feature/Add grantorUserId to te function addEntitlement

2026-02-06 15:27:01 +00:00 · 2021-12-08 12:20:56 +01:00 · 2021-12-08 12:20:56 +01:00 · be07e57ccd
commit be07e57ccd
parent 79e4fb3c17
5 changed files with 31 additions and 16 deletions
--- a/obp-api/src/main/scala/code/api/util/ErrorMessages.scala
+++ b/obp-api/src/main/scala/code/api/util/ErrorMessages.scala
@ -413,6 +413,7 @@ object ErrorMessages {
  val EntitlementAlreadyExists = "OBP-30216: Entitlement already exists for the user."
  val EntitlementCannotBeDeleted = "OBP-30219: EntitlementId cannot be deleted."
  val EntitlementCannotBeGranted = "OBP-30220: Entitlement cannot be granted."
+  val EntitlementCannotBeGrantedGrantorIssue = "OBP-30221: Entitlement cannot be granted due to the grantor's insufficient privileges."
  
  val CreateSystemViewError = "OBP-30250: Could not create the system view"
  val DeleteSystemViewError = "OBP-30251: Could not delete the system view"
--- a/obp-api/src/main/scala/code/entitlement/Entilement.scala
+++ b/obp-api/src/main/scala/code/entitlement/Entilement.scala
@ -30,7 +30,7 @@ trait EntitlementProvider {
  def getEntitlementsByRole(roleName: String): Box[List[Entitlement]]
  def getEntitlementsFuture() : Future[Box[List[Entitlement]]]
  def getEntitlementsByRoleFuture(roleName: String) : Future[Box[List[Entitlement]]]
-  def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual") : Box[Entitlement]
+  def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual", grantorUserId: Option[String]=None) : Box[Entitlement]
  def deleteDynamicEntityEntitlement(entityName: String, bankId:Option[String]) : Box[Boolean]
  def deleteEntitlements(entityNames: List[String]) : Box[Boolean]
 }
@ -54,7 +54,7 @@ class RemotedataEntitlementsCaseClasses {
  case class getEntitlementsByRole(roleName: String)
  case class getEntitlementsFuture()
  case class getEntitlementsByRoleFuture(roleName: String)
-  case class addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual")
+  case class addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual", grantorUserId: Option[String]=None)
  case class deleteDynamicEntityEntitlement(entityName: String, bankId:Option[String])
  case class deleteEntitlements(entityNames: List[String])
 }
--- a/obp-api/src/main/scala/code/entitlement/MappedEntitlements.scala
+++ b/obp-api/src/main/scala/code/entitlement/MappedEntitlements.scala
@ -1,12 +1,15 @@
 package code.entitlement

+import code.api.util.ApiRole.{CanCreateEntitlementAtAnyBank, CanCreateEntitlementAtOneBank}
+import code.api.util.ErrorMessages
 import code.api.v4_0_0.dynamic.DynamicEntityInfo
 import code.util.{MappedUUID, UUIDString}
-import net.liftweb.common.Box
+import net.liftweb.common.{Box, Failure, Full}
 import net.liftweb.mapper._

 import scala.concurrent.Future
 import com.openbankproject.commons.ExecutionContext.Implicits.global
+import net.liftweb.common

 object MappedEntitlementsProvider extends EntitlementProvider {
  override def getEntitlement(bankId: String, userId: String, roleName: String): Box[MappedEntitlement] = {
@ -102,15 +105,26 @@ object MappedEntitlementsProvider extends EntitlementProvider {
    }
  }

-  override def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String ="manual"): Box[Entitlement] = {
+  override def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String ="manual", grantorUserId: Option[String]=None): Box[Entitlement] = {
+    def addEntitlementToUser(): Full[MappedEntitlement] = {
+      val addEntitlement: MappedEntitlement = 
+        MappedEntitlement.create.mBankId(bankId).mUserId(userId).mRoleName(roleName).mCreatedByProcess(createdByProcess)
+        .saveMe()
+      Full(addEntitlement)
+    }
    // Return a Box so we can handle errors later.
-    val addEntitlement = MappedEntitlement.create
-      .mBankId(bankId)
-      .mUserId(userId)
-      .mRoleName(roleName)
-      .mCreatedByProcess(createdByProcess)
-      .saveMe()
-    Some(addEntitlement)
+    grantorUserId match {
+      case Some(userId) =>
+        val canCreateEntitlementAtAnyBank = MappedEntitlement.findAll(By(MappedEntitlement.mUserId, userId)).exists(e => e.roleName == CanCreateEntitlementAtAnyBank)
+        val canCreateEntitlementAtOneBank = MappedEntitlement.findAll(By(MappedEntitlement.mUserId, userId)).exists(e => e.roleName == CanCreateEntitlementAtOneBank && e.bankId == bankId)
+        if(canCreateEntitlementAtAnyBank || canCreateEntitlementAtOneBank) {
+          addEntitlementToUser()
+        } else {
+          Failure(ErrorMessages.EntitlementCannotBeGrantedGrantorIssue)
+        }
+      case None =>
+        addEntitlementToUser()
+    }
  }
 }

--- a/obp-api/src/main/scala/code/remotedata/RemotedataEntitlements.scala
+++ b/obp-api/src/main/scala/code/remotedata/RemotedataEntitlements.scala
@ -48,8 +48,8 @@ object RemotedataEntitlements extends ObpActorInit with EntitlementProvider {
  def getEntitlementsByRoleFuture(roleName: String) : Future[Box[List[Entitlement]]] =
    (actor ? cc.getEntitlementsByRoleFuture(roleName)).mapTo[Box[List[Entitlement]]]

-  def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual") : Box[Entitlement] = getValueFromFuture(
-    (actor ? cc.addEntitlement(bankId, userId, roleName, createdByProcess: String)).mapTo[Box[Entitlement]]
+  def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual", grantorUserId: Option[String]=None) : Box[Entitlement] = getValueFromFuture(
+    (actor ? cc.addEntitlement(bankId, userId, roleName, createdByProcess, grantorUserId)).mapTo[Box[Entitlement]]
  )

  override def deleteDynamicEntityEntitlement(entityName: String, bankId:Option[String]): Box[Boolean] = getValueFromFuture(
--- a/obp-api/src/main/scala/code/remotedata/RemotedataEntitlementsActor.scala
+++ b/obp-api/src/main/scala/code/remotedata/RemotedataEntitlementsActor.scala
@ -55,9 +55,9 @@ class RemotedataEntitlementsActor extends Actor with ObpActorHelper with MdcLogg
      logger.debug(s"getEntitlementsByRole($role)")
      sender ! (mapper.getEntitlementsByRole(role))

-    case cc.addEntitlement(bankId: String, userId: String, roleName: String,  createdByProcess: String) =>
-      logger.debug(s"addEntitlement($bankId, $userId, $roleName, $createdByProcess)")
-      sender ! (mapper.addEntitlement(bankId, userId, roleName,  createdByProcess: String))
+    case cc.addEntitlement(bankId: String, userId: String, roleName: String,  createdByProcess: String, grantorUserId: Option[String]) =>
+      logger.debug(s"addEntitlement($bankId, $userId, $roleName, $createdByProcess, $grantorUserId)")
+      sender ! (mapper.addEntitlement(bankId, userId, roleName, createdByProcess, grantorUserId))

    case cc.deleteDynamicEntityEntitlement(entityName: String, bankId:Option[String]) =>
      logger.debug(s"deleteDynamicEntityEntitlement($entityName) bankId($bankId)")