From 22ebc67d80bc11de26ca74a608b47430191f6d74 Mon Sep 17 00:00:00 2001 From: shuang Date: Sun, 29 Nov 2020 21:28:34 +0800 Subject: [PATCH] feature/do_validation_with_json_schema: do json-schema validation when entitlement check success --- CONTRIBUTING.md | 4 +- .../ResourceDocsAPIMethods.scala | 23 +++---- .../v1_3/PaymentInitiationServicePISApi.scala | 9 +-- .../main/scala/code/api/util/APIUtil.scala | 2 +- .../main/scala/code/api/util/NewStyle.scala | 64 +++++++++++++++---- .../scala/code/api/v1_4_0/APIMethods140.scala | 3 +- .../scala/code/api/v2_0_0/APIMethods200.scala | 46 +++++++------ .../scala/code/api/v2_1_0/APIMethods210.scala | 38 +++++------ .../scala/code/api/v2_2_0/APIMethods220.scala | 49 +++++--------- .../scala/code/api/v3_0_0/APIMethods300.scala | 32 +++------- .../scala/code/api/v3_1_0/APIMethods310.scala | 20 +++--- .../scala/code/api/v4_0_0/APIMethods400.scala | 25 ++++---- .../api/v2_0_0/TransactionRequestsTest.scala | 4 +- .../code/api/v2_1_0/CreateBranchTest.scala | 12 ++-- .../api/v2_1_0/CreateCreditCardTest.scala | 4 +- .../v2_1_0/CreateTransactionTypeTest.scala | 4 +- .../UpdateConsumerRedirectUrlTest.scala | 6 +- 17 files changed, 167 insertions(+), 178 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index dac9e5de7..74a526db5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -91,7 +91,7 @@ When naming variables use strict camel case e.g. use myUrl not myURL. This is so // 1. makes sure the user which attempts to use the endpoint is authorized (Full(u), callContext) <- authorizedAccess(cc) // 2. makes sure the user which attempts to use the endpoint is allowed to consume it - _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = createProductEntitlementsRequiredText)(bankId.value, u.userId, createProductEntitlements) + _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = createProductEntitlementsRequiredText)(bankId.value, u.userId, createProductEntitlements, callContext) // 3. checks the endpoint constraints (_, callContext) <- NewStyle.function.getBank(bankId, callContext) failMsg = s"$InvalidJsonFormat The Json body should be the $PostPutProductJsonV310 " @@ -106,7 +106,7 @@ Please note that that checks at an endpoint should be applied only in case an us failMsg = s"$InvalidJsonFormat The Json body should be the $PostPutProductJsonV310 " (Full(u), callContext) <- authorizedAccess(cc) // 2. makes sure the user which attempts to use the endpoint is allowed to consume it - _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = createProductEntitlementsRequiredText)(bankId.value, u.userId, createProductEntitlements) + _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = createProductEntitlementsRequiredText)(bankId.value, u.userId, createProductEntitlements, callContext) ``` the user which cannot consume the endpoint still can check does some bank exist or not at that instance. It's not the issue if banks are public data at the instance but it wouldn't be the only business case all the time. diff --git a/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/ResourceDocsAPIMethods.scala b/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/ResourceDocsAPIMethods.scala index b0f9e7484..6a1448da4 100644 --- a/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/ResourceDocsAPIMethods.scala +++ b/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/ResourceDocsAPIMethods.scala @@ -2,24 +2,26 @@ package code.api.ResourceDocs1_4_0 import java.util.UUID.randomUUID +import code.api.OBPRestHelper import code.api.builder.OBP_APIBuilder -import code.api.util.{APIUtil, _} import code.api.cache.Caching -import code.api.util.APIUtil.{hasEntitlement, _} +import code.api.util.APIUtil._ import code.api.util.ApiTag._ -import com.openbankproject.commons.util.ApiStandards._ +import code.api.util.{APIUtil, _} import code.api.v1_4_0.{APIMethods140, JSONFactory1_4_0, OBPAPI1_4_0} import code.api.v2_2_0.{APIMethods220, OBPAPI2_2_0} import code.api.v3_0_0.OBPAPI3_0_0 import code.api.v3_1_0.OBPAPI3_1_0 import code.api.v4_0_0.{APIMethods400, OBPAPI4_0_0} -import code.api.OBPRestHelper -import code.api.util.ApiRole.{CanReadResourceDoc, canCreateAnyTransactionRequest} import code.util.Helper.MdcLoggable -import com.openbankproject.commons.model.enums.{ContentParam, LanguageParam} +import com.github.dwickern.macros.NameOf.nameOf +import com.openbankproject.commons.model.ListResult +import com.openbankproject.commons.model.enums.ContentParam.{ALL, DYNAMIC, STATIC} import com.openbankproject.commons.model.enums.LanguageParam._ +import com.openbankproject.commons.model.enums.{ContentParam, LanguageParam} +import com.openbankproject.commons.util.ApiStandards._ import com.openbankproject.commons.util.{ApiVersion, ScannedApiVersion} -import com.tesobe.{CacheKeyFromArguments, CacheKeyOmit} +import com.tesobe.CacheKeyFromArguments import net.liftweb.common.{Box, Empty, Full} import net.liftweb.http.{JsonResponse, LiftRules, S} import net.liftweb.json @@ -27,9 +29,6 @@ import net.liftweb.json.JsonAST.{JField, JString, JValue} import net.liftweb.json._ import net.liftweb.util.Helpers.tryo import net.liftweb.util.Props -import com.github.dwickern.macros.NameOf.nameOf -import com.openbankproject.commons.model.ListResult -import com.openbankproject.commons.model.enums.ContentParam.{ALL, DYNAMIC, STATIC} import scala.collection.immutable.{List, Nil} @@ -42,8 +41,6 @@ import code.api.v2_1_0.{APIMethods210, OBPAPI2_1_0} import scala.collection.mutable.ArrayBuffer // So we can include resource docs from future versions -import java.text.SimpleDateFormat - import code.api.util.ErrorMessages._ import code.util.Helper.booleanToBox @@ -399,7 +396,7 @@ trait ResourceDocsAPIMethods extends MdcLoggable with APIMethods220 with APIMeth _ <- if (resourceDocsRequireRole)//If set resource_docs_requires_role=true, we need check the authentication and the roles for{ u <- cc.user ?~ UserNotLoggedIn - hasCanReadResourceDocRole <- booleanToBox(hasEntitlement("", u.userId, ApiRole.canReadResourceDoc), UserHasMissingRoles + CanReadResourceDoc) + hasCanReadResourceDocRole <- NewStyle.function.ownEntitlement("", u.userId, ApiRole.canReadResourceDoc, cc.callContext) } yield{ hasCanReadResourceDocRole } diff --git a/obp-api/src/main/scala/code/api/berlin/group/v1_3/PaymentInitiationServicePISApi.scala b/obp-api/src/main/scala/code/api/berlin/group/v1_3/PaymentInitiationServicePISApi.scala index 405c4c785..9db9d2300 100644 --- a/obp-api/src/main/scala/code/api/berlin/group/v1_3/PaymentInitiationServicePISApi.scala +++ b/obp-api/src/main/scala/code/api/berlin/group/v1_3/PaymentInitiationServicePISApi.scala @@ -572,13 +572,10 @@ $additionalInstructions (_, callContext) <- NewStyle.function.validateAndCheckIbanNumber(toAccountIban, callContext) (toAccount, callContext) <- NewStyle.function.getToBankAccountByIban(toAccountIban, callContext) - _ <- Helper.booleanToFuture(InsufficientAuthorisationToCreateTransactionRequest) { - - u.hasOwnerViewAccess(BankIdAccountId(fromAccount.bankId,fromAccount.accountId)) == true || - hasEntitlement(fromAccount.bankId.value, u.userId, ApiRole.canCreateAnyTransactionRequest) == true - } + _ <- if (u.hasOwnerViewAccess(BankIdAccountId(fromAccount.bankId,fromAccount.accountId))) Future.successful(Full(Unit)) + else NewStyle.function.hasEntitlement(fromAccount.bankId.value, u.userId, ApiRole.canCreateAnyTransactionRequest, callContext, InsufficientAuthorisationToCreateTransactionRequest) - // Prevent default value for transaction request type (at least). + // Prevent default value for transaction request type (at least). _ <- Helper.booleanToFuture(s"From Account Currency is ${fromAccount.currency}, but Requested Transaction Currency is: ${transDetailsJson.instructedAmount.currency}") { transDetailsJson.instructedAmount.currency == fromAccount.currency } diff --git a/obp-api/src/main/scala/code/api/util/APIUtil.scala b/obp-api/src/main/scala/code/api/util/APIUtil.scala index 95c4c6d45..b2f4d7080 100644 --- a/obp-api/src/main/scala/code/api/util/APIUtil.scala +++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala @@ -3441,7 +3441,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{ case x => anonymousAccess(x) } private val checkRolesFun: PartialFunction[String, (String, List[ApiRole]) => Future[Box[Unit]]] = { - case x => NewStyle.function.hasAtLeastOneEntitlement(x, _, _) + case x => NewStyle.function.hasAtLeastOneEntitlement(x, _, _, None) } private val checkBankFun: PartialFunction[BankId, Option[CallContext] => OBPReturnType[Bank]] = { case x => NewStyle.function.getBank(x, _) diff --git a/obp-api/src/main/scala/code/api/util/NewStyle.scala b/obp-api/src/main/scala/code/api/util/NewStyle.scala index c39384c8c..ff2bccc65 100644 --- a/obp-api/src/main/scala/code/api/util/NewStyle.scala +++ b/obp-api/src/main/scala/code/api/util/NewStyle.scala @@ -7,7 +7,7 @@ import akka.http.scaladsl.model.HttpMethod import code.DynamicEndpoint.{DynamicEndpointProvider, DynamicEndpointT} import code.api.APIFailureNewStyle import code.api.cache.Caching -import code.api.util.APIUtil.{OBPReturnType, canGrantAccessToViewCommon, canRevokeAccessToViewCommon, connectorEmptyResponse, createHttpParamsByUrlFuture, createQueriesByHttpParamsFuture, fullBoxOrException, generateUUID, unboxFull, unboxFullOrFail} +import code.api.util.APIUtil.{EntitlementAndScopeStatus, OBPReturnType, canGrantAccessToViewCommon, canRevokeAccessToViewCommon, connectorEmptyResponse, createHttpParamsByUrlFuture, createQueriesByHttpParamsFuture, fullBoxOrException, generateUUID, unboxFull, unboxFullOrFail} import code.api.util.ApiRole.canCreateAnyTransactionRequest import code.api.util.ErrorMessages.{InsufficientAuthorisationToCreateTransactionRequest, _} import code.api.v1_2_1.OBPAPI1_2_1.Implementations1_2_1 @@ -32,7 +32,7 @@ import code.model._ import code.model.dataAccess.{BankAccountRouting, DoubleEntryBookTransaction} import code.standingorders.StandingOrderTrait import code.usercustomerlinks.UserCustomerLink -import code.util.Helper +import code.util.{Helper, JsonSchemaUtil} import com.openbankproject.commons.util.{ApiVersion, JsonUtils} import code.views.Views import code.webhook.AccountWebhook @@ -43,7 +43,7 @@ import com.openbankproject.commons.model.enums.StrongCustomerAuthenticationStatu import com.openbankproject.commons.model.enums._ import com.openbankproject.commons.model.{AccountApplication, Bank, Customer, CustomerAddress, Product, ProductCollection, ProductCollectionItem, TaxResidence, UserAuthContext, UserAuthContextUpdate, _} import com.tesobe.CacheKeyFromArguments -import net.liftweb.common.{Box, Empty, Full} +import net.liftweb.common.{Box, Empty, Full, ParamFailure} import net.liftweb.http.provider.HTTPParam import net.liftweb.json.JsonAST._ import net.liftweb.json.JsonDSL._ @@ -379,7 +379,7 @@ object NewStyle { def checkAuthorisationToCreateTransactionRequest(viewId : ViewId, bankAccountId: BankIdAccountId, user: User, callContext: Option[CallContext]) : Future[Boolean] = { Future{ - code.api.util.APIUtil.hasEntitlement(bankAccountId.bankId.value, user.userId, canCreateAnyTransactionRequest) match { + APIUtil.hasEntitlement(bankAccountId.bankId.value, user.userId, canCreateAnyTransactionRequest) match { case true => Full(true) case false => user.hasOwnerViewAccess(BankIdAccountId(bankAccountId.bankId,bankAccountId.accountId)) match { case true => Full(true) @@ -707,24 +707,62 @@ object NewStyle { } } + private def validateRequestPayload[T](callContext: Option[CallContext])(boxResult: Box[T]): Box[T] = { + val validationResult: Option[String] = callContext.flatMap(_.resourceDocument) + .filter(v => v.isNotEndpointAuthCheck) // endpoint not do auth check automatic + .flatMap(v => JsonSchemaUtil.validateRequest(callContext)(v.operationId)) // request payload validation error message - def hasEntitlement(failMsg: String)(bankId: String, userId: String, role: ApiRole): Future[Box[Unit]] = { - Helper.booleanToFuture(failMsg + role.toString()) { - APIUtil.hasEntitlement(bankId, userId, role) + if(boxResult.isEmpty || validationResult.isEmpty) { + boxResult + } else { + val Some(errorMsg) = validationResult + val apiFailure = APIFailureNewStyle(errorMsg, 401, callContext.map(_.toLight)) + val failure = ParamFailure(errorMsg, apiFailure) + fullBoxOrException(failure) } } - def hasEntitlement(bankId: String, userId: String, role: ApiRole, callContext: Option[CallContext] = None): Future[Box[Unit]] = { - hasEntitlement(UserHasMissingRoles)(bankId, userId, role) + + def hasEntitlement(bankId: String, userId: String, role: ApiRole, callContext: Option[CallContext], errorMsg: String = ""): Future[Box[Unit]] = { + val errorInfo = if(StringUtils.isBlank(errorMsg)) UserHasMissingRoles + role.toString() + else errorMsg + + Helper.booleanToFuture(errorInfo) { + APIUtil.hasEntitlement(bankId, userId, role) + } map validateRequestPayload(callContext) + } + // scala not allow overload method both have default parameter, so this method name is just in order avoid the same name with hasEntitlement + def ownEntitlement(bankId: String, userId: String, role: ApiRole,callContext: Option[CallContext], errorMsg: String = ""): Box[Unit] = { + val errorInfo = if(StringUtils.isBlank(errorMsg)) UserHasMissingRoles + role.toString() + else errorMsg + val boxResult = Helper.booleanToBox(APIUtil.hasEntitlement(bankId, userId, role), errorInfo) + validateRequestPayload(callContext)(boxResult) } - def hasAtLeastOneEntitlement(failMsg: => String)(bankId: String, userId: String, roles: List[ApiRole]): Future[Box[Unit]] = + def hasAtLeastOneEntitlement(failMsg: => String)(bankId: String, userId: String, roles: List[ApiRole], callContext: Option[CallContext]): Future[Box[Unit]] = Helper.booleanToFuture(failMsg) { APIUtil.hasAtLeastOneEntitlement(bankId, userId, roles) - } + } map validateRequestPayload(callContext) - def hasAtLeastOneEntitlement(bankId: String, userId: String, roles: List[ApiRole]): Future[Box[Unit]] = - hasAtLeastOneEntitlement(UserHasMissingRoles + roles.mkString(" or "))(bankId, userId, roles) + def hasAtLeastOneEntitlement(bankId: String, userId: String, roles: List[ApiRole], callContext: Option[CallContext]): Future[Box[Unit]] = + hasAtLeastOneEntitlement(UserHasMissingRoles + roles.mkString(" or "))(bankId, userId, roles, callContext) + def hasAllEntitlements(bankId: String, userId: String, roles: List[ApiRole], callContext: Option[CallContext]): Box[Unit] = { + val boxResult = Helper.booleanToBox(APIUtil.hasAllEntitlements(bankId, userId, roles), s"$UserHasMissingRoles${roles.mkString(" and ")} entitlements are required.") + validateRequestPayload(callContext)(boxResult) + } + + def hasAllEntitlements(bankId: String, userId: String, specificBankRoles: List[ApiRole], anyBankRoles: List[ApiRole], callContext: Option[CallContext]): Box[Unit] = { + val errorMsg = UserHasMissingRoles + specificBankRoles.mkString(" and ") + " OR " + anyBankRoles.mkString(" and ") + " entitlements are required." + val boxResult = Helper.booleanToBox( + APIUtil.hasAllEntitlements(bankId, userId, specificBankRoles) || APIUtil.hasAllEntitlements("", userId, anyBankRoles), + errorMsg) + validateRequestPayload(callContext)(boxResult) + } + + def hasEntitlementAndScope(bankId: String, userId: String, consumerId: String, role: ApiRole, callContext: Option[CallContext]): Box[EntitlementAndScopeStatus] = { + val boxResult = APIUtil.hasEntitlementAndScope(bankId, userId, consumerId, role) + validateRequestPayload(callContext)(boxResult) + } def createUserAuthContext(userId: String, key: String, value: String, callContext: Option[CallContext]): OBPReturnType[UserAuthContext] = { Connector.connector.vend.createUserAuthContext(userId, key, value, callContext) map { diff --git a/obp-api/src/main/scala/code/api/v1_4_0/APIMethods140.scala b/obp-api/src/main/scala/code/api/v1_4_0/APIMethods140.scala index 48eceb565..65fb0c9a0 100644 --- a/obp-api/src/main/scala/code/api/v1_4_0/APIMethods140.scala +++ b/obp-api/src/main/scala/code/api/v1_4_0/APIMethods140.scala @@ -650,8 +650,7 @@ trait APIMethods140 extends MdcLoggable with APIMethods130 with APIMethods121{ (bank, callContext ) <- BankX(bankId, Some(cc)) ?~! {ErrorMessages.BankNotFound} postedData <- tryo{json.extract[CreateCustomerJson]} ?~! ErrorMessages.InvalidJsonFormat requiredEntitlements = ApiRole.canCreateCustomer :: ApiRole.canCreateUserCustomerLink :: Nil - requiredEntitlementsTxt = requiredEntitlements.mkString(" and ") - _ <- booleanToBox(hasAllEntitlements(bankId.value, u.userId, requiredEntitlements), s"$requiredEntitlementsTxt entitlements required") + _ <- NewStyle.function.hasAllEntitlements(bankId.value, u.userId, requiredEntitlements, callContext) _ <- tryo(assert(CustomerX.customerProvider.vend.checkCustomerNumberAvailable(bankId, postedData.customer_number) == true)) ?~! ErrorMessages.CustomerNumberAlreadyExists user_id <- tryo{if (postedData.user_id.nonEmpty) postedData.user_id else u.userId} ?~ s"Problem getting user_id" _ <- UserX.findByUserId(user_id) ?~! ErrorMessages.UserNotFoundById diff --git a/obp-api/src/main/scala/code/api/v2_0_0/APIMethods200.scala b/obp-api/src/main/scala/code/api/v2_0_0/APIMethods200.scala index 5bae47111..bc7edf58b 100644 --- a/obp-api/src/main/scala/code/api/v2_0_0/APIMethods200.scala +++ b/obp-api/src/main/scala/code/api/v2_0_0/APIMethods200.scala @@ -590,7 +590,7 @@ trait APIMethods200 { for { u <- cc.user ?~! ErrorMessages.UserNotLoggedIn (bank, callContext) <- BankX(bankId, Some(cc)) ?~! BankNotFound - _ <- booleanToBox(hasEntitlement(bank.bankId.value, u.userId, canGetSocialMediaHandles), UserHasMissingRoles + CanGetSocialMediaHandles) + _ <- NewStyle.function.ownEntitlement(bank.bankId.value, u.userId, canGetSocialMediaHandles, cc.callContext) customer <- CustomerX.customerProvider.vend.getCustomerByCustomerId(customerId) ?~! ErrorMessages.CustomerNotFoundByCustomerId } yield { val kycSocialMedias = SocialMediaHandle.socialMediaHandleProvider.vend.getSocialMedias(customer.number) @@ -827,7 +827,7 @@ trait APIMethods200 { postedData <- tryo{json.extract[SocialMediaJSON]} ?~! ErrorMessages.InvalidJsonFormat _ <- tryo(assert(isValidID(bankId.value)))?~! ErrorMessages.InvalidBankIdFormat (bank, callContext) <- BankX(bankId, Some(cc)) ?~! BankNotFound - _ <- booleanToBox(hasEntitlement(bank.bankId.value, u.userId, canAddSocialMediaHandle), UserHasMissingRoles + CanAddSocialMediaHandle) + _ <- NewStyle.function.ownEntitlement(bank.bankId.value, u.userId, canAddSocialMediaHandle, cc.callContext) _ <- CustomerX.customerProvider.vend.getCustomerByCustomerId(customerId) ?~! ErrorMessages.CustomerNotFoundByCustomerId _ <- booleanToBox( SocialMediaHandle.socialMediaHandleProvider.vend.addSocialMedias( @@ -1113,7 +1113,9 @@ trait APIMethods200 { postedOrLoggedInUser <- UserX.findByUserId(user_id) ?~! ErrorMessages.UserNotFoundById (bank, callContext ) <- BankX(bankId, Some(cc)) ?~! s"Bank $bankId not found" // User can create account for self or an account for another user if they have CanCreateAccount role - _ <- booleanToBox(hasEntitlement(bankId.value, loggedInUser.userId, canCreateAccount) == true || (user_id == loggedInUser.userId) , s"User must either create account for self or have role $CanCreateAccount") + _ <- if (user_id == loggedInUser.userId) Full(Unit) + else NewStyle.function.ownEntitlement(bankId.value, loggedInUser.userId, canCreateAccount, callContext, s"User must either create account for self or have role $CanCreateAccount") + initialBalanceAsString <- tryo (jsonBody.balance.amount) ?~! ErrorMessages.InvalidAccountBalanceAmount accountType <- tryo(jsonBody.`type`) ?~! ErrorMessages.InvalidAccountType accountLabel <- tryo(jsonBody.`type`) //?~! ErrorMessages.InvalidAccountLabel // TODO looks strange. @@ -1282,7 +1284,7 @@ trait APIMethods200 { case Full(_) => booleanToBox(u.hasOwnerViewAccess(BankIdAccountId(fromAccount.bankId,fromAccount.accountId)) == true) case _ => - booleanToBox(hasEntitlement(fromAccount.bankId.value, u.userId, canCreateAnyTransactionRequest) == true, InsufficientAuthorisationToCreateTransactionRequest) + NewStyle.function.ownEntitlement(fromAccount.bankId.value, u.userId, canCreateAnyTransactionRequest, cc.callContext, InsufficientAuthorisationToCreateTransactionRequest) } toBankId <- tryo(BankId(transBodyJson.to.bank_id)) toAccountId <- tryo(AccountId(transBodyJson.to.account_id)) @@ -1347,8 +1349,8 @@ trait APIMethods200 { (bank, callContext ) <- BankX(bankId, Some(cc)) ?~! BankNotFound fromAccount <- BankAccountX(bankId, accountId) ?~! AccountNotFound view <-APIUtil.checkViewAccessAndReturnView(viewId, BankIdAccountId(fromAccount.bankId, fromAccount.accountId), Some(u)) - _ <- booleanToBox(u.hasOwnerViewAccess(BankIdAccountId(fromAccount.bankId,fromAccount.accountId)) == true || hasEntitlement(fromAccount.bankId.value, u.userId, canCreateAnyTransactionRequest) == true, InsufficientAuthorisationToCreateTransactionRequest) - + _ <- if (u.hasOwnerViewAccess(BankIdAccountId(fromAccount.bankId,fromAccount.accountId))) Full(Unit) + else NewStyle.function.ownEntitlement(fromAccount.bankId.value, u.userId, canCreateAnyTransactionRequest, cc.callContext, InsufficientAuthorisationToCreateTransactionRequest) // Note: These checks are not in the ideal order. See version 2.1.0 which supercedes this answerJson <- tryo{json.extract[ChallengeAnswerJSON]} ?~! InvalidJsonFormat @@ -1735,7 +1737,7 @@ trait APIMethods200 { canCreateUserCustomerLink :: Nil requiredEntitlementsTxt = requiredEntitlements.mkString(" and ") - _ <- booleanToBox(hasAllEntitlements(bankId.value, u.userId, requiredEntitlements), UserHasMissingRoles + requiredEntitlementsTxt) + _ <- NewStyle.function.hasAllEntitlements(bankId.value, u.userId, requiredEntitlements, callContext) _ <- tryo(assert(CustomerX.customerProvider.vend.checkCustomerNumberAvailable(bankId, postedData.customer_number) == true)) ?~! ErrorMessages.CustomerNumberAlreadyExists user_id <- tryo (if (postedData.user_id.nonEmpty) postedData.user_id else u.userId) ?~! s"Problem getting user_id" _ <- UserX.findByUserId(user_id) ?~! ErrorMessages.UserNotFoundById @@ -1827,8 +1829,8 @@ trait APIMethods200 { cc => for { l <- cc.user ?~! ErrorMessages.UserNotLoggedIn - _ <- booleanToBox(hasEntitlement("", l.userId, ApiRole.canGetAnyUser), UserHasMissingRoles + CanGetAnyUser ) - // Workaround to get userEmail address directly from URI without needing to URL-encode it + _ <- NewStyle.function.ownEntitlement("", l.userId, ApiRole.canGetAnyUser, cc.callContext) + // Workaround to get userEmail address directly from URI without needing to URL-encode it users <- tryo{AuthUser.getResourceUsersByEmail(CurrentReq.value.uri.split("/").last)} ?~! {ErrorMessages.UserNotFoundByEmail} } yield { @@ -1890,9 +1892,8 @@ trait APIMethods200 { user <- UserX.findByUserId(postedData.user_id) ?~! ErrorMessages.UserNotFoundById _ <- booleanToBox(postedData.customer_id.nonEmpty) ?~! "Field customer_id is not defined in the posted json!" (customer, callContext) <- Connector.connector.vend.getCustomerByCustomerIdLegacy(postedData.customer_id, callContext) ?~! ErrorMessages.CustomerNotFoundByCustomerId - _ <- booleanToBox(hasAllEntitlements(bankId.value, u.userId, createUserCustomerLinksEntitlementsRequiredForSpecificBank) || - hasAllEntitlements("", u.userId, createUserCustomerLinksEntitlementsRequiredForAnyBank), - s"$createUserCustomerLinksrequiredEntitlementsText") + _ <- NewStyle.function.hasAllEntitlements(bankId.value, u.userId, createUserCustomerLinksEntitlementsRequiredForSpecificBank, + createUserCustomerLinksEntitlementsRequiredForAnyBank, callContext) _ <- booleanToBox(customer.bankId == bank.bankId.value, s"Bank of the customer specified by the CUSTOMER_ID(${customer.bankId}) has to matches BANK_ID(${bank.bankId.value}) in URL") _ <- booleanToBox(UserCustomerLink.userCustomerLink.vend.getUserCustomerLink(postedData.user_id, postedData.customer_id).isEmpty == true) ?~! CustomerAlreadyExistsForUser userCustomerLink <- UserCustomerLink.userCustomerLink.vend.createUserCustomerLink(postedData.user_id, postedData.customer_id, new Date(), true) ?~! CreateUserCustomerLinksError @@ -1959,8 +1960,7 @@ trait APIMethods200 { allowedEntitlements = canCreateEntitlementAtOneBank :: canCreateEntitlementAtAnyBank :: Nil allowedEntitlementsTxt = UserNotSuperAdmin +" or" + UserHasMissingRoles + canCreateEntitlementAtOneBank + s" BankId(${postedData.bank_id})." + " or" + UserHasMissingRoles + canCreateEntitlementAtAnyBank _ <- if(isSuperAdmin(u.userId)) Future.successful(Full(Unit)) - else NewStyle.function.hasAtLeastOneEntitlement(allowedEntitlementsTxt)(postedData.bank_id, u.userId, allowedEntitlements) - + else NewStyle.function.hasAtLeastOneEntitlement(allowedEntitlementsTxt)(postedData.bank_id, u.userId, allowedEntitlements, callContext) _ <- Helper.booleanToFuture(failMsg = BankNotFound) { postedData.bank_id.nonEmpty == false || BankX(BankId(postedData.bank_id), callContext).map(_._1).isEmpty == false @@ -2000,8 +2000,8 @@ trait APIMethods200 { cc => for { u <- cc.user ?~ ErrorMessages.UserNotLoggedIn - _ <- booleanToBox(hasEntitlement("", u.userId, canGetEntitlementsForAnyUserAtAnyBank), UserHasMissingRoles + CanGetEntitlementsForAnyUserAtAnyBank ) - entitlements <- Entitlement.entitlement.vend.getEntitlementsByUserId(userId) + _ <- NewStyle.function.ownEntitlement("", u.userId, canGetEntitlementsForAnyUserAtAnyBank, cc.callContext) + entitlements <- Entitlement.entitlement.vend.getEntitlementsByUserId(userId) } yield { var json = EntitlementJSONs(Nil) @@ -2044,10 +2044,9 @@ trait APIMethods200 { cc => for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- Helper.booleanToFuture(s"$UserHasMissingRoles $canDeleteEntitlementAtAnyBank") { - hasEntitlement("", u.userId, canDeleteEntitlementAtAnyBank) - } - entitlement <- Future(Entitlement.entitlement.vend.getEntitlementById(entitlementId)) map { + _ <- NewStyle.function.hasEntitlement("", u.userId, canDeleteEntitlementAtAnyBank, cc.callContext) + + entitlement <- Future(Entitlement.entitlement.vend.getEntitlementById(entitlementId)) map { x => fullBoxOrException(x ~> APIFailureNewStyle(EntitlementNotFound, 404, callContext.map(_.toLight))) } map { unboxFull(_) } _ <- Helper.booleanToFuture(UserDoesNotHaveEntitlement) { entitlement.userId == userId } @@ -2083,10 +2082,9 @@ trait APIMethods200 { cc => for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- Helper.booleanToFuture(failMsg = UserHasMissingRoles + CanGetEntitlementsForAnyUserAtAnyBank) { - hasEntitlement("", u.userId, canGetEntitlementsForAnyUserAtAnyBank) - } - entitlements <- Entitlement.entitlement.vend.getEntitlementsFuture() map { + _ <- NewStyle.function.hasEntitlement("", u.userId, canGetEntitlementsForAnyUserAtAnyBank,callContext) + + entitlements <- Entitlement.entitlement.vend.getEntitlementsFuture() map { connectorEmptyResponse(_, callContext) } } yield { diff --git a/obp-api/src/main/scala/code/api/v2_1_0/APIMethods210.scala b/obp-api/src/main/scala/code/api/v2_1_0/APIMethods210.scala index 7806c50c4..0c61b4e23 100644 --- a/obp-api/src/main/scala/code/api/v2_1_0/APIMethods210.scala +++ b/obp-api/src/main/scala/code/api/v2_1_0/APIMethods210.scala @@ -114,7 +114,7 @@ trait APIMethods210 { u <- cc.user ?~! UserNotLoggedIn allowDataImportProp <- APIUtil.getPropsValue("allow_sandbox_data_import") ~> APIFailure(DataImportDisabled, 403) _ <- Helper.booleanToBox(allowDataImportProp == "true") ~> APIFailure(DataImportDisabled, 403) - _ <- booleanToBox(hasEntitlement("", u.userId, canCreateSandbox), s"$UserHasMissingRoles $CanCreateSandbox") + _ <- NewStyle.function.ownEntitlement("", u.userId, canCreateSandbox, cc.callContext) _ <- OBPDataImport.importer.vend.importData(importData) } yield { successJsonResponse(Extraction.decompose(successMessage), 201) @@ -796,7 +796,7 @@ trait APIMethods210 { canGetEntitlementsForAnyUserAtAnyBank:: Nil allowedEntitlementsTxt = UserHasMissingRoles + allowedEntitlements.mkString(" or ") - _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = allowedEntitlementsTxt)(bankId.value, loggedInUser.userId, allowedEntitlements) + _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = allowedEntitlementsTxt)(bankId.value, loggedInUser.userId, allowedEntitlements, callContext) entitlements <- NewStyle.function.getEntitlementsByUserId(userId, callContext) } yield { @@ -842,7 +842,8 @@ trait APIMethods210 { cc => for { u <- cc.user ?~! UserNotLoggedIn - _ <- booleanToBox(hasEntitlement("", u.userId, ApiRole.canGetConsumers), UserHasMissingRoles + CanGetConsumers) + _ <- NewStyle.function.ownEntitlement("", u.userId, ApiRole.canGetConsumers, cc.callContext) + consumerIdToLong <- tryo{consumerId.toLong} ?~! InvalidConsumerId consumer <- Consumers.consumers.vend.getConsumerByPrimaryId(consumerIdToLong) } yield { @@ -879,7 +880,7 @@ trait APIMethods210 { cc => for { u <- cc.user ?~! UserNotLoggedIn - _ <- booleanToBox(hasEntitlement("", u.userId, ApiRole.canGetConsumers), UserHasMissingRoles + CanGetConsumers ) + _ <- NewStyle.function.ownEntitlement("", u.userId, ApiRole.canGetConsumers, cc.callContext) consumers <- Some(Consumer.findAll()) } yield { // Format the data as json @@ -918,8 +919,8 @@ trait APIMethods210 { u <- cc.user ?~! UserNotLoggedIn putData <- tryo{json.extract[PutEnabledJSON]} ?~! InvalidJsonFormat _ <- putData.enabled match { - case true => booleanToBox(hasEntitlement("", u.userId, ApiRole.canEnableConsumers), UserHasMissingRoles + CanEnableConsumers ) - case false => booleanToBox(hasEntitlement("", u.userId, ApiRole.canDisableConsumers),UserHasMissingRoles + CanDisableConsumers ) + case true => NewStyle.function.ownEntitlement("", u.userId, ApiRole.canEnableConsumers, cc.callContext) + case false => NewStyle.function.ownEntitlement("", u.userId, ApiRole.canDisableConsumers, cc.callContext) } consumer <- Consumers.consumers.vend.getConsumerByPrimaryId(consumerId.toLong) updatedConsumer <- Consumers.consumers.vend.updateConsumer(consumer.id.get, None, None, Some(putData.enabled), None, None, None, None, None, None) ?~! "Cannot update Consumer" @@ -1044,9 +1045,7 @@ trait APIMethods210 { cc => for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- Helper.booleanToFuture(failMsg = UserHasMissingRoles + CanGetAnyUser) { - hasEntitlement("", u.userId, ApiRole.canGetAnyUser) - } + _ <- NewStyle.function.hasEntitlement("", u.userId, ApiRole.canGetAnyUser, callContext) queryParams <- unboxFullAndWrapIntoFuture{ createQueriesByHttpParams(callContext.get.requestHeaders) } users <- Users.users.vend.getAllUsersF(queryParams) } yield { @@ -1097,7 +1096,7 @@ trait APIMethods210 { u <- cc.user ?~! UserNotLoggedIn (bank, callContext) <- BankX(bankId, Some(cc)) ?~! BankNotFound postedData <- tryo {json.extract[TransactionTypeJsonV200]} ?~! InvalidJsonFormat - _ <- booleanToBox(hasEntitlement(bank.bankId.value, u.userId, canCreateTransactionType) == true,InsufficientAuthorisationToCreateTransactionType) + _ <- NewStyle.function.ownEntitlement(bank.bankId.value, u.userId, canCreateTransactionType, callContext, InsufficientAuthorisationToCreateTransactionType) returnTranscationType <- TransactionType.TransactionTypeProvider.vend.createOrUpdateTransactionType(postedData) } yield { successJsonResponse(Extraction.decompose(returnTranscationType)) @@ -1354,11 +1353,7 @@ trait APIMethods210 { _ <- tryo(assert(isValidID(bankId.value)))?~! InvalidBankIdFormat (bank, callContext ) <- BankX(bankId, Some(cc)) ?~! {BankNotFound} postedData <- tryo{json.extract[PostCustomerJsonV210]} ?~! InvalidJsonFormat - _ <- booleanToBox( - hasAllEntitlements(bankId.value, u.userId, createCustomerEntitlementsRequiredForSpecificBank) - || - hasAllEntitlements("", u.userId, createCustomerEntitlementsRequiredForAnyBank), - s"$UserHasMissingRoles$createCustomeEntitlementsRequiredText") + _ <- NewStyle.function.hasAllEntitlements(bankId.value, u.userId, createCustomerEntitlementsRequiredForSpecificBank, createCustomerEntitlementsRequiredForAnyBank, callContext) _ <- tryo(assert(CustomerX.customerProvider.vend.checkCustomerNumberAvailable(bankId, postedData.customer_number) == true)) ?~! CustomerNumberAlreadyExists user_id <- tryo (if (postedData.user_id.nonEmpty) postedData.user_id else u.userId) ?~! s"Problem getting user_id" customer_user <- UserX.findByUserId(user_id) ?~! UserNotFoundById @@ -1499,7 +1494,7 @@ trait APIMethods210 { u <- cc.user ?~ UserNotLoggedIn (bank, callContext) <- BankX(bankId, Some(cc)) ?~! {BankNotFound} branchJsonPutV210 <- tryo {json.extract[BranchJsonPutV210]} ?~! InvalidJsonFormat - _ <- booleanToBox(hasEntitlement(bank.bankId.value, u.userId, canUpdateBranch) == true, s"$UserHasMissingRoles $canUpdateBranch") + _ <- NewStyle.function.ownEntitlement(bank.bankId.value, u.userId, canUpdateBranch, callContext) //package the BranchJsonPut to toBranchJsonPost, to call the createOrUpdateBranch method // branchPost <- toBranchJsonPost(branchId, branchJsonPutV210) @@ -1541,7 +1536,7 @@ trait APIMethods210 { u <- cc.user ?~ UserNotLoggedIn (bank, callContext) <- BankX(bankId, Some(cc)) ?~! {BankNotFound} branchJsonPostV210 <- tryo {json.extract[BranchJsonPostV210]} ?~! InvalidJsonFormat - _ <- booleanToBox(hasEntitlement(bank.bankId.value, u.userId, canCreateBranch) == true, InsufficientAuthorisationToCreateBranch) + _ <- NewStyle.function.ownEntitlement(bank.bankId.value, u.userId, canCreateBranch, cc.callContext, InsufficientAuthorisationToCreateBranch) branch <- transformToBranch(branchJsonPostV210) success <- Connector.connector.vend.createOrUpdateBranch(branch) } yield { @@ -1581,11 +1576,10 @@ trait APIMethods210 { cc => for { u <- cc.user ?~ UserNotLoggedIn - _ <- booleanToBox( - hasEntitlement("", u.userId, ApiRole.canUpdateConsumerRedirectUrl) || APIUtil.getPropsAsBoolValue("consumers_enabled_by_default", false), - UserHasMissingRoles + CanUpdateConsumerRedirectUrl - ) - postJson <- tryo {json.extract[ConsumerRedirectUrlJSON]} ?~! InvalidJsonFormat + _ <- if(APIUtil.getPropsAsBoolValue("consumers_enabled_by_default", false)) Full(Unit) + else NewStyle.function.ownEntitlement("", u.userId, ApiRole.canUpdateConsumerRedirectUrl, cc.callContext) + + postJson <- tryo {json.extract[ConsumerRedirectUrlJSON]} ?~! InvalidJsonFormat consumerIdToLong <- tryo{consumerId.toLong} ?~! InvalidConsumerId consumer <- Consumers.consumers.vend.getConsumerByPrimaryId(consumerIdToLong) ?~! {ConsumerNotFoundByConsumerId} //only the developer that created the Consumer should be able to edit it diff --git a/obp-api/src/main/scala/code/api/v2_2_0/APIMethods220.scala b/obp-api/src/main/scala/code/api/v2_2_0/APIMethods220.scala index 85d13d36b..4f4c7bf5e 100644 --- a/obp-api/src/main/scala/code/api/v2_2_0/APIMethods220.scala +++ b/obp-api/src/main/scala/code/api/v2_2_0/APIMethods220.scala @@ -4,7 +4,7 @@ import java.util.Date import code.api.ResourceDocs1_4_0.SwaggerDefinitionsJSON._ import code.api.util.APIUtil._ -import code.api.util.ApiRole._ +import code.api.util.ApiRole.{canCreateBranch, _} import code.api.util.ApiTag._ import code.api.util.ErrorMessages.{BankAccountNotFound, _} import code.api.util.NewStyle.HttpCode @@ -443,7 +443,7 @@ trait APIMethods220 { bank.id.length > 5,s"$InvalidJsonFormat Min length of BANK_ID should be 5 characters.") u <- cc.user ?~!ErrorMessages.UserNotLoggedIn consumer <- cc.consumer ?~! ErrorMessages.InvalidConsumerCredentials - _ <- hasEntitlementAndScope("", u.userId, consumer.id.get.toString, canCreateBank) + _ <- NewStyle.function.hasEntitlementAndScope("", u.userId, consumer.id.get.toString, canCreateBank, cc.callContext) success <- Connector.connector.vend.createOrUpdateBank( bank.id, bank.full_name, @@ -467,8 +467,6 @@ trait APIMethods220 { // Create Branch val createBranchEntitlementsRequiredForSpecificBank = CanCreateBranch :: Nil val createBranchEntitlementsRequiredForAnyBank = CanCreateBranchAtAnyBank :: Nil - val createBranchEntitlementsRequiredText = UserHasMissingRoles + createBranchEntitlementsRequiredForSpecificBank.mkString(" and ") + " entitlements are required OR " + createBranchEntitlementsRequiredForAnyBank.mkString(" and ") - // TODO Put the RequiredEntitlements and AlternativeRequiredEntitlements in the Resource Doc and use that in the Partial Function? @@ -502,10 +500,8 @@ trait APIMethods220 { for { u <- cc.user ?~!ErrorMessages.UserNotLoggedIn (bank, callContext) <- BankX(bankId, Some(cc)) ?~! BankNotFound - canCreateBranch <- booleanToBox(hasEntitlement(bank.bankId.value, u.userId, canCreateBranch) == true - || - hasEntitlement("", u.userId, canCreateBranchAtAnyBank) - , createBranchEntitlementsRequiredText) + canCreateBranch <- NewStyle.function.hasAllEntitlements(bank.bankId.value, u.userId, canCreateBranch::Nil, canCreateBranchAtAnyBank::Nil, callContext) + branchJsonV220 <- tryo {json.extract[BranchJsonV220]} ?~! ErrorMessages.InvalidJsonFormat branch <- transformV220ToBranch(branchJsonV220) success <- Connector.connector.vend.createOrUpdateBranch(branch) @@ -520,8 +516,6 @@ trait APIMethods220 { val createAtmEntitlementsRequiredForSpecificBank = canCreateAtm :: Nil val createAtmEntitlementsRequiredForAnyBank = canCreateAtmAtAnyBank :: Nil - val createAtmEntitlementsRequiredText = UserHasMissingRoles + createAtmEntitlementsRequiredForSpecificBank.mkString(" and ") + " OR " + createAtmEntitlementsRequiredForAnyBank.mkString(" and ") - resourceDocs += ResourceDoc( createAtm, implementedInApiVersion, @@ -531,7 +525,7 @@ trait APIMethods220 { "Create ATM", s"""Create ATM for the Bank. | - |${authenticationRequiredMessage(true) } + |${authenticationRequiredMessage(true) } | |""", atmJsonV220, @@ -554,10 +548,7 @@ trait APIMethods220 { for { u <- cc.user ?~!ErrorMessages.UserNotLoggedIn (bank, callContext) <- BankX(bankId, Some(cc)) ?~! BankNotFound - canCreateAtm <- booleanToBox(hasAllEntitlements(bank.bankId.value, u.userId, createAtmEntitlementsRequiredForSpecificBank) == true - || - hasAllEntitlements("", u.userId, createAtmEntitlementsRequiredForAnyBank), - createAtmEntitlementsRequiredText) + _ <- NewStyle.function.hasAllEntitlements(bank.bankId.value, u.userId, createAtmEntitlementsRequiredForSpecificBank, createAtmEntitlementsRequiredForAnyBank, callContext) atmJson <- tryo {json.extract[AtmJsonV220]} ?~! ErrorMessages.InvalidJsonFormat atm <- JSONFactory220.transformToAtmFromV220(atmJson) ?~! {ErrorMessages.CouldNotTransformJsonToInternalModel + " Atm"} success <- Connector.connector.vend.createOrUpdateAtm(atm) @@ -573,8 +564,6 @@ trait APIMethods220 { val createProductEntitlementsRequiredForSpecificBank = canCreateProduct :: Nil val createProductEntitlementsRequiredForAnyBank = canCreateProductAtAnyBank :: Nil - val createProductEntitlementsRequiredText = UserHasMissingRoles + createProductEntitlementsRequiredForSpecificBank.mkString(" and ") + " OR " + createProductEntitlementsRequiredForAnyBank.mkString(" and ") - resourceDocs += ResourceDoc( createProduct, implementedInApiVersion, @@ -607,11 +596,8 @@ trait APIMethods220 { for { u <- cc.user ?~!ErrorMessages.UserNotLoggedIn (bank, callContext) <- BankX(bankId, Some(cc)) ?~! BankNotFound - _ <- booleanToBox(hasAllEntitlements(bank.bankId.value, u.userId, createProductEntitlementsRequiredForSpecificBank) == true - || - hasAllEntitlements("", u.userId, createProductEntitlementsRequiredForAnyBank), - createProductEntitlementsRequiredText) - product <- tryo {json.extract[ProductJsonV220]} ?~! ErrorMessages.InvalidJsonFormat + _ <- NewStyle.function.hasAllEntitlements(bank.bankId.value, u.userId, createProductEntitlementsRequiredForSpecificBank, createProductEntitlementsRequiredForAnyBank, callContext) + product <- tryo {json.extract[ProductJsonV220]} ?~! ErrorMessages.InvalidJsonFormat success <- Connector.connector.vend.createOrUpdateProduct( bankId = product.bank_id, code = product.code, @@ -638,8 +624,6 @@ trait APIMethods220 { val createFxEntitlementsRequiredForSpecificBank = canCreateFxRate :: Nil val createFxEntitlementsRequiredForAnyBank = canCreateFxRateAtAnyBank :: Nil - val createFxEntitlementsRequiredText = UserHasMissingRoles + createFxEntitlementsRequiredForSpecificBank.mkString(" and ") + " OR " + createFxEntitlementsRequiredForAnyBank.mkString(" and ") - resourceDocs += ResourceDoc( createFx, implementedInApiVersion, @@ -684,11 +668,8 @@ trait APIMethods220 { for { u <- cc.user ?~!ErrorMessages.UserNotLoggedIn (bank, callContext) <- BankX(bankId, Some(cc)) ?~! BankNotFound - canCreateFx <- booleanToBox(hasAllEntitlements(bank.bankId.value, u.userId, createFxEntitlementsRequiredForSpecificBank) == true - || - hasAllEntitlements("", u.userId, createFxEntitlementsRequiredForAnyBank), - createFxEntitlementsRequiredText) - fx <- tryo {json.extract[FXRateJsonV220]} ?~! ErrorMessages.InvalidJsonFormat + _ <- NewStyle.function.hasAllEntitlements(bank.bankId.value, u.userId, createFxEntitlementsRequiredForSpecificBank, createFxEntitlementsRequiredForAnyBank, callContext) + fx <- tryo {json.extract[FXRateJsonV220]} ?~! ErrorMessages.InvalidJsonFormat success <- Connector.connector.vend.createOrUpdateFXRate( bankId = fx.bank_id, fromCurrencyCode = fx.from_currency_code, @@ -776,9 +757,9 @@ trait APIMethods220 { isValidID(accountId.value) } - _ <- Helper.booleanToFuture(s"${UserHasMissingRoles} $canCreateAccount or create account for self") { - hasEntitlement(bankId.value, loggedInUserId, canCreateAccount) || userIdAccountOwner == loggedInUserId - } + _ <- if(userIdAccountOwner == loggedInUserId) Future.successful(Full(Unit)) + else NewStyle.function.hasEntitlement(bankId.value, loggedInUserId, canCreateAccount, callContext, s"${UserHasMissingRoles} $canCreateAccount or create account for self") + initialBalanceAsString = createAccountJson.balance.amount accountType = createAccountJson.`type` accountLabel = createAccountJson.label @@ -970,8 +951,8 @@ trait APIMethods220 { cc => for { u <- cc.user ?~! UserNotLoggedIn - _ <- booleanToBox(hasEntitlement("", u.userId, ApiRole.canCreateConsumer), UserHasMissingRoles + CanCreateConsumer ) - postedJson <- tryo {json.extract[ConsumerPostJSON]} ?~! InvalidJsonFormat + _ <- NewStyle.function.ownEntitlement("", u.userId, ApiRole.canCreateConsumer, cc.callContext) + postedJson <- tryo {json.extract[ConsumerPostJSON]} ?~! InvalidJsonFormat consumer <- Consumers.consumers.vend.createConsumer(Some(generateUUID()), Some(generateUUID()), Some(postedJson.enabled), diff --git a/obp-api/src/main/scala/code/api/v3_0_0/APIMethods300.scala b/obp-api/src/main/scala/code/api/v3_0_0/APIMethods300.scala index 56a05dc28..17cb67f96 100644 --- a/obp-api/src/main/scala/code/api/v3_0_0/APIMethods300.scala +++ b/obp-api/src/main/scala/code/api/v3_0_0/APIMethods300.scala @@ -1029,8 +1029,6 @@ trait APIMethods300 { // Create Branch val createBranchEntitlementsRequiredForSpecificBank = CanCreateBranch :: Nil val createBranchEntitlementsRequiredForAnyBank = CanCreateBranchAtAnyBank :: Nil - val createBranchEntitlementsRequiredText = UserHasMissingRoles + createBranchEntitlementsRequiredForSpecificBank.mkString(" and ") + " entitlements are required OR " + createBranchEntitlementsRequiredForAnyBank.mkString(" and ") - // TODO Put the RequiredEntitlements and AlternativeRequiredEntitlements in the Resource Doc and use that in the Partial Function? @@ -1064,12 +1062,7 @@ trait APIMethods300 { for { u <- cc.user ?~!ErrorMessages.UserNotLoggedIn (bank, _) <- BankX(bankId, Some(cc)) ?~! BankNotFound - _ <- booleanToBox( - hasEntitlement(bank.bankId.value, u.userId, canCreateBranch) == true - || - hasEntitlement("", u.userId, canCreateBranchAtAnyBank) == true - , createBranchEntitlementsRequiredText - ) + _ <- NewStyle.function.hasAllEntitlements(bank.bankId.value, u.userId, canCreateBranch::Nil, canCreateBranchAtAnyBank::Nil, cc.callContext) branchJsonV300 <- tryo {json.extract[BranchJsonV300]} ?~! {ErrorMessages.InvalidJsonFormat + " BranchJsonV300"} _ <- booleanToBox(branchJsonV300.bank_id == bank.bankId.value, "BANK_ID has to be the same in the URL and Body") branch <- transformToBranchFromV300(branchJsonV300) ?~! {ErrorMessages.CouldNotTransformJsonToInternalModel + " Branch"} @@ -1111,7 +1104,7 @@ trait APIMethods300 { for { u <- cc.user ?~!ErrorMessages.UserNotLoggedIn (bank, _) <- BankX(bankId, Some(cc)) ?~! BankNotFound - _ <- booleanToBox(hasEntitlement(bank.bankId.value, u.userId, canUpdateBranch) == true, s"$UserHasMissingRoles $canUpdateBranch") + _ <- NewStyle.function.ownEntitlement(bank.bankId.value, u.userId, canUpdateBranch, cc.callContext) postBranchJsonV300 <- tryo {json.extract[PostBranchJsonV300]} ?~! {ErrorMessages.InvalidJsonFormat + PostBranchJsonV300.toString()} branchJsonV300 = BranchJsonV300( id = branchId.value, @@ -1142,8 +1135,6 @@ trait APIMethods300 { val createAtmEntitlementsRequiredForSpecificBank = canCreateAtm :: Nil val createAtmEntitlementsRequiredForAnyBank = canCreateAtmAtAnyBank :: Nil - val createAtmEntitlementsRequiredText = UserHasMissingRoles + createAtmEntitlementsRequiredForSpecificBank.mkString(" and ") + " OR " + createAtmEntitlementsRequiredForAnyBank.mkString(" and ") - resourceDocs += ResourceDoc( createAtm, implementedInApiVersion, @@ -1176,11 +1167,8 @@ trait APIMethods300 { for { u <- cc.user ?~!ErrorMessages.UserNotLoggedIn (bank, _) <- BankX(bankId, Some(cc)) ?~! BankNotFound - _ <- booleanToBox(hasAllEntitlements(bank.bankId.value, u.userId, createAtmEntitlementsRequiredForSpecificBank) == true - || - hasAllEntitlements("", u.userId, createAtmEntitlementsRequiredForAnyBank), - createAtmEntitlementsRequiredText) - atmJson <- tryo {json.extract[AtmJsonV300]} ?~! ErrorMessages.InvalidJsonFormat + _ <- NewStyle.function.hasAllEntitlements(bank.bankId.value, u.userId, createAtmEntitlementsRequiredForSpecificBank, createAtmEntitlementsRequiredForAnyBank, cc.callContext) + atmJson <- tryo {json.extract[AtmJsonV300]} ?~! ErrorMessages.InvalidJsonFormat atm <- transformToAtmFromV300(atmJson) ?~! {ErrorMessages.CouldNotTransformJsonToInternalModel + " Atm"} _ <- booleanToBox(atmJson.bank_id == bank.bankId.value, "BANK_ID has to be the same in the URL and Body") success <- Connector.connector.vend.createOrUpdateAtm(atm) @@ -1873,7 +1861,7 @@ trait APIMethods300 { val allowedEntitlementsTxt = allowedEntitlements.mkString(" or ") for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = UserHasMissingRoles + allowedEntitlementsTxt)("", u.userId, allowedEntitlements) + _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = UserHasMissingRoles + allowedEntitlementsTxt)("", u.userId, allowedEntitlements, callContext) entitlementRequests <- NewStyle.function.getEntitlementRequestsFuture(callContext) } yield { (JSONFactory300.createEntitlementRequestsJSON(entitlementRequests), HttpCode.`200`(callContext)) @@ -1912,7 +1900,7 @@ trait APIMethods300 { val allowedEntitlementsTxt = allowedEntitlements.mkString(" or ") for { (Full(authorizedUser), callContext) <- authenticatedAccess(cc) - _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = UserHasMissingRoles + allowedEntitlementsTxt)("", authorizedUser.userId, allowedEntitlements) + _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = UserHasMissingRoles + allowedEntitlementsTxt)("", authorizedUser.userId, allowedEntitlements, callContext) entitlementRequests <- NewStyle.function.getEntitlementRequestsFuture(userId, callContext) } yield { (JSONFactory300.createEntitlementRequestsJSON(entitlementRequests), HttpCode.`200`(callContext)) @@ -1986,7 +1974,7 @@ trait APIMethods300 { val allowedEntitlementsTxt = UserHasMissingRoles + allowedEntitlements.mkString(" or ") for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = allowedEntitlementsTxt)("", u.userId, allowedEntitlements) + _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = allowedEntitlementsTxt)("", u.userId, allowedEntitlements, callContext) deleteEntitlementRequest <- EntitlementRequest.entitlementRequest.vend.deleteEntitlementRequestFuture(entitlementRequestId) map { connectorEmptyResponse(_, callContext) } @@ -2254,7 +2242,7 @@ trait APIMethods300 { allowedEntitlements = canCreateScopeAtOneBank :: canCreateScopeAtAnyBank :: Nil allowedEntitlementsTxt = s"$UserHasMissingRoles ${allowedEntitlements.mkString(", ")}!" - _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = allowedEntitlementsTxt)(postedData.bank_id, u.userId, allowedEntitlements) + _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = allowedEntitlementsTxt)(postedData.bank_id, u.userId, allowedEntitlements, callContext) _ <- Helper.booleanToFuture(failMsg = BankNotFound) { postedData.bank_id.nonEmpty == false || BankX(BankId(postedData.bank_id), callContext).map(_._1).isEmpty == false @@ -2299,7 +2287,7 @@ trait APIMethods300 { consumer <- Future{callContext.get.consumer} map { x => unboxFullOrFail(x, callContext, InvalidConsumerCredentials) } - _ <- Future {hasEntitlementAndScope("", u.userId, consumer.id.get.toString, canDeleteScopeAtAnyBank)} map ( fullBoxOrException(_)) + _ <- Future {NewStyle.function.hasEntitlementAndScope("", u.userId, consumer.id.get.toString, canDeleteScopeAtAnyBank, callContext)} map ( fullBoxOrException(_)) scope <- Future{ Scope.scope.vend.getScopeById(scopeId) ?~! ScopeNotFound } map { val msg = s"$ScopeNotFound Current Value is $scopeId" x => unboxFullOrFail(x, callContext, msg) @@ -2337,7 +2325,7 @@ trait APIMethods300 { consumer <- Future{callContext.get.consumer} map { x => unboxFullOrFail(x , callContext, InvalidConsumerCredentials) } - _ <- Future {hasEntitlementAndScope("", u.userId, consumer.id.get.toString, canGetEntitlementsForAnyUserAtAnyBank)} flatMap {unboxFullAndWrapIntoFuture(_)} + _ <- Future {NewStyle.function.hasEntitlementAndScope("", u.userId, consumer.id.get.toString, canGetEntitlementsForAnyUserAtAnyBank, callContext)} flatMap {unboxFullAndWrapIntoFuture(_)} scopes <- Future { Scope.scope.vend.getScopesByConsumerId(consumerId)} map { unboxFull(_) } } yield (JSONFactory300.createScopeJSONs(scopes), HttpCode.`200`(callContext)) diff --git a/obp-api/src/main/scala/code/api/v3_1_0/APIMethods310.scala b/obp-api/src/main/scala/code/api/v3_1_0/APIMethods310.scala index 6d88da1dd..b35296504 100644 --- a/obp-api/src/main/scala/code/api/v3_1_0/APIMethods310.scala +++ b/obp-api/src/main/scala/code/api/v3_1_0/APIMethods310.scala @@ -1214,7 +1214,7 @@ trait APIMethods310 { for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- NewStyle.function.hasAtLeastOneEntitlement(bankId.value, u.userId, canCreateCustomer :: canCreateCustomerAtAnyBank :: Nil) + _ <- NewStyle.function.hasAtLeastOneEntitlement(bankId.value, u.userId, canCreateCustomer :: canCreateCustomerAtAnyBank :: Nil, callContext) (_, callContext) <- NewStyle.function.getBank(bankId, callContext) failMsg = s"$InvalidJsonFormat The Json body should be the $PostCustomerJsonV310 " @@ -1688,9 +1688,7 @@ trait APIMethods310 { cc => for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- Helper.booleanToFuture(failMsg = UserHasMissingRoles + CanGetEntitlementsForAnyUserAtAnyBank) { - hasEntitlement("", u.userId, canGetEntitlementsForAnyUserAtAnyBank) - } + _ <- NewStyle.function.hasEntitlement("", u.userId, canGetEntitlementsForAnyUserAtAnyBank, callContext) roleName = APIUtil.getHttpRequestUrlParam(cc.url, "role") entitlements <- Entitlement.entitlement.vend.getEntitlementsByRoleFuture(roleName) map { connectorEmptyResponse(_, callContext) @@ -2482,7 +2480,7 @@ trait APIMethods310 { cc => for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = createProductEntitlementsRequiredText)(bankId.value, u.userId, createProductEntitlements) + _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = createProductEntitlementsRequiredText)(bankId.value, u.userId, createProductEntitlements, callContext) (_, callContext) <- NewStyle.function.getBank(bankId, callContext) failMsg = s"$InvalidJsonFormat The Json body should be the $PostPutProductJsonV310 " product <- NewStyle.function.tryons(failMsg, 400, callContext) { @@ -3013,7 +3011,7 @@ trait APIMethods310 { allowedEntitlements = canDeleteBranch ::canDeleteBranchAtAnyBank:: Nil allowedEntitlementsTxt = allowedEntitlements.mkString(" or ") (bank, callContext) <- NewStyle.function.getBank(bankId, callContext) - _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = UserHasMissingRoles + allowedEntitlementsTxt)(bankId.value, u.userId, allowedEntitlements) + _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = UserHasMissingRoles + allowedEntitlementsTxt)(bankId.value, u.userId, allowedEntitlements, callContext) (branch, callContext) <- NewStyle.function.getBranch(bankId, branchId, callContext) (result, callContext) <- NewStyle.function.deleteBranch(branch, callContext) } yield { @@ -5360,9 +5358,9 @@ trait APIMethods310 { _ <- Helper.booleanToFuture(InvalidAccountIdFormat){ isValidID(accountId.value) } - _ <- Helper.booleanToFuture(s"${UserHasMissingRoles} $canCreateAccount or create account for self") { - hasEntitlement(bankId.value, loggedInUserId, canCreateAccount) || userIdAccountOwner == loggedInUserId - } + _ <- if (userIdAccountOwner == loggedInUserId) Future.successful(Full(Unit)) + else NewStyle.function.hasEntitlement(bankId.value, loggedInUserId, canCreateAccount, callContext, s"${UserHasMissingRoles} $canCreateAccount or create account for self") + initialBalanceAsString = createAccountJson.balance.amount accountType = createAccountJson.product_code accountLabel = createAccountJson.label @@ -5908,8 +5906,8 @@ trait APIMethods310 { json.extract[PutEnabledJSON] } _ <- putData.enabled match { - case true => Helper.booleanToFuture(UserHasMissingRoles + CanEnableConsumers)(hasEntitlement("", u.userId, ApiRole.canEnableConsumers)) - case false => Helper.booleanToFuture(UserHasMissingRoles + CanDisableConsumers)(hasEntitlement("", u.userId, ApiRole.canDisableConsumers)) + case true => NewStyle.function.hasEntitlement("", u.userId, ApiRole.canEnableConsumers, callContext) + case false => NewStyle.function.hasEntitlement("", u.userId, ApiRole.canDisableConsumers, callContext) } consumer <- NewStyle.function.getConsumerByConsumerId(consumerId, callContext) updatedConsumer <- Future { diff --git a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala index bbbfd173d..a1379382e 100644 --- a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala +++ b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala @@ -233,9 +233,10 @@ trait APIMethods400 { loggedInUserId = cc.userId userIdAccountOwner = if (createAccountJson.user_id.nonEmpty) createAccountJson.user_id else loggedInUserId (postedOrLoggedInUser,callContext) <- NewStyle.function.findByUserId(userIdAccountOwner, cc.callContext) - _ <- Helper.booleanToFuture(s"$UserHasMissingRoles $canCreateSettlementAccountAtOneBank") { - hasEntitlement(bankId.value, loggedInUserId, canCreateSettlementAccountAtOneBank) || userIdAccountOwner == loggedInUserId - } + + _ <- if (userIdAccountOwner == loggedInUserId) Future.successful(Full(Unit)) + else NewStyle.function.hasEntitlement(bankId.value, loggedInUserId, canCreateSettlementAccountAtOneBank, callContext) + initialBalanceAsString = createAccountJson.balance.amount accountLabel = createAccountJson.label initialBalanceAsNumber <- NewStyle.function.tryons(InvalidAccountInitialBalance, 400, callContext) { @@ -325,9 +326,8 @@ trait APIMethods400 { case "banks" :: BankId(bankId) :: "settlement-accounts" :: Nil JsonGet _ => { cc => for { - _ <- Helper.booleanToFuture(s"$UserHasMissingRoles $canGetSettlementAccountAtOneBank") { - hasEntitlement(bankId.value, cc.userId, canGetSettlementAccountAtOneBank) - } + _ <- NewStyle.function.hasEntitlement(bankId.value, cc.userId, canGetSettlementAccountAtOneBank, cc.callContext) + (accounts, callContext) <- NewStyle.function.getBankSettlementAccounts(bankId, cc.callContext) settlementAccounts <- Future.sequence(accounts.map(account => { NewStyle.function.getAccountAttributesByAccount(bankId, account.accountId, callContext).map(accountAttributes => @@ -662,10 +662,8 @@ trait APIMethods400 { account = BankIdAccountId(bankId, accountId) _ <- NewStyle.function.checkAuthorisationToCreateTransactionRequest(viewId, account, u, callContext) - _ <- Helper.booleanToFuture(InsufficientAuthorisationToCreateTransactionRequest) { - u.hasOwnerViewAccess(BankIdAccountId(bankId, accountId)) || - hasEntitlement(bankId.value, u.userId, ApiRole.canCreateAnyTransactionRequest) - } + _ <- if (u.hasOwnerViewAccess(BankIdAccountId(bankId, accountId))) Future.successful(Full(Unit)) + else NewStyle.function.hasEntitlement(bankId.value, u.userId, ApiRole.canCreateAnyTransactionRequest, callContext, InsufficientAuthorisationToCreateTransactionRequest) _ <- Helper.booleanToFuture(s"${InvalidTransactionRequestType}: '${transactionRequestType.value}'") { APIUtil.getPropsValue("transactionRequests_supported_types", "").split(",").contains(transactionRequestType.value) @@ -2103,9 +2101,10 @@ trait APIMethods400 { loggedInUserId = cc.userId userIdAccountOwner = if (createAccountJson.user_id.nonEmpty) createAccountJson.user_id else loggedInUserId (postedOrLoggedInUser,callContext) <- NewStyle.function.findByUserId(userIdAccountOwner, cc.callContext) - _ <- Helper.booleanToFuture(s"${UserHasMissingRoles} $canCreateAccount or create account for self") { - hasEntitlement(bankId.value, loggedInUserId, canCreateAccount) || userIdAccountOwner == loggedInUserId - } + + _ <- if (userIdAccountOwner == loggedInUserId) Future.successful(Full(Unit)) + else NewStyle.function.hasEntitlement(bankId.value, loggedInUserId, canCreateAccount, callContext, s"${UserHasMissingRoles} $canCreateAccount or create account for self") + initialBalanceAsString = createAccountJson.balance.amount //Note: here we map the product_code to account_type accountType = createAccountJson.product_code diff --git a/obp-api/src/test/scala/code/api/v2_0_0/TransactionRequestsTest.scala b/obp-api/src/test/scala/code/api/v2_0_0/TransactionRequestsTest.scala index 6a76b91c6..9eadde980 100644 --- a/obp-api/src/test/scala/code/api/v2_0_0/TransactionRequestsTest.scala +++ b/obp-api/src/test/scala/code/api/v2_0_0/TransactionRequestsTest.scala @@ -50,7 +50,7 @@ class TransactionRequestsTest extends V200ServerSetup with DefaultUsers { addEntitlement(bankId.value, resourceUser3.userId, CanCreateAnyTransactionRequest.toString) Then("We add entitlement to user3") - val hasEntitlement = code.api.util.APIUtil.hasEntitlement(bankId.value, resourceUser3.userId, canCreateAnyTransactionRequest) + val hasEntitlement = APIUtil.hasEntitlement(bankId.value, resourceUser3.userId, canCreateAnyTransactionRequest) hasEntitlement should equal(true) def getFromAccount: BankAccount = { @@ -386,7 +386,7 @@ class TransactionRequestsTest extends V200ServerSetup with DefaultUsers { addEntitlement(bankId2.value, resourceUser3.userId, CanCreateAnyTransactionRequest.toString) Then("We add entitlement to user3") - val hasEntitlement = code.api.util.APIUtil.hasEntitlement(bankId2.value, resourceUser3.userId, canCreateAnyTransactionRequest) + val hasEntitlement = APIUtil.hasEntitlement(bankId2.value, resourceUser3.userId, canCreateAnyTransactionRequest) hasEntitlement should equal(true) def getFromAccount: BankAccount = { diff --git a/obp-api/src/test/scala/code/api/v2_1_0/CreateBranchTest.scala b/obp-api/src/test/scala/code/api/v2_1_0/CreateBranchTest.scala index 33a58915d..875e691f6 100644 --- a/obp-api/src/test/scala/code/api/v2_1_0/CreateBranchTest.scala +++ b/obp-api/src/test/scala/code/api/v2_1_0/CreateBranchTest.scala @@ -1,7 +1,7 @@ package code.api.v2_1_0 import code.api.util.APIUtil.OAuth._ -import code.api.util.ApiRole +import code.api.util.{APIUtil, ApiRole} import code.api.util.ApiRole.{CanCreateBranch, CanUpdateBranch} import code.api.v1_4_0.JSONFactory1_4_0._ import code.setup.DefaultUsers @@ -38,7 +38,7 @@ class CreateBranchTest extends V210ServerSetup with DefaultUsers { Then("We add entitlement to user1") addEntitlement(bankId.value, resourceUser1.userId, CanUpdateBranch.toString) - val hasEntitlement = code.api.util.APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canUpdateBranch) + val hasEntitlement = APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canUpdateBranch) hasEntitlement should equal(true) When("We make the request Update Branch for an account") @@ -63,7 +63,7 @@ class CreateBranchTest extends V210ServerSetup with DefaultUsers { Then("We add entitlement to user1") addEntitlement(bankId.value, resourceUser1.userId, CanUpdateBranch.toString) - val hasEntitlement = code.api.util.APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canUpdateBranch) + val hasEntitlement = APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canUpdateBranch) hasEntitlement should equal(true) When("We make the request Update Branch for an account") @@ -105,7 +105,7 @@ class CreateBranchTest extends V210ServerSetup with DefaultUsers { Then("We add entitlement to user1") addEntitlement(bankId.value, resourceUser1.userId, CanCreateBranch.toString) - val hasEntitlement = code.api.util.APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canCreateBranch) + val hasEntitlement = APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canCreateBranch) hasEntitlement should equal(true) @@ -134,7 +134,7 @@ class CreateBranchTest extends V210ServerSetup with DefaultUsers { Then("We add `CanCreateBranch`entitlement to user1") addEntitlement(bankId.value, resourceUser1.userId, CanCreateBranch.toString) - val hasEntitlement = code.api.util.APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canCreateBranch) + val hasEntitlement = APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canCreateBranch) hasEntitlement should equal(true) When("We make the request Update Branch for an account") @@ -149,7 +149,7 @@ class CreateBranchTest extends V210ServerSetup with DefaultUsers { Then("We add `CanCreateBranch`entitlement to user1") addEntitlement(bankId.value, resourceUser1.userId, CanUpdateBranch.toString) - val hasCanUpdateBranchEntitlement = code.api.util.APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canUpdateBranch) + val hasCanUpdateBranchEntitlement = APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canUpdateBranch) hasCanUpdateBranchEntitlement should equal(true) requestPost = (v2_1Request / "banks" / bankId.value / "branches" / branchId.value ).PUT <@ (user1) diff --git a/obp-api/src/test/scala/code/api/v2_1_0/CreateCreditCardTest.scala b/obp-api/src/test/scala/code/api/v2_1_0/CreateCreditCardTest.scala index acb6aa978..d53193fff 100644 --- a/obp-api/src/test/scala/code/api/v2_1_0/CreateCreditCardTest.scala +++ b/obp-api/src/test/scala/code/api/v2_1_0/CreateCreditCardTest.scala @@ -2,7 +2,7 @@ package code.api.v2_1_0 import code.api.ResourceDocs1_4_0.SwaggerDefinitionsJSON.postPhysicalCardJSON import code.api.util.APIUtil.OAuth._ -import code.api.util.ApiRole +import code.api.util.{APIUtil, ApiRole} import code.api.util.ApiRole.CanCreateCardsForBank import code.api.v1_3_0.PhysicalCardJSON import code.setup.DefaultUsers @@ -21,7 +21,7 @@ class CreateCreditCardTest extends V210ServerSetup with DefaultUsers { Then("We add entitlement to user1") addEntitlement(bankId.value, resourceUser1.userId, CanCreateCardsForBank.toString) - val hasEntitlement = code.api.util.APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canCreateCardsForBank) + val hasEntitlement = APIUtil.hasEntitlement(bankId.value, resourceUser1.userId, ApiRole.canCreateCardsForBank) hasEntitlement should equal(true) When("We make the request Create Credit Card") diff --git a/obp-api/src/test/scala/code/api/v2_1_0/CreateTransactionTypeTest.scala b/obp-api/src/test/scala/code/api/v2_1_0/CreateTransactionTypeTest.scala index 78af20bdf..cea263a46 100644 --- a/obp-api/src/test/scala/code/api/v2_1_0/CreateTransactionTypeTest.scala +++ b/obp-api/src/test/scala/code/api/v2_1_0/CreateTransactionTypeTest.scala @@ -2,7 +2,7 @@ package code.api.v2_1_0 import code.api.util.APIUtil.OAuth._ import code.api.util.ApiRole.CanCreateTransactionType -import code.api.util.{ApiRole, ErrorMessages} +import code.api.util.{APIUtil, ApiRole, ErrorMessages} import code.api.v2_0_0.{TransactionTypeJsonV200, TransactionTypesJsonV200} import code.api.v2_2_0.OBPAPI2_2_0.Implementations2_0_0 import code.setup.DefaultUsers @@ -153,7 +153,7 @@ class CreateTransactionTypeTest extends V210ServerSetup with DefaultUsers { def setCanCreateTransactionType: Unit = { addEntitlement(testBankId1.value, resourceUser1.userId, CanCreateTransactionType.toString) Then("We add entitlement to user1") - val hasEntitlement = code.api.util.APIUtil.hasEntitlement(testBankId1.value, resourceUser1.userId, ApiRole.canCreateTransactionType) + val hasEntitlement = APIUtil.hasEntitlement(testBankId1.value, resourceUser1.userId, ApiRole.canCreateTransactionType) hasEntitlement should equal(true) } } \ No newline at end of file diff --git a/obp-api/src/test/scala/code/api/v2_1_0/UpdateConsumerRedirectUrlTest.scala b/obp-api/src/test/scala/code/api/v2_1_0/UpdateConsumerRedirectUrlTest.scala index 521f2c393..5ded8ff6d 100644 --- a/obp-api/src/test/scala/code/api/v2_1_0/UpdateConsumerRedirectUrlTest.scala +++ b/obp-api/src/test/scala/code/api/v2_1_0/UpdateConsumerRedirectUrlTest.scala @@ -1,7 +1,7 @@ package code.api.v2_1_0 import code.api.util.APIUtil.OAuth._ -import code.api.util.ApiRole +import code.api.util.{APIUtil, ApiRole} import code.api.util.ApiRole.CanUpdateConsumerRedirectUrl import code.api.util.ErrorMessages.{UserHasMissingRoles, UserNoPermissionUpdateConsumer} import code.setup.DefaultUsers @@ -44,7 +44,7 @@ class UpdateConsumerRedirectUrlTest extends V210ServerSetup with DefaultUsers { Then("We add entitlement to user2") addEntitlement("", resourceUser2.userId, CanUpdateConsumerRedirectUrl.toString) - val hasEntitlement = code.api.util.APIUtil.hasEntitlement("", resourceUser2.userId, ApiRole.canUpdateConsumerRedirectUrl) + val hasEntitlement = APIUtil.hasEntitlement("", resourceUser2.userId, ApiRole.canUpdateConsumerRedirectUrl) hasEntitlement should equal(true) When("We make the request Update Redirect Url for a Consumer") @@ -66,7 +66,7 @@ class UpdateConsumerRedirectUrlTest extends V210ServerSetup with DefaultUsers { Then("We add entitlement to user1") addEntitlement("", resourceUser1.userId, CanUpdateConsumerRedirectUrl.toString) - val hasEntitlement = code.api.util.APIUtil.hasEntitlement("", resourceUser1.userId, ApiRole.canUpdateConsumerRedirectUrl) + val hasEntitlement = APIUtil.hasEntitlement("", resourceUser1.userId, ApiRole.canUpdateConsumerRedirectUrl) hasEntitlement should equal(true) When("We make the request Update Redirect Url for a Consumer")