Merge pull request #2186 from constantine2nd/develop

Hola app fix

obp-api/src/main/resources/props/sample.props.template

@@ -1212,7 +1212,7 @@ user_account_is_validated = false
 retain_archive_metrics_days = 1095
 
 # Defines the number of days we keep rows in the table "Metric" former "MappedMetric"
-retain_metrics_days = 200
+retain_metrics_days = 367
 
 #if same session used for different ip address, we can show this warning, default is false.
 show_ip_address_change_warning=false

obp-api/src/main/scala/code/api/OAuth2.scala

@@ -117,7 +117,13 @@ object OAuth2Login extends RestHelper with MdcLoggable {
       // It implies the access token can be revoked at any time.
       val introspectOAuth2Token: OAuth2TokenIntrospection = hydraAdmin.introspectOAuth2Token(value, null);
       var consumer: Box[Consumer] = consumers.vend.getConsumerByConsumerKey(introspectOAuth2Token.getClientId)
-
+      logger.debug("introspectOAuth2Token.getIss: " + introspectOAuth2Token.getIss)
+      logger.debug("introspectOAuth2Token.getActive: " + introspectOAuth2Token.getActive)
+      logger.debug("introspectOAuth2Token.getClientId: " + introspectOAuth2Token.getClientId)
+      logger.debug("introspectOAuth2Token.getAud: " + introspectOAuth2Token.getAud)
+      logger.debug("introspectOAuth2Token.getUsername: " + introspectOAuth2Token.getUsername)
+      logger.debug("introspectOAuth2Token.getExp: " + introspectOAuth2Token.getExp)
+      logger.debug("introspectOAuth2Token.getNbf: " + introspectOAuth2Token.getNbf)
       // The access token can be disabled at any time due to fact it is NOT self-encoded/self-contained.
       if (!introspectOAuth2Token.getActive) {
         return (Failure(Oauth2IJwtCannotBeVerified), Some(cc.copy(consumer = Failure(Oauth2IJwtCannotBeVerified))))
@@ -165,8 +171,12 @@ object OAuth2Login extends RestHelper with MdcLoggable {
           }
         }
       }
-
-      val user = Users.users.vend.getUserByUserName(hydraPublicUrl, introspectOAuth2Token.getSub)
+      
+      // In case a user is created via OpenID Connect flow implies provider = hydraPublicUrl
+      // In case a user is created via GUI of OBP-API implies provider = Constant.localIdentityProvider
+      val user = Users.users.vend.getUserByUserName(introspectOAuth2Token.getIss, introspectOAuth2Token.getSub).or(
+        Users.users.vend.getUserByUserName(Constant.localIdentityProvider, introspectOAuth2Token.getSub)
+      )
       user match {
         case Full(u) =>
           LoginAttempt.userIsLocked(u.provider, u.name) match {

obp-api/src/main/scala/code/api/util/ApiRole.scala

@@ -65,15 +65,6 @@ object RoleCombination {
 
 object ApiRole {
 
-  case class CanSearchAllTransactions(requiresBankId: Boolean = false) extends ApiRole
-  lazy val canSearchAllTransactions = CanSearchAllTransactions()
-
-  case class CanSearchAllAccounts(requiresBankId: Boolean = false) extends ApiRole
-  lazy val canSearchAllAccounts = CanSearchAllAccounts()
-
-  case class CanQueryOtherUser(requiresBankId: Boolean = false) extends ApiRole
-  lazy val canQueryOtherUser = CanQueryOtherUser()
-
   case class CanSearchWarehouse(requiresBankId: Boolean = false) extends ApiRole
   lazy val canSearchWarehouse = CanSearchWarehouse()
 
@@ -320,9 +311,6 @@ object ApiRole {
   case class CanGetCounterparties(requiresBankId: Boolean = true) extends ApiRole
   lazy val canGetCounterparties = CanGetCounterparties()
 
-  case class CanGetApiCollection(requiresBankId: Boolean = false) extends ApiRole
-  lazy val canGetApiCollection = CanGetApiCollection()
-
   case class CanGetApiCollectionsForUser(requiresBankId: Boolean = false) extends ApiRole
   lazy val canGetApiCollectionsForUser = CanGetApiCollectionsForUser()
 
@@ -377,18 +365,9 @@ object ApiRole {
   case class CanGetConnectorMetrics(requiresBankId: Boolean = false) extends ApiRole
   lazy val canGetConnectorMetrics = CanGetConnectorMetrics()
 
-  case class CanGetOtherAccountsAtBank(requiresBankId: Boolean = true) extends ApiRole
-  lazy val canGetOtherAccountsAtBank = CanGetOtherAccountsAtBank()
-
-  case class CanDeleteEntitlementRequestsAtOneBank(requiresBankId: Boolean = true) extends ApiRole
-  lazy val canDeleteEntitlementRequestsAtOneBank = CanDeleteEntitlementRequestsAtOneBank()
-
   case class CanDeleteEntitlementRequestsAtAnyBank(requiresBankId: Boolean = false) extends ApiRole
   lazy val canDeleteEntitlementRequestsAtAnyBank = CanDeleteEntitlementRequestsAtAnyBank()
 
-  case class CanGetEntitlementRequestsAtOneBank(requiresBankId: Boolean = true) extends ApiRole
-  lazy val canGetEntitlementRequestsAtOneBank = CanGetEntitlementRequestsAtOneBank()
-
   case class CanGetEntitlementRequestsAtAnyBank(requiresBankId: Boolean = false) extends ApiRole
   lazy val canGetEntitlementRequestsAtAnyBank = CanGetEntitlementRequestsAtAnyBank()
 
@@ -413,9 +392,6 @@ object ApiRole {
   case class CanDeleteScopeAtAnyBank(requiresBankId: Boolean = false) extends ApiRole
   lazy val canDeleteScopeAtAnyBank = CanDeleteScopeAtAnyBank()
 
-  case class CanDeleteScopeAtOneBank(requiresBankId: Boolean = true) extends ApiRole
-  lazy val canDeleteScopeAtOneBank = CanDeleteScopeAtOneBank()
-
   case class CanUnlockUser (requiresBankId: Boolean = false) extends ApiRole
   lazy val canUnlockUser = CanUnlockUser()
   
@@ -464,9 +440,6 @@ object ApiRole {
   case class CanCreateUserAuthContext(requiresBankId: Boolean = false) extends ApiRole
   lazy val canCreateUserAuthContext = CanCreateUserAuthContext()
 
-  case class CanUpdateUserAuthContext(requiresBankId: Boolean = false) extends ApiRole
-  lazy val canUpdateUserAuthContext = CanUpdateUserAuthContext()
-
   case class CanGetUserAuthContext(requiresBankId: Boolean = false) extends ApiRole
   lazy val canGetUserAuthContext = CanGetUserAuthContext()
 
@@ -693,9 +666,6 @@ object ApiRole {
   case class CanUpdateTransactionAttributeAtOneBank(requiresBankId: Boolean = true) extends ApiRole
   lazy val canUpdateTransactionAttributeAtOneBank = CanUpdateTransactionAttributeAtOneBank()
 
-  case class CanDeleteTransactionAttributeAtOneBank(requiresBankId: Boolean = true) extends ApiRole
-  lazy val canDeleteTransactionAttributeAtOneBank = CanDeleteTransactionAttributeAtOneBank()
-
   case class CanGetTransactionAttributesAtOneBank(requiresBankId: Boolean = true) extends ApiRole
   lazy val canGetTransactionAttributesAtOneBank = CanGetTransactionAttributesAtOneBank()
 
@@ -708,9 +678,6 @@ object ApiRole {
   case class CanUpdateTransactionRequestAttributeAtOneBank(requiresBankId: Boolean = true) extends ApiRole
   lazy val canUpdateTransactionRequestAttributeAtOneBank = CanUpdateTransactionRequestAttributeAtOneBank()
 
-  case class CanDeleteTransactionRequestAttributeAtOneBank(requiresBankId: Boolean = true) extends ApiRole
-  lazy val canDeleteTransactionRequestAttributeAtOneBank = CanDeleteTransactionRequestAttributeAtOneBank()
-
   case class CanGetTransactionRequestAttributesAtOneBank(requiresBankId: Boolean = true) extends ApiRole
   lazy val canGetTransactionRequestAttributesAtOneBank = CanGetTransactionRequestAttributesAtOneBank()
 

obp-api/src/main/scala/code/api/util/ConsentUtil.scala

@@ -215,7 +215,8 @@ object Consent {
               val bankId = if (role.requiresBankId) entitlement.bank_id else ""
               Entitlement.entitlement.vend.addEntitlement(bankId, user.userId, entitlement.role_name) match {
                 case Full(_) => (entitlement, "AddedOrExisted")
-                case _ => (entitlement, "Cannot add the entitlement: " + entitlement)
+                case _ => 
+                  (entitlement, "Cannot add the entitlement: " + entitlement)
               }
             case true =>
               (entitlement, "AddedOrExisted")
@@ -237,7 +238,8 @@ object Consent {
         val failedToAdd: List[(Role, String)] = triedToAdd.filter(_._2 != "AddedOrExisted")
         failedToAdd match {
           case Nil => Full(user)
-          case _ => Failure("The entitlements cannot be added. " + failedToAdd.map(_._1).mkString(", "))
+          case _ => 
+            Failure("The entitlements cannot be added. " + failedToAdd.map(i => (i._1, i._2)).mkString(", "))
         }
       case _ =>
         Failure("Cannot get entitlements for user id: " + user.userId)
@@ -334,6 +336,8 @@ object Consent {
                 case _ =>
                   (Failure(ErrorMessages.UnknownError), Some(cc))
               }
+            case failure@Failure(msg, exp, chain) => // Handled errors
+              (Failure(msg), Some(cc))
             case _ =>
               (Failure("Cannot add entitlements based on: " + consentAsJwt), Some(cc))
           }
@@ -423,6 +427,8 @@ object Consent {
                 case _ =>
                   (Failure(ErrorMessages.UnknownError), Some(cc))
               }
+            case failure@Failure(msg, exp, chain) => // Handled errors
+              (Failure(msg), Some(cc))
             case _ =>
               (Failure("Cannot add entitlements based on: " + consentId), Some(cc))
           }

obp-api/src/main/scala/code/api/v5_0_0/APIMethods500.scala

@@ -17,7 +17,7 @@ import code.api.v3_0_0.JSONFactory300
 import code.api.v3_1_0._
 import code.api.v4_0_0.JSONFactory400.createCustomersMinimalJson
 import code.api.v4_0_0.{JSONFactory400, PutProductJsonV400}
-import code.api.v5_0_0.JSONFactory500.{createPhysicalCardJson, createViewJsonV500, createViewsJsonV500, createViewsIdsJsonV500}
+import code.api.v5_0_0.JSONFactory500.{createPhysicalCardJson, createViewJsonV500, createViewsIdsJsonV500, createViewsJsonV500}
 import code.bankconnectors.Connector
 import code.consent.{ConsentRequests, Consents}
 import code.entitlement.Entitlement
@@ -44,6 +44,7 @@ import java.util.concurrent.ThreadLocalRandom
 
 import code.accountattribute.AccountAttributeX
 import code.util.Helper.booleanToFuture
+import code.views.system.AccountAccess
 
 import scala.collection.immutable.{List, Nil}
 import scala.collection.mutable.ArrayBuffer
@@ -905,7 +906,7 @@ trait APIMethods500 {
             _ <- scaMethod match {
               case v if v == StrongCustomerAuthentication.EMAIL.toString => // Send the email
                 for{
-                  failMsg <- Future {s"$InvalidJsonFormat The Json body should be the $PostConsentEmailJsonV310"}
+                  failMsg <- Future {s"$InvalidJsonFormat The Json body must contain the field email"}
                   consentScaEmail <- NewStyle.function.tryons(failMsg, 400, callContext) {
                     consentRequestJson.email.head
                   }
@@ -920,7 +921,7 @@ trait APIMethods500 {
               case v if v == StrongCustomerAuthentication.SMS.toString => // Not implemented
                 for {
                   failMsg <- Future {
-                    s"$InvalidJsonFormat The Json body should be the $PostConsentPhoneJsonV310"
+                    s"$InvalidJsonFormat The Json body must contain the field phone_number"
                   }
                   consentScaPhoneNumber <- NewStyle.function.tryons(failMsg, 400, callContext) {
                     consentRequestJson.phone_number.head

obp-api/src/main/scala/code/scheduler/MetricsArchiveScheduler.scala

@@ -47,7 +47,7 @@ object MetricsArchiveScheduler extends MdcLoggable {
 
   def conditionalDeleteMetricsRow() = {
     val currentTime = new Date()
-    val days = APIUtil.getPropsAsLongValue("retain_metrics_days", 200) match {
+    val days = APIUtil.getPropsAsLongValue("retain_metrics_days", 367) match {
       case days if days > 59 => days
       case _ => 60
     }