From be07e57ccd2ba474dc34f24ec4398823dc1cdb2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Wed, 8 Dec 2021 12:20:56 +0100 Subject: [PATCH] feature/Add grantorUserId to te function addEntitlement --- .../scala/code/api/util/ErrorMessages.scala | 1 + .../scala/code/entitlement/Entilement.scala | 4 +-- .../code/entitlement/MappedEntitlements.scala | 32 +++++++++++++------ .../remotedata/RemotedataEntitlements.scala | 4 +-- .../RemotedataEntitlementsActor.scala | 6 ++-- 5 files changed, 31 insertions(+), 16 deletions(-) diff --git a/obp-api/src/main/scala/code/api/util/ErrorMessages.scala b/obp-api/src/main/scala/code/api/util/ErrorMessages.scala index 36078c94c..baa231c4e 100644 --- a/obp-api/src/main/scala/code/api/util/ErrorMessages.scala +++ b/obp-api/src/main/scala/code/api/util/ErrorMessages.scala @@ -413,6 +413,7 @@ object ErrorMessages { val EntitlementAlreadyExists = "OBP-30216: Entitlement already exists for the user." val EntitlementCannotBeDeleted = "OBP-30219: EntitlementId cannot be deleted." val EntitlementCannotBeGranted = "OBP-30220: Entitlement cannot be granted." + val EntitlementCannotBeGrantedGrantorIssue = "OBP-30221: Entitlement cannot be granted due to the grantor's insufficient privileges." val CreateSystemViewError = "OBP-30250: Could not create the system view" val DeleteSystemViewError = "OBP-30251: Could not delete the system view" diff --git a/obp-api/src/main/scala/code/entitlement/Entilement.scala b/obp-api/src/main/scala/code/entitlement/Entilement.scala index 084c83493..3a885e972 100644 --- a/obp-api/src/main/scala/code/entitlement/Entilement.scala +++ b/obp-api/src/main/scala/code/entitlement/Entilement.scala @@ -30,7 +30,7 @@ trait EntitlementProvider { def getEntitlementsByRole(roleName: String): Box[List[Entitlement]] def getEntitlementsFuture() : Future[Box[List[Entitlement]]] def getEntitlementsByRoleFuture(roleName: String) : Future[Box[List[Entitlement]]] - def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual") : Box[Entitlement] + def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual", grantorUserId: Option[String]=None) : Box[Entitlement] def deleteDynamicEntityEntitlement(entityName: String, bankId:Option[String]) : Box[Boolean] def deleteEntitlements(entityNames: List[String]) : Box[Boolean] } @@ -54,7 +54,7 @@ class RemotedataEntitlementsCaseClasses { case class getEntitlementsByRole(roleName: String) case class getEntitlementsFuture() case class getEntitlementsByRoleFuture(roleName: String) - case class addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual") + case class addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual", grantorUserId: Option[String]=None) case class deleteDynamicEntityEntitlement(entityName: String, bankId:Option[String]) case class deleteEntitlements(entityNames: List[String]) } diff --git a/obp-api/src/main/scala/code/entitlement/MappedEntitlements.scala b/obp-api/src/main/scala/code/entitlement/MappedEntitlements.scala index 7b39f1a70..cc550f619 100644 --- a/obp-api/src/main/scala/code/entitlement/MappedEntitlements.scala +++ b/obp-api/src/main/scala/code/entitlement/MappedEntitlements.scala @@ -1,12 +1,15 @@ package code.entitlement +import code.api.util.ApiRole.{CanCreateEntitlementAtAnyBank, CanCreateEntitlementAtOneBank} +import code.api.util.ErrorMessages import code.api.v4_0_0.dynamic.DynamicEntityInfo import code.util.{MappedUUID, UUIDString} -import net.liftweb.common.Box +import net.liftweb.common.{Box, Failure, Full} import net.liftweb.mapper._ import scala.concurrent.Future import com.openbankproject.commons.ExecutionContext.Implicits.global +import net.liftweb.common object MappedEntitlementsProvider extends EntitlementProvider { override def getEntitlement(bankId: String, userId: String, roleName: String): Box[MappedEntitlement] = { @@ -102,15 +105,26 @@ object MappedEntitlementsProvider extends EntitlementProvider { } } - override def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String ="manual"): Box[Entitlement] = { + override def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String ="manual", grantorUserId: Option[String]=None): Box[Entitlement] = { + def addEntitlementToUser(): Full[MappedEntitlement] = { + val addEntitlement: MappedEntitlement = + MappedEntitlement.create.mBankId(bankId).mUserId(userId).mRoleName(roleName).mCreatedByProcess(createdByProcess) + .saveMe() + Full(addEntitlement) + } // Return a Box so we can handle errors later. - val addEntitlement = MappedEntitlement.create - .mBankId(bankId) - .mUserId(userId) - .mRoleName(roleName) - .mCreatedByProcess(createdByProcess) - .saveMe() - Some(addEntitlement) + grantorUserId match { + case Some(userId) => + val canCreateEntitlementAtAnyBank = MappedEntitlement.findAll(By(MappedEntitlement.mUserId, userId)).exists(e => e.roleName == CanCreateEntitlementAtAnyBank) + val canCreateEntitlementAtOneBank = MappedEntitlement.findAll(By(MappedEntitlement.mUserId, userId)).exists(e => e.roleName == CanCreateEntitlementAtOneBank && e.bankId == bankId) + if(canCreateEntitlementAtAnyBank || canCreateEntitlementAtOneBank) { + addEntitlementToUser() + } else { + Failure(ErrorMessages.EntitlementCannotBeGrantedGrantorIssue) + } + case None => + addEntitlementToUser() + } } } diff --git a/obp-api/src/main/scala/code/remotedata/RemotedataEntitlements.scala b/obp-api/src/main/scala/code/remotedata/RemotedataEntitlements.scala index ed68b4d5f..1e5a6750f 100644 --- a/obp-api/src/main/scala/code/remotedata/RemotedataEntitlements.scala +++ b/obp-api/src/main/scala/code/remotedata/RemotedataEntitlements.scala @@ -48,8 +48,8 @@ object RemotedataEntitlements extends ObpActorInit with EntitlementProvider { def getEntitlementsByRoleFuture(roleName: String) : Future[Box[List[Entitlement]]] = (actor ? cc.getEntitlementsByRoleFuture(roleName)).mapTo[Box[List[Entitlement]]] - def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual") : Box[Entitlement] = getValueFromFuture( - (actor ? cc.addEntitlement(bankId, userId, roleName, createdByProcess: String)).mapTo[Box[Entitlement]] + def addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String="manual", grantorUserId: Option[String]=None) : Box[Entitlement] = getValueFromFuture( + (actor ? cc.addEntitlement(bankId, userId, roleName, createdByProcess, grantorUserId)).mapTo[Box[Entitlement]] ) override def deleteDynamicEntityEntitlement(entityName: String, bankId:Option[String]): Box[Boolean] = getValueFromFuture( diff --git a/obp-api/src/main/scala/code/remotedata/RemotedataEntitlementsActor.scala b/obp-api/src/main/scala/code/remotedata/RemotedataEntitlementsActor.scala index 6869b7d7c..cdbb16c88 100644 --- a/obp-api/src/main/scala/code/remotedata/RemotedataEntitlementsActor.scala +++ b/obp-api/src/main/scala/code/remotedata/RemotedataEntitlementsActor.scala @@ -55,9 +55,9 @@ class RemotedataEntitlementsActor extends Actor with ObpActorHelper with MdcLogg logger.debug(s"getEntitlementsByRole($role)") sender ! (mapper.getEntitlementsByRole(role)) - case cc.addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String) => - logger.debug(s"addEntitlement($bankId, $userId, $roleName, $createdByProcess)") - sender ! (mapper.addEntitlement(bankId, userId, roleName, createdByProcess: String)) + case cc.addEntitlement(bankId: String, userId: String, roleName: String, createdByProcess: String, grantorUserId: Option[String]) => + logger.debug(s"addEntitlement($bankId, $userId, $roleName, $createdByProcess, $grantorUserId)") + sender ! (mapper.addEntitlement(bankId, userId, roleName, createdByProcess, grantorUserId)) case cc.deleteDynamicEntityEntitlement(entityName: String, bankId:Option[String]) => logger.debug(s"deleteDynamicEntityEntitlement($entityName) bankId($bankId)")