From b31b6fff24b4ebf0ffd5a8c6508147e37e7b2d73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Wed, 29 Oct 2025 15:31:02 +0100 Subject: [PATCH] feature/Rate Limiting endpoint tweaks --- README.md | 4 +- completed_developments.md | 2 +- .../main/scala/code/api/util/ApiRole.scala | 187 +++++++++--------- .../scala/code/api/v3_1_0/APIMethods310.scala | 18 +- .../scala/code/api/v4_0_0/APIMethods400.scala | 8 +- .../scala/code/api/v5_1_0/APIMethods510.scala | 6 +- .../scala/code/api/v6_0_0/APIMethods600.scala | 38 ++-- .../scala/code/api/v3_1_0/RateLimitTest.scala | 64 +++--- .../code/api/v4_0_0/RateLimitingTest.scala | 24 +-- .../code/api/v4_0_0/V400ServerSetup.scala | 8 +- .../code/api/v5_1_0/RateLimitingTest.scala | 8 +- .../code/api/v5_1_0/V510ServerSetup.scala | 4 +- .../code/api/v6_0_0/CallLimitsTest.scala | 34 ++-- 13 files changed, 204 insertions(+), 201 deletions(-) diff --git a/README.md b/README.md index 54882e544..c045d4540 100644 --- a/README.md +++ b/README.md @@ -557,8 +557,8 @@ user_consumer_limit_anonymous_access=100, In case isn't defined default value is Te set up Rate Limiting in case of the authorized access use these endpoints: -1. `GET ../management/consumers/CONSUMER_ID/consumer/call-limits` - Get Call Limits for a Consumer -2. `PUT ../management/consumers/CONSUMER_ID/consumer/call-limits` - Set Call Limits for a Consumer +1. `GET ../management/consumers/CONSUMER_ID/consumer/rate-limits` - Get Rate Limits for a Consumer +2. `PUT ../management/consumers/CONSUMER_ID/consumer/rate-limits` - Set Rate Limits for a Consumer In order to make it work edit your props file in next way: diff --git a/completed_developments.md b/completed_developments.md index 314d55f1a..e6b8a46a9 100644 --- a/completed_developments.md +++ b/completed_developments.md @@ -137,7 +137,7 @@ Consent Consumer - Get Call Limits for a Consumer + Get Rate Limits for a Consumer Get Consumer Get Consumers Get Consumers (logged in User) diff --git a/obp-api/src/main/scala/code/api/util/ApiRole.scala b/obp-api/src/main/scala/code/api/util/ApiRole.scala index d07208a03..c711c2263 100644 --- a/obp-api/src/main/scala/code/api/util/ApiRole.scala +++ b/obp-api/src/main/scala/code/api/util/ApiRole.scala @@ -480,15 +480,18 @@ object ApiRole extends MdcLoggable{ case class CanReadUserLockedStatus(requiresBankId: Boolean = false) extends ApiRole lazy val canReadUserLockedStatus = CanReadUserLockedStatus() - case class CanSetCallLimits(requiresBankId: Boolean = false) extends ApiRole - lazy val canSetCallLimits = CanSetCallLimits() + case class CanUpdateRateLimits(requiresBankId: Boolean = false) extends ApiRole + lazy val canUpdateRateLimits = CanUpdateRateLimits() + + case class CanCreateRateLimits(requiresBankId: Boolean = false) extends ApiRole + lazy val canCreateRateLimits = CanCreateRateLimits() case class CanDeleteRateLimiting(requiresBankId: Boolean = false) extends ApiRole - lazy val canDeleteRateLimiting = CanDeleteRateLimiting() - + lazy val canDeleteRateLimits = CanDeleteRateLimiting() + case class CanCreateCustomerMessage(requiresBankId: Boolean = true) extends ApiRole - lazy val canCreateCustomerMessage = CanCreateCustomerMessage() - + lazy val canCreateCustomerMessage = CanCreateCustomerMessage() + case class CanGetCustomerMessages(requiresBankId: Boolean = true) extends ApiRole lazy val canGetCustomerMessages = CanGetCustomerMessages() @@ -503,10 +506,10 @@ object ApiRole extends MdcLoggable{ case class CanCreateSystemAccountNotificationWebhook(requiresBankId: Boolean = false) extends ApiRole lazy val canCreateSystemAccountNotificationWebhook = CanCreateSystemAccountNotificationWebhook() - + case class CanCreateAccountNotificationWebhookAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateAccountNotificationWebhookAtOneBank = CanCreateAccountNotificationWebhookAtOneBank() - + case class CanUpdateWebhook(requiresBankId: Boolean = true) extends ApiRole lazy val canUpdateWebhook = CanUpdateWebhook() @@ -551,22 +554,22 @@ object ApiRole extends MdcLoggable{ case class CanUpdateProductAttribute(requiresBankId: Boolean = true) extends ApiRole lazy val canUpdateProductAttribute = CanUpdateProductAttribute() - + case class CanUpdateBankAttribute(requiresBankId: Boolean = true) extends ApiRole - lazy val canUpdateBankAttribute = CanUpdateBankAttribute() - + lazy val canUpdateBankAttribute = CanUpdateBankAttribute() + case class CanUpdateAtmAttribute(requiresBankId: Boolean = true) extends ApiRole - lazy val canUpdateAtmAttribute = CanUpdateAtmAttribute() - + lazy val canUpdateAtmAttribute = CanUpdateAtmAttribute() + case class CanUpdateAtmAttributeAtAnyBank(requiresBankId: Boolean = false) extends ApiRole lazy val canUpdateAtmAttributeAtAnyBank = CanUpdateAtmAttributeAtAnyBank() - + case class CanGetBankAttribute(requiresBankId: Boolean = true) extends ApiRole - lazy val canGetBankAttribute = CanGetBankAttribute() - + lazy val canGetBankAttribute = CanGetBankAttribute() + case class CanGetAtmAttribute(requiresBankId: Boolean = true) extends ApiRole - lazy val canGetAtmAttribute = CanGetAtmAttribute() - + lazy val canGetAtmAttribute = CanGetAtmAttribute() + case class CanGetAtmAttributeAtAnyBank(requiresBankId: Boolean = false) extends ApiRole lazy val canGetAtmAttributeAtAnyBank = CanGetAtmAttributeAtAnyBank() @@ -575,25 +578,25 @@ object ApiRole extends MdcLoggable{ case class CanDeleteProductAttribute(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteProductAttribute = CanDeleteProductAttribute() - + case class CanDeleteBankAttribute(requiresBankId: Boolean = true) extends ApiRole - lazy val canDeleteBankAttribute = CanDeleteBankAttribute() - + lazy val canDeleteBankAttribute = CanDeleteBankAttribute() + case class CanDeleteAtmAttribute(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteAtmAttribute = CanDeleteAtmAttribute() - + case class CanDeleteAtmAttributeAtAnyBank(requiresBankId: Boolean = false) extends ApiRole lazy val canDeleteAtmAttributeAtAnyBank = CanDeleteAtmAttributeAtAnyBank() case class CanCreateProductAttribute(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateProductAttribute = CanCreateProductAttribute() - + case class CanCreateBankAttribute(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateBankAttribute = CanCreateBankAttribute() - + case class CanCreateAtmAttribute(requiresBankId: Boolean = true) extends ApiRole - lazy val canCreateAtmAttribute = CanCreateAtmAttribute() - + lazy val canCreateAtmAttribute = CanCreateAtmAttribute() + case class CanCreateAtmAttributeAtAnyBank(requiresBankId: Boolean = false) extends ApiRole lazy val canCreateAtmAttributeAtAnyBank = CanCreateAtmAttributeAtAnyBank() @@ -608,7 +611,7 @@ object ApiRole extends MdcLoggable{ case class CanCreateProductFee(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateProductFee = CanCreateProductFee() - + case class CanMaintainProductCollection(requiresBankId: Boolean = true) extends ApiRole lazy val canMaintainProductCollection = CanMaintainProductCollection() @@ -669,10 +672,10 @@ object ApiRole extends MdcLoggable{ case class CanCreateBankLevelDynamicEntity(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateBankLevelDynamicEntity = CanCreateBankLevelDynamicEntity() - + case class CanUpdateSystemLevelDynamicEntity(requiresBankId: Boolean = false) extends ApiRole lazy val canUpdateSystemDynamicEntity = CanUpdateSystemLevelDynamicEntity() - + case class CanUpdateBankLevelDynamicEntity(requiresBankId: Boolean = true) extends ApiRole lazy val canUpdateBankLevelDynamicEntity = CanUpdateBankLevelDynamicEntity() @@ -687,13 +690,13 @@ object ApiRole extends MdcLoggable{ case class CanGetDynamicEndpoint(requiresBankId: Boolean = false) extends ApiRole lazy val canGetDynamicEndpoint = CanGetDynamicEndpoint() - + case class CanGetDynamicEndpoints(requiresBankId: Boolean = false) extends ApiRole lazy val canGetDynamicEndpoints = CanGetDynamicEndpoints() case class CanGetBankLevelDynamicEndpoint(requiresBankId: Boolean = true) extends ApiRole lazy val canGetBankLevelDynamicEndpoint = CanGetBankLevelDynamicEndpoint() - + case class CanGetBankLevelDynamicEndpoints(requiresBankId: Boolean = true) extends ApiRole lazy val canGetBankLevelDynamicEndpoints = CanGetBankLevelDynamicEndpoints() @@ -714,7 +717,7 @@ object ApiRole extends MdcLoggable{ case class CanDeleteBankLevelDynamicEndpoint(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteBankLevelDynamicEndpoint = CanDeleteBankLevelDynamicEndpoint() - + case class CanCreateResetPasswordUrl(requiresBankId: Boolean = false) extends ApiRole lazy val canCreateResetPasswordUrl = CanCreateResetPasswordUrl() @@ -744,7 +747,7 @@ object ApiRole extends MdcLoggable{ case class CanCreateDirectDebitAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateDirectDebitAtOneBank = CanCreateDirectDebitAtOneBank() - + case class CanCreateStandingOrderAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateStandingOrderAtOneBank = CanCreateStandingOrderAtOneBank() @@ -762,7 +765,7 @@ object ApiRole extends MdcLoggable{ case class CanDeleteCustomerAttributeAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteCustomerAttributeAtOneBank = CanDeleteCustomerAttributeAtOneBank() - + case class CanDeleteCustomerAttributeAtAnyBank(requiresBankId: Boolean = false) extends ApiRole lazy val canDeleteCustomerAttributeAtAnyBank = CanDeleteCustomerAttributeAtAnyBank() @@ -810,61 +813,61 @@ object ApiRole extends MdcLoggable{ case class CanGetDoubleEntryTransactionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canGetDoubleEntryTransactionAtOneBank = CanGetDoubleEntryTransactionAtOneBank() - + case class CanGetDoubleEntryTransactionAtAnyBank(requiresBankId: Boolean = false) extends ApiRole lazy val canGetDoubleEntryTransactionAtAnyBank = CanGetDoubleEntryTransactionAtAnyBank() case class CanReadResourceDoc(requiresBankId: Boolean = false) extends ApiRole lazy val canReadResourceDoc = CanReadResourceDoc() - + case class CanReadStaticResourceDoc(requiresBankId: Boolean = false) extends ApiRole lazy val canReadStaticResourceDoc = CanReadStaticResourceDoc() - + case class CanReadDynamicResourceDocsAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canReadDynamicResourceDocsAtOneBank = CanReadDynamicResourceDocsAtOneBank() - + case class CanReadGlossary(requiresBankId: Boolean = false) extends ApiRole lazy val canReadGlossary = CanReadGlossary() case class CanCreateCustomerAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateCustomerAttributeDefinitionAtOneBank = CanCreateCustomerAttributeDefinitionAtOneBank() - + case class CanDeleteCustomerAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteCustomerAttributeDefinitionAtOneBank = CanDeleteCustomerAttributeDefinitionAtOneBank() - + case class CanGetCustomerAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canGetCustomerAttributeDefinitionAtOneBank = CanGetCustomerAttributeDefinitionAtOneBank() - + case class CanCreateAccountAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole - lazy val canCreateAccountAttributeDefinitionAtOneBank = CanCreateAccountAttributeDefinitionAtOneBank() - + lazy val canCreateAccountAttributeDefinitionAtOneBank = CanCreateAccountAttributeDefinitionAtOneBank() + case class CanDeleteAccountAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteAccountAttributeDefinitionAtOneBank = CanDeleteAccountAttributeDefinitionAtOneBank() - + case class CanGetAccountAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole - lazy val canGetAccountAttributeDefinitionAtOneBank = CanGetAccountAttributeDefinitionAtOneBank() - + lazy val canGetAccountAttributeDefinitionAtOneBank = CanGetAccountAttributeDefinitionAtOneBank() + case class CanDeleteProductAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole - lazy val canDeleteProductAttributeDefinitionAtOneBank = CanDeleteProductAttributeDefinitionAtOneBank() - + lazy val canDeleteProductAttributeDefinitionAtOneBank = CanDeleteProductAttributeDefinitionAtOneBank() + case class CanGetProductAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canGetProductAttributeDefinitionAtOneBank = CanGetProductAttributeDefinitionAtOneBank() - + case class CanCreateProductAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateProductAttributeDefinitionAtOneBank = CanCreateProductAttributeDefinitionAtOneBank() - + case class CanCreateBankAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateBankAttributeDefinitionAtOneBank = CanCreateBankAttributeDefinitionAtOneBank() - + case class CanCreateTransactionAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateTransactionAttributeDefinitionAtOneBank = CanCreateTransactionAttributeDefinitionAtOneBank() - + case class CanDeleteTransactionAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteTransactionAttributeDefinitionAtOneBank = CanDeleteTransactionAttributeDefinitionAtOneBank() - + case class CanGetTransactionAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole - lazy val canGetTransactionAttributeDefinitionAtOneBank = CanGetTransactionAttributeDefinitionAtOneBank() - + lazy val canGetTransactionAttributeDefinitionAtOneBank = CanGetTransactionAttributeDefinitionAtOneBank() + case class CanCreateTransactionRequestAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateTransactionRequestAttributeDefinitionAtOneBank = CanCreateTransactionRequestAttributeDefinitionAtOneBank() @@ -882,19 +885,19 @@ object ApiRole extends MdcLoggable{ case class CanCreateCardAttributeDefinitionAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateCardAttributeDefinitionAtOneBank = CanCreateCardAttributeDefinitionAtOneBank() - + case class CanDeleteTransactionCascade(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteTransactionCascade = CanDeleteTransactionCascade() - + case class CanDeleteAccountCascade(requiresBankId: Boolean = true) extends ApiRole - lazy val canDeleteAccountCascade = CanDeleteAccountCascade() - + lazy val canDeleteAccountCascade = CanDeleteAccountCascade() + case class CanDeleteBankCascade(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteBankCascade = CanDeleteBankCascade() - + case class CanDeleteProductCascade(requiresBankId: Boolean = true) extends ApiRole - lazy val canDeleteProductCascade = CanDeleteProductCascade() - + lazy val canDeleteProductCascade = CanDeleteProductCascade() + case class CanDeleteCustomerCascade(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteCustomerCascade = CanDeleteCustomerCascade() @@ -933,10 +936,10 @@ object ApiRole extends MdcLoggable{ case class CanUpdateConnectorMethod(requiresBankId: Boolean = false) extends ApiRole lazy val canUpdateConnectorMethod = CanUpdateConnectorMethod() - + case class CanGetAllConnectorMethods(requiresBankId: Boolean = false) extends ApiRole lazy val canGetAllConnectorMethods = CanGetAllConnectorMethods() - + case class CanCreateDynamicResourceDoc(requiresBankId: Boolean = false) extends ApiRole lazy val canCreateDynamicResourceDoc = CanCreateDynamicResourceDoc() @@ -951,7 +954,7 @@ object ApiRole extends MdcLoggable{ case class CanDeleteDynamicResourceDoc(requiresBankId: Boolean = false) extends ApiRole lazy val canDeleteDynamicResourceDoc = CanDeleteDynamicResourceDoc() - + case class CanCreateBankLevelDynamicResourceDoc(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateBankLevelDynamicResourceDoc = CanCreateBankLevelDynamicResourceDoc() @@ -969,7 +972,7 @@ object ApiRole extends MdcLoggable{ case class CanCreateDynamicMessageDoc(requiresBankId: Boolean = false) extends ApiRole lazy val canCreateDynamicMessageDoc = CanCreateDynamicMessageDoc() - + case class CanCreateBankLevelDynamicMessageDoc(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateBankLevelDynamicMessageDoc = CanCreateBankLevelDynamicMessageDoc() @@ -1020,21 +1023,21 @@ object ApiRole extends MdcLoggable{ case class CanDeleteBankLevelEndpointMapping(requiresBankId: Boolean = true) extends ApiRole lazy val canDeleteBankLevelEndpointMapping = CanDeleteBankLevelEndpointMapping() - + case class CanCreateUserInvitation(requiresBankId: Boolean = true) extends ApiRole - lazy val canCreateUserInvitation = CanCreateUserInvitation() + lazy val canCreateUserInvitation = CanCreateUserInvitation() case class CanGetUserInvitation(requiresBankId: Boolean = true) extends ApiRole lazy val canGetUserInvitation = CanGetUserInvitation() case class CanCreateSystemLevelEndpointTag(requiresBankId: Boolean = false) extends ApiRole lazy val canCreateSystemLevelEndpointTag = CanCreateSystemLevelEndpointTag() - + case class CanUpdateSystemLevelEndpointTag(requiresBankId: Boolean = false) extends ApiRole lazy val canUpdateSystemLevelEndpointTag = CanUpdateSystemLevelEndpointTag() - + case class CanDeleteSystemLevelEndpointTag(requiresBankId: Boolean = false) extends ApiRole lazy val canDeleteSystemLevelEndpointTag = CanDeleteSystemLevelEndpointTag() - + case class CanGetSystemLevelEndpointTag(requiresBankId: Boolean = false) extends ApiRole lazy val canGetSystemLevelEndpointTag = CanGetSystemLevelEndpointTag() @@ -1071,7 +1074,7 @@ object ApiRole extends MdcLoggable{ case class CanGetAccountsMinimalForCustomerAtAnyBank(requiresBankId: Boolean = false) extends ApiRole lazy val canGetAccountsMinimalForCustomerAtAnyBank = CanGetAccountsMinimalForCustomerAtAnyBank() - + case class CanUpdateConsentStatusAtOneBank(requiresBankId: Boolean = true) extends ApiRole lazy val canUpdateConsentStatusAtOneBank = CanUpdateConsentStatusAtOneBank() case class CanUpdateConsentStatusAtAnyBank(requiresBankId: Boolean = false) extends ApiRole @@ -1096,7 +1099,7 @@ object ApiRole extends MdcLoggable{ case class CanGetSystemIntegrity(requiresBankId: Boolean = false) extends ApiRole lazy val canGetSystemIntegrity = CanGetSystemIntegrity() - + private val dynamicApiRoles = new ConcurrentHashMap[String, ApiRole] private case class DynamicApiRole(role: String, requiresBankId: Boolean = false) extends ApiRole{ @@ -1142,35 +1145,35 @@ object ApiRole extends MdcLoggable{ } object Util { - + def checkWrongDefinedNames: List[List[Unit]] = { import scala.meta._ val source: Source = new java.io.File("obp-api/src/main/scala/code/api/util/ApiRole.scala").parse[Source].get - val allowedPrefixes = + val allowedPrefixes = List( "CanCreate", - "CanGet", - "CanUpdate", - "CanDelete", - "CanMaintain", - "CanSearch", - "CanEnable", + "CanGet", + "CanUpdate", + "CanDelete", + "CanMaintain", + "CanSearch", + "CanEnable", "CanDisable" ) - val allowedExistingNames = + val allowedExistingNames = List( "CanQueryOtherUser", - "CanAddSocialMediaHandle", - "CanReadMetrics", - "CanUseFirehoseAtAnyBank", - "CanReadAggregateMetrics", - "CanUnlockUser", - "CanReadUserLockedStatus", - "CanReadCallLimits", - "CanCheckFundsAvailable", - "CanRefreshUser", - "CanReadFx", + "CanAddSocialMediaHandle", + "CanReadMetrics", + "CanUseFirehoseAtAnyBank", + "CanReadAggregateMetrics", + "CanUnlockUser", + "CanReadUserLockedStatus", + "CanReadCallLimits", + "CanCheckFundsAvailable", + "CanRefreshUser", + "CanReadFx", "CanSetCallLimits", "CanDeleteRateLimiting" ) diff --git a/obp-api/src/main/scala/code/api/v3_1_0/APIMethods310.scala b/obp-api/src/main/scala/code/api/v3_1_0/APIMethods310.scala index 283cb1264..ed3490de0 100644 --- a/obp-api/src/main/scala/code/api/v3_1_0/APIMethods310.scala +++ b/obp-api/src/main/scala/code/api/v3_1_0/APIMethods310.scala @@ -508,12 +508,12 @@ trait APIMethods310 { implementedInApiVersion, nameOf(callsLimit), "PUT", - "/management/consumers/CONSUMER_ID/consumer/call-limits", - "Set Rate Limiting (call limits) per Consumer", + "/management/consumers/CONSUMER_ID/consumer/rate-limits", + "Set Rate Limits (call limits) per Consumer", s""" |Set the API rate limiting (call limits) per Consumer: | - |Call limits can be set: + |Rate limits can be set: | |Per Second |Per Minute @@ -537,14 +537,14 @@ trait APIMethods310 { UnknownError ), List(apiTagConsumer), - Some(List(canSetCallLimits))) + Some(List(canUpdateRateLimits))) lazy val callsLimit : OBPEndpoint = { - case "management" :: "consumers" :: consumerId :: "consumer" :: "call-limits" :: Nil JsonPut json -> _ => { + case "management" :: "consumers" :: consumerId :: "consumer" :: "rate-limits" :: Nil JsonPut json -> _ => { cc => implicit val ec = EndpointContext(Some(cc)) for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- NewStyle.function.hasEntitlement("", u.userId, canSetCallLimits, callContext) + _ <- NewStyle.function.hasEntitlement("", u.userId, canUpdateRateLimits, callContext) postJson <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the $CallLimitPostJson ", 400, callContext) { json.extract[CallLimitPostJson] } @@ -578,7 +578,7 @@ trait APIMethods310 { nameOf(getCallsLimit), "GET", "/management/consumers/CONSUMER_ID/consumer/call-limits", - "Get Call Limits for a Consumer", + "Get Rate Limits for a Consumer", s""" |Get Calls limits per Consumer. |${userAuthenticationMessage(true)} @@ -596,12 +596,12 @@ trait APIMethods310 { UnknownError ), List(apiTagConsumer), - Some(List(canSetCallLimits))) + Some(List(canUpdateRateLimits))) lazy val getCallsLimit : OBPEndpoint = { - case "management" :: "consumers" :: consumerId :: "consumer" :: "call-limits" :: Nil JsonGet _ => { + case "management" :: "consumers" :: consumerId :: "consumer" :: "rate-limits" :: Nil JsonGet _ => { cc => implicit val ec = EndpointContext(Some(cc)) for { (Full(u), callContext) <- authenticatedAccess(cc) diff --git a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala index 75b0b1256..6aa2f024a 100644 --- a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala +++ b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala @@ -173,7 +173,7 @@ trait APIMethods400 extends MdcLoggable { implementedInApiVersion, nameOf(callsLimit), "PUT", - "/management/consumers/CONSUMER_ID/consumer/call-limits", + "/management/consumers/CONSUMER_ID/consumer/rate-limits", "Set Rate Limits / Call Limits per Consumer", s""" |Set the API rate limits / call limits for a Consumer: @@ -202,14 +202,14 @@ trait APIMethods400 extends MdcLoggable { UnknownError ), List(apiTagConsumer, apiTagRateLimits), - Some(List(canSetCallLimits))) + Some(List(canUpdateRateLimits))) lazy val callsLimit : OBPEndpoint = { - case "management" :: "consumers" :: consumerId :: "consumer" :: "call-limits" :: Nil JsonPut json -> _ => { + case "management" :: "consumers" :: consumerId :: "consumer" :: "rate-limits" :: Nil JsonPut json -> _ => { cc => implicit val ec = EndpointContext(Some(cc)) for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- NewStyle.function.handleEntitlementsAndScopes("", u.userId, List(canSetCallLimits), callContext) + _ <- NewStyle.function.handleEntitlementsAndScopes("", u.userId, List(canUpdateRateLimits), callContext) postJson <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the $CallLimitPostJsonV400 ", 400, callContext) { json.extract[CallLimitPostJsonV400] } diff --git a/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala b/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala index 82bbbe2c4..8805a9331 100644 --- a/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala +++ b/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala @@ -3329,8 +3329,8 @@ trait APIMethods510 { implementedInApiVersion, nameOf(getCallsLimit), "GET", - "/management/consumers/CONSUMER_ID/consumer/call-limits", - "Get Call Limits for a Consumer", + "/management/consumers/CONSUMER_ID/consumer/rate-limits", + "Get Rate Limits for a Consumer", s""" |Get Calls limits per Consumer. |${userAuthenticationMessage(true)} @@ -3352,7 +3352,7 @@ trait APIMethods510 { lazy val getCallsLimit: OBPEndpoint = { - case "management" :: "consumers" :: consumerId :: "consumer" :: "call-limits" :: Nil JsonGet _ => + case "management" :: "consumers" :: consumerId :: "consumer" :: "rate-limits" :: Nil JsonGet _ => cc => implicit val ec = EndpointContext(Some(cc)) for { diff --git a/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala b/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala index ee904048e..02ed6a72e 100644 --- a/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala +++ b/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala @@ -4,7 +4,7 @@ import code.api.{APIFailureNewStyle, DirectLogin, ObpApiFailure} import code.api.v6_0_0.JSONFactory600 import code.api.ResourceDocs1_4_0.SwaggerDefinitionsJSON._ import code.api.util.APIUtil._ -import code.api.util.ApiRole.{CanCreateEntitlementAtOneBank, CanReadDynamicResourceDocsAtOneBank, canCreateBank, canDeleteRateLimiting, canReadCallLimits, canSetCallLimits} +import code.api.util.ApiRole.{CanCreateEntitlementAtOneBank, CanReadDynamicResourceDocsAtOneBank, canCreateBank, canDeleteRateLimits, canReadCallLimits, canCreateRateLimits} import code.api.util.ApiTag._ import code.api.util.ErrorMessages.{$UserNotLoggedIn, InvalidDateFormat, InvalidJsonFormat, UnknownError, _} import code.api.util.FutureUtil.EndpointContext @@ -55,9 +55,9 @@ trait APIMethods600 { nameOf(getCurrentCallsLimit), "GET", "/management/consumers/CONSUMER_ID/consumer/current-usage", - "Get Call Limits for a Consumer Usage", + "Get Rate Limits for a Consumer Usage", s""" - |Get Call Limits for a Consumer Usage. + |Get Rate Limits for a Consumer Usage. |${userAuthenticationMessage(true)} | |""".stripMargin, @@ -94,10 +94,10 @@ trait APIMethods600 { implementedInApiVersion, nameOf(createCallLimits), "POST", - "/management/consumers/CONSUMER_ID/consumer/call-limits", - "Create Call Limits for a Consumer", + "/management/consumers/CONSUMER_ID/consumer/rate-limits", + "Create Rate Limits for a Consumer", s""" - |Create Call Limits for a Consumer + |Create Rate Limits for a Consumer | |${userAuthenticationMessage(true)} | @@ -113,16 +113,16 @@ trait APIMethods600 { UnknownError ), List(apiTagConsumer), - Some(List(canSetCallLimits))) + Some(List(canCreateRateLimits))) lazy val createCallLimits: OBPEndpoint = { - case "management" :: "consumers" :: consumerId :: "consumer" :: "call-limits" :: Nil JsonPost json -> _ => + case "management" :: "consumers" :: consumerId :: "consumer" :: "rate-limits" :: Nil JsonPost json -> _ => cc => implicit val ec = EndpointContext(Some(cc)) for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- NewStyle.function.hasEntitlement("", u.userId, canSetCallLimits, callContext) + _ <- NewStyle.function.hasEntitlement("", u.userId, canCreateRateLimits, callContext) postJson <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the $CallLimitPostJsonV600 ", 400, callContext) { json.extract[CallLimitPostJsonV600] } @@ -155,10 +155,10 @@ trait APIMethods600 { implementedInApiVersion, nameOf(deleteCallLimits), "DELETE", - "/management/consumers/CONSUMER_ID/consumer/call-limits/RATE_LIMITING_ID", - "Delete Call Limit by Rate Limiting ID", + "/management/consumers/CONSUMER_ID/consumer/rate-limits/RATE_LIMITING_ID", + "Delete Rate Limit by Rate Limiting ID", s""" - |Delete a specific Call Limit by Rate Limiting ID + |Delete a specific Rate Limit by Rate Limiting ID | |${userAuthenticationMessage(true)} | @@ -173,16 +173,16 @@ trait APIMethods600 { UnknownError ), List(apiTagConsumer), - Some(List(canDeleteRateLimiting))) + Some(List(canDeleteRateLimits))) lazy val deleteCallLimits: OBPEndpoint = { - case "management" :: "consumers" :: consumerId :: "consumer" :: "call-limits" :: rateLimitingId :: Nil JsonDelete _ => + case "management" :: "consumers" :: consumerId :: "consumer" :: "rate-limits" :: rateLimitingId :: Nil JsonDelete _ => cc => implicit val ec = EndpointContext(Some(cc)) for { (Full(u), callContext) <- authenticatedAccess(cc) - _ <- NewStyle.function.hasEntitlement("", u.userId, canDeleteRateLimiting, callContext) + _ <- NewStyle.function.hasEntitlement("", u.userId, canDeleteRateLimits, callContext) _ <- NewStyle.function.getConsumerByConsumerId(consumerId, callContext) rateLimiting <- RateLimitingDI.rateLimiting.vend.getByRateLimitingId(rateLimitingId) _ <- rateLimiting match { @@ -208,10 +208,10 @@ trait APIMethods600 { implementedInApiVersion, nameOf(getActiveCallLimitsAtDate), "GET", - "/management/consumers/CONSUMER_ID/consumer/call-limits/active-at-date/DATE", - "Get Active Call Limits at Date", + "/management/consumers/CONSUMER_ID/consumer/rate-limits/active-at-date/DATE", + "Get Active Rate Limits at Date", s""" - |Get the sum of call limits at a certain date time. This returns a SUM of all the records that span that time. + |Get the sum of rate limits at a certain date time. This returns a SUM of all the records that span that time. | |Date format: YYYY-MM-DDTHH:MM:SSZ (e.g. 1099-12-31T23:00:00Z) | @@ -233,7 +233,7 @@ trait APIMethods600 { lazy val getActiveCallLimitsAtDate: OBPEndpoint = { - case "management" :: "consumers" :: consumerId :: "consumer" :: "call-limits" :: "active-at-date" :: dateString :: Nil JsonGet _ => + case "management" :: "consumers" :: consumerId :: "consumer" :: "rate-limits" :: "active-at-date" :: dateString :: Nil JsonGet _ => cc => implicit val ec = EndpointContext(Some(cc)) for { diff --git a/obp-api/src/test/scala/code/api/v3_1_0/RateLimitTest.scala b/obp-api/src/test/scala/code/api/v3_1_0/RateLimitTest.scala index 612d95f86..a781d376a 100644 --- a/obp-api/src/test/scala/code/api/v3_1_0/RateLimitTest.scala +++ b/obp-api/src/test/scala/code/api/v3_1_0/RateLimitTest.scala @@ -32,7 +32,7 @@ import java.time.{ZoneId, ZonedDateTime} import java.util.Date import code.api.util.APIUtil.OAuth._ import code.api.util.{ApiRole, RateLimitingUtil} -import code.api.util.ApiRole.{CanReadCallLimits, CanSetCallLimits} +import code.api.util.ApiRole.{CanReadCallLimits, CanUpdateRateLimits} import code.api.util.ErrorMessages.{UserHasMissingRoles, UserNotLoggedIn} import code.api.v3_1_0.OBPAPI3_1_0.Implementations3_1_0 import code.consumer.Consumers @@ -148,30 +148,30 @@ class RateLimitTest extends V310ServerSetup with PropsReset { When("We make a request v3.1.0") val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT val response310 = makePutRequest(request310, write(callLimitJson1)) Then("We should get a 401") response310.code should equal(401) And("error should be " + UserNotLoggedIn) response310.body.extract[ErrorMessage].message should equal (UserNotLoggedIn) } - scenario("We will try to set calls limit per minute without a proper Role " + ApiRole.canSetCallLimits, ApiEndpoint, VersionOfApi) { - When("We make a request v3.1.0 without a Role " + ApiRole.canSetCallLimits) + scenario("We will try to set calls limit per minute without a proper Role " + ApiRole.canUpdateRateLimits, ApiEndpoint, VersionOfApi) { + When("We make a request v3.1.0 without a Role " + ApiRole.canUpdateRateLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(user1) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(user1) val response310 = makePutRequest(request310, write(callLimitJson1)) Then("We should get a 403") response310.code should equal(403) - And("error should be " + UserHasMissingRoles + CanSetCallLimits) - response310.body.extract[ErrorMessage].message should equal (UserHasMissingRoles + CanSetCallLimits) + And("error should be " + UserHasMissingRoles + CanUpdateRateLimits) + response310.body.extract[ErrorMessage].message should equal (UserHasMissingRoles + CanUpdateRateLimits) } - scenario("We will try to set calls limit per minute with a proper Role " + ApiRole.canSetCallLimits, ApiEndpoint, VersionOfApi) { - When("We make a request v3.1.0 with a Role " + ApiRole.canSetCallLimits) + scenario("We will try to set calls limit per minute with a proper Role " + ApiRole.canUpdateRateLimits, ApiEndpoint, VersionOfApi) { + When("We make a request v3.1.0 with a Role " + ApiRole.canUpdateRateLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanSetCallLimits.toString) - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanUpdateRateLimits.toString) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(user1) val response310 = makePutRequest(request310, write(callLimitJson1)) Then("We should get a 200") response310.code should equal(200) @@ -179,12 +179,12 @@ class RateLimitTest extends V310ServerSetup with PropsReset { } scenario("We will set calls limit per second for a Consumer", ApiEndpoint, VersionOfApi) { - When("We make a request v3.1.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v3.1.0 with a Role " + ApiRole.canUpdateRateLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") val id: Long = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.id.get).getOrElse(0) - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanSetCallLimits.toString) - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanUpdateRateLimits.toString) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(user1) val response01 = makePutRequest(request310, write(callLimitSecondJson)) Then("We should get a 200") response01.code should equal(200) @@ -204,12 +204,12 @@ class RateLimitTest extends V310ServerSetup with PropsReset { } scenario("We will set calls limit per minute for a Consumer", ApiEndpoint, VersionOfApi) { - When("We make a request v3.1.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v3.1.0 with a Role " + ApiRole.canUpdateRateLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") val id: Long = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.id.get).getOrElse(0) - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanSetCallLimits.toString) - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanUpdateRateLimits.toString) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(user1) val response01 = makePutRequest(request310, write(callLimitMinuteJson)) Then("We should get a 200") response01.code should equal(200) @@ -229,12 +229,12 @@ class RateLimitTest extends V310ServerSetup with PropsReset { } scenario("We will set calls limit per hour for a Consumer", ApiEndpoint, VersionOfApi) { - When("We make a request v3.1.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v3.1.0 with a Role " + ApiRole.canUpdateRateLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") val id: Long = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.id.get).getOrElse(0) - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanSetCallLimits.toString) - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanUpdateRateLimits.toString) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(user1) val response01 = makePutRequest(request310, write(callLimitHourJson)) Then("We should get a 200") response01.code should equal(200) @@ -254,12 +254,12 @@ class RateLimitTest extends V310ServerSetup with PropsReset { } scenario("We will set calls limit per day for a Consumer", ApiEndpoint, VersionOfApi) { - When("We make a request v3.1.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v3.1.0 with a Role " + ApiRole.canUpdateRateLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") val id: Long = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.id.get).getOrElse(0) - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanSetCallLimits.toString) - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanUpdateRateLimits.toString) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(user1) val response01 = makePutRequest(request310, write(callLimitDayJson)) Then("We should get a 200") response01.code should equal(200) @@ -279,12 +279,12 @@ class RateLimitTest extends V310ServerSetup with PropsReset { } scenario("We will set calls limit per week for a Consumer", ApiEndpoint, VersionOfApi) { - When("We make a request v3.1.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v3.1.0 with a Role " + ApiRole.canUpdateRateLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") val id: Long = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.id.get).getOrElse(0) - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanSetCallLimits.toString) - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanUpdateRateLimits.toString) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(user1) val response01 = makePutRequest(request310, write(callLimitWeekJson)) Then("We should get a 200") response01.code should equal(200) @@ -304,12 +304,12 @@ class RateLimitTest extends V310ServerSetup with PropsReset { } scenario("We will set calls limit per month for a Consumer", ApiEndpoint, VersionOfApi) { - When("We make a request v3.1.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v3.1.0 with a Role " + ApiRole.canUpdateRateLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") val id: Long = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.id.get).getOrElse(0) - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanSetCallLimits.toString) - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanUpdateRateLimits.toString) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(user1) val response01 = makePutRequest(request310, write(callLimitMonthJson)) Then("We should get a 200") response01.code should equal(200) @@ -335,7 +335,7 @@ class RateLimitTest extends V310ServerSetup with PropsReset { When("We make a request v3.1.0") val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").GET + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").GET val response310 = makeGetRequest(request310) Then("We should get a 401") response310.code should equal(401) @@ -346,7 +346,7 @@ class RateLimitTest extends V310ServerSetup with PropsReset { When("We make a request v3.1.0 without a Role " + ApiRole.canReadCallLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").GET <@(user1) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").GET <@(user1) val response310 = makeGetRequest(request310) Then("We should get a 403") response310.code should equal(403) @@ -358,7 +358,7 @@ class RateLimitTest extends V310ServerSetup with PropsReset { val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanReadCallLimits.toString) - val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").GET <@(user1) + val request310 = (v3_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").GET <@(user1) val response310 = makeGetRequest(request310) Then("We should get a 200") response310.code should equal(200) diff --git a/obp-api/src/test/scala/code/api/v4_0_0/RateLimitingTest.scala b/obp-api/src/test/scala/code/api/v4_0_0/RateLimitingTest.scala index 36a93050c..f268a8b7d 100644 --- a/obp-api/src/test/scala/code/api/v4_0_0/RateLimitingTest.scala +++ b/obp-api/src/test/scala/code/api/v4_0_0/RateLimitingTest.scala @@ -27,7 +27,7 @@ package code.api.v4_0_0 import code.api.cache.Redis import code.api.util.APIUtil.OAuth._ -import code.api.util.ApiRole.{CanSetCallLimits, canCreateDynamicEndpoint} +import code.api.util.ApiRole.{CanUpdateRateLimits, canCreateDynamicEndpoint} import code.api.util.ErrorMessages.{UserHasMissingRoles, UserNotLoggedIn} import code.api.util.{ApiRole, ExampleValue, RateLimitingUtil} import code.api.v3_0_0.OBPAPI3_0_0.Implementations3_0_0.getCurrentUser @@ -101,18 +101,18 @@ class RateLimitingTest extends V400ServerSetup with PropsReset { And("error should be " + UserNotLoggedIn) response400.body.extract[ErrorMessage].message should equal (UserNotLoggedIn) } - scenario("We will try to set Rate Limiting per minute without a proper Role " + ApiRole.canSetCallLimits, ApiCallsLimit, ApiVersion400) { + scenario("We will try to set Rate Limiting per minute without a proper Role " + ApiRole.canUpdateRateLimits, ApiCallsLimit, ApiVersion400) { - When("We make a request v4.0.0 without a Role " + ApiRole.canSetCallLimits) + When("We make a request v4.0.0 without a Role " + ApiRole.canUpdateRateLimits) val response400 = setRateLimitingWithoutRole(user1, callLimitJsonInitial) Then("We should get a 403") response400.code should equal(403) - And("error should be " + UserHasMissingRoles + CanSetCallLimits) - response400.body.extract[ErrorMessage].message should equal (UserHasMissingRoles + CanSetCallLimits) + And("error should be " + UserHasMissingRoles + CanUpdateRateLimits) + response400.body.extract[ErrorMessage].message should equal (UserHasMissingRoles + CanUpdateRateLimits) } - scenario("We will try to set Rate Limiting per minute with a proper Role " + ApiRole.canSetCallLimits, ApiCallsLimit, ApiVersion400) { + scenario("We will try to set Rate Limiting per minute with a proper Role " + ApiRole.canUpdateRateLimits, ApiCallsLimit, ApiVersion400) { - When("We make a request v4.0.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v4.0.0 with a Role " + ApiRole.canUpdateRateLimits) val response400 = setRateLimiting(user1, callLimitJsonInitial) Then("We should get a 200") response400.code should equal(200) @@ -120,7 +120,7 @@ class RateLimitingTest extends V400ServerSetup with PropsReset { } scenario("We will set Rate Limiting per second for an Endpoint", ApiCallsLimit, ApiVersion400) { - When("We make a request v4.0.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v4.0.0 with a Role " + ApiRole.canUpdateRateLimits) val response01 = setRateLimiting(user1, callLimitJsonSecond) Then("We should get a 200") response01.code should equal(200) @@ -143,7 +143,7 @@ class RateLimitingTest extends V400ServerSetup with PropsReset { } scenario("We will set Rate Limiting per minute for an Endpoint", ApiCallsLimit, ApiVersion400) { - When("We make a request v4.0.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v4.0.0 with a Role " + ApiRole.canUpdateRateLimits) val response01 = setRateLimiting(user1, callLimitJsonMinute) Then("We should get a 200") response01.code should equal(200) @@ -165,7 +165,7 @@ class RateLimitingTest extends V400ServerSetup with PropsReset { } scenario("We will set Rate Limiting per hour for an Endpoint", ApiCallsLimit, ApiVersion400) { - When("We make a request v4.0.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v4.0.0 with a Role " + ApiRole.canUpdateRateLimits) val response01 = setRateLimiting(user1, callLimitJsonHour) Then("We should get a 200") response01.code should equal(200) @@ -187,7 +187,7 @@ class RateLimitingTest extends V400ServerSetup with PropsReset { } scenario("We will set Rate Limiting per week for an Endpoint", ApiCallsLimit, ApiVersion400) { - When("We make a request v4.0.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v4.0.0 with a Role " + ApiRole.canUpdateRateLimits) val response01 = setRateLimiting(user1, callLimitJsonWeek) Then("We should get a 200") response01.code should equal(200) @@ -209,7 +209,7 @@ class RateLimitingTest extends V400ServerSetup with PropsReset { } scenario("We will set Rate Limiting per month for an Endpoint", ApiCallsLimit, ApiVersion400) { - When("We make a request v4.0.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v4.0.0 with a Role " + ApiRole.canUpdateRateLimits) val response01 = setRateLimiting(user1, callLimitJsonMonth) Then("We should get a 200") response01.code should equal(200) diff --git a/obp-api/src/test/scala/code/api/v4_0_0/V400ServerSetup.scala b/obp-api/src/test/scala/code/api/v4_0_0/V400ServerSetup.scala index 86d5ec111..aa07a8546 100644 --- a/obp-api/src/test/scala/code/api/v4_0_0/V400ServerSetup.scala +++ b/obp-api/src/test/scala/code/api/v4_0_0/V400ServerSetup.scala @@ -104,18 +104,18 @@ trait V400ServerSetup extends ServerSetupWithTestData with DefaultUsers { def setRateLimiting(consumerAndToken: Option[(Consumer, Token)], putJson: CallLimitPostJsonV400): APIResponse = { val Some((c, _)) = consumerAndToken val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanSetCallLimits.toString) - val request400 = (v4_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(consumerAndToken) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanUpdateRateLimits.toString) + val request400 = (v4_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(consumerAndToken) makePutRequest(request400, write(putJson)) } def setRateLimitingWithoutRole(consumerAndToken: Option[(Consumer, Token)], putJson: CallLimitPostJsonV400): APIResponse = { val Some((c, _)) = consumerAndToken val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - val request400 = (v4_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@(consumerAndToken) + val request400 = (v4_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@(consumerAndToken) makePutRequest(request400, write(putJson)) } def setRateLimitingAnonymousAccess(putJson: CallLimitPostJsonV400): APIResponse = { - val request400 = (v4_0_0_Request / "management" / "consumers" / "some_consumer_id" / "consumer" / "call-limits").PUT + val request400 = (v4_0_0_Request / "management" / "consumers" / "some_consumer_id" / "consumer" / "rate-limits").PUT makePutRequest(request400, write(putJson)) } diff --git a/obp-api/src/test/scala/code/api/v5_1_0/RateLimitingTest.scala b/obp-api/src/test/scala/code/api/v5_1_0/RateLimitingTest.scala index 9991aeba5..bda8c0178 100644 --- a/obp-api/src/test/scala/code/api/v5_1_0/RateLimitingTest.scala +++ b/obp-api/src/test/scala/code/api/v5_1_0/RateLimitingTest.scala @@ -91,7 +91,7 @@ class RateLimitingTest extends V510ServerSetup with PropsReset { When(s"We make a request $ApiVersion510") val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - val request510 = (v5_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").GET + val request510 = (v5_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").GET val response510 = makeGetRequest(request510) Then("We should get a 401") response510.code should equal(401) @@ -102,7 +102,7 @@ class RateLimitingTest extends V510ServerSetup with PropsReset { When("We make a request v3.1.0 without a Role " + ApiRole.canReadCallLimits) val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - val request510 = (v5_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").GET <@ (user1) + val request510 = (v5_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").GET <@ (user1) val response510 = makeGetRequest(request510) Then("We should get a 403") response510.code should equal(403) @@ -111,7 +111,7 @@ class RateLimitingTest extends V510ServerSetup with PropsReset { } scenario("We will try to get calls limit per minute with a proper Role " + ApiRole.canReadCallLimits, ApiCallsLimit, ApiVersion510) { - When("We make a request v5.1.0 with a Role " + ApiRole.canSetCallLimits) + When("We make a request v5.1.0 with a Role " + ApiRole.canUpdateRateLimits) val response01 = setRateLimiting(user1, callLimitJsonMonth) Then("We should get a 200") response01.code should equal(200) @@ -120,7 +120,7 @@ class RateLimitingTest extends V510ServerSetup with PropsReset { val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanReadCallLimits.toString) - val request510 = (v5_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").GET <@ (user1) + val request510 = (v5_1_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").GET <@ (user1) val response510 = makeGetRequest(request510) Then("We should get a 200") response510.code should equal(200) diff --git a/obp-api/src/test/scala/code/api/v5_1_0/V510ServerSetup.scala b/obp-api/src/test/scala/code/api/v5_1_0/V510ServerSetup.scala index 32fa52065..7ac569a74 100644 --- a/obp-api/src/test/scala/code/api/v5_1_0/V510ServerSetup.scala +++ b/obp-api/src/test/scala/code/api/v5_1_0/V510ServerSetup.scala @@ -37,8 +37,8 @@ trait V510ServerSetup extends ServerSetupWithTestData with DefaultUsers { def setRateLimiting(consumerAndToken: Option[(Consumer, Token)], putJson: CallLimitPostJsonV400): APIResponse = { val Some((c, _)) = consumerAndToken val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanSetCallLimits.toString) - val request400 = (v4_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").PUT <@ (consumerAndToken) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanUpdateRateLimits.toString) + val request400 = (v4_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").PUT <@ (consumerAndToken) makePutRequest(request400, write(putJson)) } diff --git a/obp-api/src/test/scala/code/api/v6_0_0/CallLimitsTest.scala b/obp-api/src/test/scala/code/api/v6_0_0/CallLimitsTest.scala index 915d4b2b9..90d759499 100644 --- a/obp-api/src/test/scala/code/api/v6_0_0/CallLimitsTest.scala +++ b/obp-api/src/test/scala/code/api/v6_0_0/CallLimitsTest.scala @@ -26,7 +26,7 @@ TESOBE (http://www.tesobe.com/) package code.api.v6_0_0 import code.api.util.APIUtil.OAuth._ -import code.api.util.ApiRole.{CanDeleteRateLimiting, CanReadCallLimits, CanSetCallLimits} +import code.api.util.ApiRole.{CanDeleteRateLimiting, CanReadCallLimits, CanCreateRateLimits} import code.api.util.ErrorMessages.{UserHasMissingRoles, UserNotLoggedIn} import code.api.v6_0_0.OBPAPI6_0_0.Implementations6_0_0 import code.consumer.Consumers @@ -75,7 +75,7 @@ class CallLimitsTest extends V600ServerSetup { When("We make a request v6.0.0 without user credentials") val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").POST + val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").POST val response600 = makePostRequest(request600, write(postCallLimitJsonV600)) Then("We should get a 401") response600.code should equal(401) @@ -89,20 +89,20 @@ class CallLimitsTest extends V600ServerSetup { When("We make a request v6.0.0 without a proper role") val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").POST <@ (user1) + val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").POST <@ (user1) val response600 = makePostRequest(request600, write(postCallLimitJsonV600)) Then("We should get a 403") response600.code should equal(403) - And("error should be " + UserHasMissingRoles + CanSetCallLimits) - response600.body.extract[ErrorMessage].message should equal(UserHasMissingRoles + CanSetCallLimits) + And("error should be " + UserHasMissingRoles + CanCreateRateLimits) + response600.body.extract[ErrorMessage].message should equal(UserHasMissingRoles + CanCreateRateLimits) } scenario("We will call the endpoint with proper Role", ApiEndpoint1, VersionOfApi) { When("We make a request v6.0.0 with a proper role") val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanSetCallLimits.toString) - val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").POST <@ (user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanCreateRateLimits.toString) + val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").POST <@ (user1) val response600 = makePostRequest(request600, write(postCallLimitJsonV600)) Then("We should get a 201") response600.code should equal(201) @@ -119,15 +119,15 @@ class CallLimitsTest extends V600ServerSetup { Given("We create a call limit first") val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanSetCallLimits.toString) - val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").POST <@ (user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanCreateRateLimits.toString) + val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").POST <@ (user1) val createResponse = makePostRequest(request600, write(postCallLimitJsonV600)) createResponse.code should equal(201) val createdCallLimit = createResponse.body.extract[CallLimitJsonV600] When("We delete the call limit") Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanDeleteRateLimiting.toString) - val deleteRequest = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits" / createdCallLimit.rate_limiting_id).DELETE <@ (user1) + val deleteRequest = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits" / createdCallLimit.rate_limiting_id).DELETE <@ (user1) val deleteResponse = makeDeleteRequest(deleteRequest) Then("We should get a 204") @@ -138,14 +138,14 @@ class CallLimitsTest extends V600ServerSetup { Given("We create a call limit first") val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanSetCallLimits.toString) - val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").POST <@ (user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanCreateRateLimits.toString) + val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").POST <@ (user1) val createResponse = makePostRequest(request600, write(postCallLimitJsonV600)) createResponse.code should equal(201) val createdCallLimit = createResponse.body.extract[CallLimitJsonV600] When("We try to delete without proper role") - val deleteRequest = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits" / createdCallLimit.rate_limiting_id).DELETE <@ (user1) + val deleteRequest = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits" / createdCallLimit.rate_limiting_id).DELETE <@ (user1) val deleteResponse = makeDeleteRequest(deleteRequest) Then("We should get a 403") @@ -160,8 +160,8 @@ class CallLimitsTest extends V600ServerSetup { Given("We create a call limit first") val Some((c, _)) = user1 val consumerId = Consumers.consumers.vend.getConsumerByConsumerKey(c.key).map(_.consumerId.get).getOrElse("") - Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanSetCallLimits.toString) - val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits").POST <@ (user1) + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanCreateRateLimits.toString) + val request600 = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits").POST <@ (user1) val createResponse = makePostRequest(request600, write(postCallLimitJsonV600)) createResponse.code should equal(201) @@ -170,7 +170,7 @@ class CallLimitsTest extends V600ServerSetup { val currentDateString = ZonedDateTime .now(ZoneOffset.UTC) .format(DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss'Z'")) - val getRequest = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits" / "active-at-date" / currentDateString).GET <@ (user1) + val getRequest = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits" / "active-at-date" / currentDateString).GET <@ (user1) val getResponse = makeGetRequest(getRequest) Then("We should get a 200") @@ -188,7 +188,7 @@ class CallLimitsTest extends V600ServerSetup { val currentDateString = ZonedDateTime .now(ZoneOffset.UTC) .format(DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss'Z'")) - val getRequest = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "call-limits" / "active-at-date" / currentDateString).GET <@ (user1) + val getRequest = (v6_0_0_Request / "management" / "consumers" / consumerId / "consumer" / "rate-limits" / "active-at-date" / currentDateString).GET <@ (user1) val getResponse = makeGetRequest(getRequest) Then("We should get a 403")