feature/Enhance Consent Flow of Berlin Group part 3

2026-02-06 17:56:46 +00:00 · 2021-02-15 16:18:35 +01:00 · 2021-02-15 16:18:35 +01:00 · 264ea6d415
commit 264ea6d415
parent 7d562b9a38
5 changed files with 16 additions and 5 deletions
--- a/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala
+++ b/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala
@ -658,7 +658,8 @@ class Boot extends MdcLoggable {
          val viewsUKOpenBanking = List(
            SYSTEM_READ_ACCOUNTS_BASIC_VIEW_ID, SYSTEM_READ_ACCOUNTS_DETAIL_VIEW_ID,
            SYSTEM_READ_BALANCES_VIEW_ID, SYSTEM_READ_TRANSACTIONS_BASIC_VIEW_ID,
-            SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID, SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID
+            SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID, SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID,
+            SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID
          )
          for {
            systemView <- viewSetUKOpenBanking
--- a/obp-api/src/main/scala/code/api/berlin/group/v1_3/AccountInformationServiceAISApi.scala
+++ b/obp-api/src/main/scala/code/api/berlin/group/v1_3/AccountInformationServiceAISApi.scala
@ -351,7 +351,8 @@ The account-id is constant at least throughout the lifecycle of a given consent.
            _ <- passesPsd2Aisp(callContext)
            (account: BankAccount, callContext) <- NewStyle.function.getBankAccountByAccountId(accountId, callContext)
            _ <- Helper.booleanToFuture(failMsg = UserNoOwnerView +"userId : " + u.userId + ". account : " + accountId){
-              u.hasOwnerViewAccess(BankIdAccountId(account.bankId, account.accountId))
+              u.hasOwnerViewAccess(BankIdAccountId(account.bankId, account.accountId)) ||
+              u.hasReadAccountsBerlinGroupViewAccess(BankIdAccountId(account.bankId, account.accountId))
            }
          } yield {
            (JSONFactory_BERLIN_GROUP_1_3.createAccountBalanceJSON(account), HttpCode.`200`(callContext))
@ -483,7 +484,8 @@ This account-id then can be retrieved by the
             _ <- passesPsd2Aisp(callContext)
             (account: BankAccount, callContext) <- NewStyle.function.getBankAccountByAccountId(AccountId(accountId), callContext)
             _ <- Helper.booleanToFuture(failMsg = UserNoOwnerView +"userId : " + u.userId + ". account : " + accountId){
-               u.hasOwnerViewAccess(BankIdAccountId(account.bankId, account.accountId))
+               u.hasOwnerViewAccess(BankIdAccountId(account.bankId, account.accountId)) ||
+               u.hasReadAccountsBerlinGroupViewAccess(BankIdAccountId(account.bankId, account.accountId))
             }
           } yield {
             (JSONFactory_BERLIN_GROUP_1_3.createCardAccountBalanceJSON(account), HttpCode.`200`(callContext))
--- a/obp-api/src/main/scala/code/api/constant/constant.scala
+++ b/obp-api/src/main/scala/code/api/constant/constant.scala
@ -31,6 +31,8 @@ object Constant extends MdcLoggable {
  final val SYSTEM_READ_TRANSACTIONS_BASIC_VIEW_ID = "ReadTransactionsBasic"
  final val SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID = "ReadTransactionsDebits"
  final val SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID = "ReadTransactionsDetail"
+  // Berlin Group
+  final val SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID = "ReadAccountsBerlinGroup"

  //These are the default incoming and outgoing account ids. we will create both during the boot.scala.
  final val INCOMING_ACCOUNT_ID= "OBP_DEFAULT_INCOMING_ACCOUNT_ID"    
--- a/obp-api/src/main/scala/code/api/util/ConsentUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/ConsentUtil.scala
@ -379,7 +379,7 @@ object Consent {
          case Full(jsonAsString) =>
            try {
              val consent = net.liftweb.json.parse(jsonAsString).extract[ConsentJWT]
-              checkConsent(consent, consentId, calContext) match { // Check is it Consent-JWT expired
+              checkConsent(consent, storedConsent.jsonWebToken, calContext) match { // Check is it Consent-JWT expired
                case (Full(true)) => // OK
                  applyConsentRules(consent)
                case failure@Failure(_, _, _) => // Handled errors
@ -503,7 +503,7 @@ object Consent {
        ConsentView(
          bank_id = bankAccount._1.map(_.bankId.value).getOrElse(""),
          account_id = bankAccount._1.map(_.accountId.value).getOrElse(""),
-          view_id = "owner"
+          view_id = Constant.SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID
        )
      }
    }
--- a/obp-api/src/main/scala/code/model/User.scala
+++ b/obp-api/src/main/scala/code/model/User.scala
@ -78,6 +78,12 @@ case class UserExtended(val user: User) extends MdcLoggable {
  final def hasOwnerViewAccess(bankIdAccountId: BankIdAccountId): Boolean = {
    checkOwnerViewAccessAndReturnOwnerView(bankIdAccountId).isDefined
  }
+  final def hasReadAccountsBerlinGroupViewAccess(bankIdAccountId: BankIdAccountId): Boolean = {
+    APIUtil.checkViewAccessAndReturnView(
+      ViewId(SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID), 
+      bankIdAccountId, Some(this.user)
+    ).isDefined
+  }

  def assignedEntitlements : List[Entitlement] = {
    Entitlement.entitlement.vend.getEntitlementsByUserId(userId) match {