diff --git a/obp-api/src/main/resources/props/sample.props.template b/obp-api/src/main/resources/props/sample.props.template index 928ca725d..47002d38a 100644 --- a/obp-api/src/main/resources/props/sample.props.template +++ b/obp-api/src/main/resources/props/sample.props.template @@ -683,6 +683,8 @@ database_messages_scheduler_interval=3600 # In case isn't defined default value is "apis,portal" # Possible cases: portal, api # server_mode=apis,portal +# If the server_mode set to `portal`, so we need to set its portal hostname. If omit this props, then it will use `hostname` value instead. +# portal_hostname=http://127.0.0.1:8080 # ----------------------------------------------- # -- SCA (Strong Customer Authentication) method for OTP challenge------- diff --git a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala index c5a163f0a..9a877a2c7 100644 --- a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala +++ b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala @@ -980,7 +980,7 @@ trait APIMethods400 { nameOf(addAccount), "POST", "/banks/BANK_ID/accounts", - "Add Account", + "Create Account (POST)", """Create Account at bank specified by BANK_ID. | |The User can create an Account for himself - or - the User that has the USER_ID specified in the POST body. diff --git a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala index f05506d0c..43b460841 100644 --- a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala +++ b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala @@ -343,7 +343,9 @@ import net.liftweb.util.Helpers._ // So if the follow case paramter name is "user" will cause compile warnings case u if u.validated_? => u.resetUniqueId().save - val resetLink = APIUtil.getPropsValue("hostname", "ERROR")+ + //NOTE: here, if server_mode = portal, so we need modify the resetLink to portal_hostname, then developer can get proper response.. + val resetLinkProps = APIUtil.getPropsValue("hostname", "ERROR") + val resetLink = APIUtil.getPropsValue("portal_hostname", resetLinkProps)+ passwordResetPath.mkString("/", "/", "/")+urlEncode(u.getUniqueId()) Mailer.sendMail(From(emailFrom),Subject(passwordResetEmailSubject + " - " + u.username), To(u.getEmail) :: diff --git a/obp-api/src/test/scala/code/api/v4_0_0/EntitlementTests.scala b/obp-api/src/test/scala/code/api/v4_0_0/EntitlementTests.scala index 6aaa92bde..a25ec4dcc 100644 --- a/obp-api/src/test/scala/code/api/v4_0_0/EntitlementTests.scala +++ b/obp-api/src/test/scala/code/api/v4_0_0/EntitlementTests.scala @@ -1,7 +1,7 @@ package code.api.v4_0_0 import code.api.ErrorMessage -import code.api.util.ApiRole.CanGetEntitlementsForAnyUserAtAnyBank +import code.api.util.ApiRole.{CanGetEntitlementsForAnyBank, CanGetEntitlementsForAnyUserAtAnyBank, CanGetEntitlementsForOneBank} import code.api.util.ErrorMessages.{UserHasMissingRoles, _} import code.api.util.{ApiRole, ApiVersion, ErrorMessages} import code.entitlement.Entitlement @@ -30,6 +30,7 @@ class EntitlementTests extends V400ServerSetupAsync with DefaultUsers { */ object VersionOfApi extends Tag(ApiVersion.v4_0_0.toString) object ApiEndpoint1 extends Tag(nameOf(Implementations4_0_0.getEntitlements)) + object ApiEndpoint2 extends Tag(nameOf(Implementations4_0_0.getEntitlementsForBank)) feature("Assuring that endpoint getEntitlements works as expected - v4.0.0") { @@ -68,6 +69,45 @@ class EntitlementTests extends V400ServerSetupAsync with DefaultUsers { r.code should equal(200) } } + + scenario("We try to get entitlements without roles - getEntitlementsForBank", ApiEndpoint2, VersionOfApi) { + When("We make the request") + val requestGet = (v4_0_0_Request / "banks" / testBankId1.value / "entitlements").GET <@ (user1) + val responseGet = makeGetRequestAsync(requestGet) + Then("We should get a 403") + + responseGet map { r => + r.code should equal(403) + r.body.extract[ErrorMessage].message contains(CanGetEntitlementsForOneBank.toString()) should be (true) + r.body.extract[ErrorMessage].message contains(CanGetEntitlementsForAnyBank.toString) should be (true) + } + } + + scenario("We try to get entitlements with CanGetEntitlementsForOneBank role - getEntitlementsForBank", ApiEndpoint2, VersionOfApi) { + When("We add required entitlement") + Entitlement.entitlement.vend.addEntitlement(testBankId1.value, resourceUser1.userId, ApiRole.CanGetEntitlementsForOneBank.toString) + And("We make the request") + val requestGet = (v4_0_0_Request / "banks" / testBankId1.value / "entitlements").GET <@ (user1) + val responseGet = makeGetRequestAsync(requestGet) + Then("We should get a 200") + responseGet map { r => + r.body.extract[EntitlementsJsonV400] + r.code should equal(200) + } + } + + scenario("We try to get entitlements with CanGetEntitlementsForAnyBank role - getEntitlementsForBank", ApiEndpoint2, VersionOfApi) { + When("We add required entitlement") + Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanGetEntitlementsForAnyBank.toString) + And("We make the request") + val requestGet = (v4_0_0_Request / "banks" / testBankId1.value / "entitlements").GET <@ (user1) + val responseGet = makeGetRequestAsync(requestGet) + Then("We should get a 200") + responseGet map { r => + r.body.extract[EntitlementsJsonV400] + r.code should equal(200) + } + } } diff --git a/release_notes.md b/release_notes.md index c4dcda8cc..ba596ffc2 100644 --- a/release_notes.md +++ b/release_notes.md @@ -3,6 +3,8 @@ ### Most recent changes at top of file ``` Date Commit Action +21/11/2019 51f97330 Added props: portal_hostname. default use the same value as hostname. This props is only useful when we split obp to + two instances: apis and portal. So portal one need its own hostname, portal_hostname can be used for it. 18/11/2019 de4aec71 Added props: grpc.server.enabled. default is false. 18/11/2019 4bd31563 Added props: grpc.server.port. if do not set this props, the grpc port will be set randomly when OBP starts. And you can call `Get API Configuration` endpoint to see the `grpc_port` there. When you set this props, need to