From 1a2a12867f7fb35a70b399d61ffa99011a44a1d9 Mon Sep 17 00:00:00 2001 From: simonredfern Date: Mon, 15 Dec 2025 12:14:07 +0100 Subject: [PATCH] ABAC rules compiles --- .../main/scala/code/api/util/ApiRole.scala | 15 +++++ .../src/main/scala/code/api/util/ApiTag.scala | 1 + .../scala/code/api/v6_0_0/APIMethods600.scala | 6 +- .../code/api/v6_0_0/JSONFactory6.0.0.scala | 57 +++++++++++++++++++ 4 files changed, 76 insertions(+), 3 deletions(-) diff --git a/obp-api/src/main/scala/code/api/util/ApiRole.scala b/obp-api/src/main/scala/code/api/util/ApiRole.scala index 31fee338b..f50c13b48 100644 --- a/obp-api/src/main/scala/code/api/util/ApiRole.scala +++ b/obp-api/src/main/scala/code/api/util/ApiRole.scala @@ -678,6 +678,21 @@ object ApiRole extends MdcLoggable{ case class CanGetViewPermissionsAtAllBanks(requiresBankId: Boolean = false) extends ApiRole lazy val canGetViewPermissionsAtAllBanks = CanGetViewPermissionsAtAllBanks() + case class CanCreateAbacRule(requiresBankId: Boolean = false) extends ApiRole + lazy val canCreateAbacRule = CanCreateAbacRule() + + case class CanGetAbacRule(requiresBankId: Boolean = false) extends ApiRole + lazy val canGetAbacRule = CanGetAbacRule() + + case class CanUpdateAbacRule(requiresBankId: Boolean = false) extends ApiRole + lazy val canUpdateAbacRule = CanUpdateAbacRule() + + case class CanDeleteAbacRule(requiresBankId: Boolean = false) extends ApiRole + lazy val canDeleteAbacRule = CanDeleteAbacRule() + + case class CanExecuteAbacRule(requiresBankId: Boolean = false) extends ApiRole + lazy val canExecuteAbacRule = CanExecuteAbacRule() + case class CanGetSystemLevelDynamicEntities(requiresBankId: Boolean = false) extends ApiRole lazy val canGetSystemLevelDynamicEntities = CanGetSystemLevelDynamicEntities() diff --git a/obp-api/src/main/scala/code/api/util/ApiTag.scala b/obp-api/src/main/scala/code/api/util/ApiTag.scala index bac7e907c..864efed1a 100644 --- a/obp-api/src/main/scala/code/api/util/ApiTag.scala +++ b/obp-api/src/main/scala/code/api/util/ApiTag.scala @@ -37,6 +37,7 @@ object ApiTag { val apiTagSystemView = ResourceDocTag("View-System") val apiTagEntitlement = ResourceDocTag("Entitlement") val apiTagRole = ResourceDocTag("Role") + val apiTagABAC = ResourceDocTag("ABAC") val apiTagScope = ResourceDocTag("Scope") val apiTagOwnerRequired = ResourceDocTag("OwnerViewRequired") val apiTagCounterparty = ResourceDocTag("Counterparty") diff --git a/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala b/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala index 9d9a34d00..2de4757eb 100644 --- a/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala +++ b/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala @@ -74,12 +74,12 @@ trait APIMethods600 { val Implementations6_0_0 = new Implementations600() - class Implementations600 extends MdcLoggable { + class Implementations600 extends RestHelper with MdcLoggable with AbacRuleEndpoints { val implementedInApiVersion: ScannedApiVersion = ApiVersion.v6_0_0 - private val staticResourceDocs = ArrayBuffer[ResourceDoc]() - def resourceDocs = staticResourceDocs + val staticResourceDocs = ArrayBuffer[ResourceDoc]() + val resourceDocs = staticResourceDocs val apiRelations = ArrayBuffer[ApiRelation]() val codeContext = CodeContext(staticResourceDocs, apiRelations) diff --git a/obp-api/src/main/scala/code/api/v6_0_0/JSONFactory6.0.0.scala b/obp-api/src/main/scala/code/api/v6_0_0/JSONFactory6.0.0.scala index a627741e7..aee2c3369 100644 --- a/obp-api/src/main/scala/code/api/v6_0_0/JSONFactory6.0.0.scala +++ b/obp-api/src/main/scala/code/api/v6_0_0/JSONFactory6.0.0.scala @@ -290,6 +290,47 @@ case class CustomerWithAttributesJsonV600( customer_attributes: List[CustomerAttributeResponseJsonV300] ) +// ABAC Rule JSON models +case class CreateAbacRuleJsonV600( + rule_name: String, + rule_code: String, + description: String, + is_active: Boolean +) + +case class UpdateAbacRuleJsonV600( + rule_name: String, + rule_code: String, + description: String, + is_active: Boolean +) + +case class AbacRuleJsonV600( + abac_rule_id: String, + rule_name: String, + rule_code: String, + is_active: Boolean, + description: String, + created_by_user_id: String, + updated_by_user_id: String +) + +case class AbacRulesJsonV600(abac_rules: List[AbacRuleJsonV600]) + +case class ExecuteAbacRuleJsonV600( + bank_id: Option[String], + account_id: Option[String], + transaction_id: Option[String], + customer_id: Option[String] +) + +case class AbacRuleResultJsonV600( + rule_id: String, + rule_name: String, + result: Boolean, + message: String +) + object JSONFactory600 extends CustomJsonFormats with MdcLoggable{ def createCurrentUsageJson(rateLimits: List[((Option[Long], Option[Long]), LimitCallPeriod)]): Option[RedisCallLimitJson] = { @@ -735,4 +776,20 @@ case class UpdateViewJsonV600( def createViewsJsonV600(views: List[View]): ViewsJsonV600 = { ViewsJsonV600(views.map(createViewJsonV600)) } + + def createAbacRuleJsonV600(rule: code.abacrule.AbacRule): AbacRuleJsonV600 = { + AbacRuleJsonV600( + abac_rule_id = rule.abacRuleId, + rule_name = rule.ruleName, + rule_code = rule.ruleCode, + is_active = rule.isActive, + description = rule.description, + created_by_user_id = rule.createdByUserId, + updated_by_user_id = rule.updatedByUserId + ) + } + + def createAbacRulesJsonV600(rules: List[code.abacrule.AbacRule]): AbacRulesJsonV600 = { + AbacRulesJsonV600(rules.map(createAbacRuleJsonV600)) + } }