AdminRoleName, roles) {
+		if !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
 			submitters = c.Request().Header.Get("X-ProcessAPI-User-Email")
 		}
 	}
@@ -623,11 +623,11 @@ func (rh *RESTHandler) ListJobsHandler(c echo.Context) error {
 //
 // Time must be in RFC3339(ISO) format
 func (rh *RESTHandler) JobStatusUpdateHandler(c echo.Context) error {
-	if rh.AuthLevel > 0 {
+	if rh.Config.AuthLevel > 0 {
 		roles := strings.Split(c.Request().Header.Get("X-ProcessAPI-User-Roles"), ",")
 
 		// only service accounts or admins can post status updates
-		if !utils.StringInSlice(rh.ServiceRoleName, roles) && !utils.StringInSlice(rh.AdminRoleName, roles) {
+		if !utils.StringInSlice(rh.Config.ServiceRoleName, roles) && !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
 			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
 		}
 	}

api/handlers/processes_handlers.go

@@ -112,11 +112,11 @@ func (rh *RESTHandler) ProcessDescribeHandler(c echo.Context) error {
 // AddProcessHandler adds a new process configuration
 func (rh *RESTHandler) AddProcessHandler(c echo.Context) error {
 
-	if rh.AuthLevel > 0 {
+	if rh.Config.AuthLevel > 0 {
 		roles := strings.Split(c.Request().Header.Get("X-ProcessAPI-User-Roles"), ",")
 
 		// non-admins are not allowed
-		if !utils.StringInSlice(rh.AdminRoleName, roles) {
+		if !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
 			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
 		}
 	}
@@ -173,11 +173,11 @@ func (rh *RESTHandler) AddProcessHandler(c echo.Context) error {
 // UpdateProcessHandler updates an existing process configuration
 func (rh *RESTHandler) UpdateProcessHandler(c echo.Context) error {
 
-	if rh.AuthLevel > 0 {
+	if rh.Config.AuthLevel > 0 {
 		roles := strings.Split(c.Request().Header.Get("X-ProcessAPI-User-Roles"), ",")
 
 		// non-admins are not allowed
-		if !utils.StringInSlice(rh.AdminRoleName, roles) {
+		if !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
 			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
 		}
 	}
@@ -244,11 +244,11 @@ func (rh *RESTHandler) UpdateProcessHandler(c echo.Context) error {
 // DeleteProcessHandler deletes a process configuration
 func (rh *RESTHandler) DeleteProcessHandler(c echo.Context) error {
 
-	if rh.AuthLevel > 0 {
+	if rh.Config.AuthLevel > 0 {
 		roles := strings.Split(c.Request().Header.Get("X-ProcessAPI-User-Roles"), ",")
 
 		// non-admins are not allowed
-		if !utils.StringInSlice(rh.AdminRoleName, roles) {
+		if !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
 			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
 		}
 	}

api/main.go

@@ -279,7 +279,7 @@ func main() {
 	// Create a group for all routes that need to be protected when AUTH_LEVEL = protected
 	pg := e.Group("")
 	authLvl := initAuth(e, pg)
-	rh.AuthLevel = authLvl
+	rh.Config.AuthLevel = authLvl
 
 	// Server
 	e.GET("/", rh.LandingPage)