From ee4053f5619c07585fea6fdc0fa81e7c1fb4528b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Tue, 11 Oct 2022 11:29:21 +0200 Subject: [PATCH] feature/introduce CanGetCustomerOverview and CanGetCustomerOverviewFlat --- .../main/scala/code/api/util/ApiRole.scala | 6 ++++++ .../scala/code/api/v5_0_0/APIMethods500.scala | 20 ++++++------------- .../api/v5_0_0/CustomerOverviewTest.scala | 16 +++++++-------- 3 files changed, 20 insertions(+), 22 deletions(-) diff --git a/obp-api/src/main/scala/code/api/util/ApiRole.scala b/obp-api/src/main/scala/code/api/util/ApiRole.scala index 839f28d30..1c8df7055 100644 --- a/obp-api/src/main/scala/code/api/util/ApiRole.scala +++ b/obp-api/src/main/scala/code/api/util/ApiRole.scala @@ -96,6 +96,12 @@ object ApiRole { case class CanGetCustomer(requiresBankId: Boolean = true) extends ApiRole lazy val canGetCustomer = CanGetCustomer() + + case class CanGetCustomerOverview(requiresBankId: Boolean = true) extends ApiRole + lazy val canGetCustomerOverview = CanGetCustomerOverview() + + case class CanGetCustomerOverviewFlat(requiresBankId: Boolean = true) extends ApiRole + lazy val canGetCustomerOverviewFlat = CanGetCustomerOverviewFlat() case class CanCreateCustomer(requiresBankId: Boolean = true) extends ApiRole lazy val canCreateCustomer = CanCreateCustomer() diff --git a/obp-api/src/main/scala/code/api/v5_0_0/APIMethods500.scala b/obp-api/src/main/scala/code/api/v5_0_0/APIMethods500.scala index 02b61eabe..0ad770021 100644 --- a/obp-api/src/main/scala/code/api/v5_0_0/APIMethods500.scala +++ b/obp-api/src/main/scala/code/api/v5_0_0/APIMethods500.scala @@ -1040,21 +1040,17 @@ trait APIMethods500 { UnknownError ), List(apiTagCustomer, apiTagKyc ,apiTagNewStyle), - Some(List(canGetCustomer)) + Some(List(canGetCustomerOverview)) ) lazy val getCustomerOverview : OBPEndpoint = { case "banks" :: BankId(bankId) :: "customers" :: "customer-number-query" :: "overview" :: Nil JsonPost json -> req => { cc => for { - (Full(u), callContext) <- authenticatedAccess(cc) - (bank, callContext) <- NewStyle.function.getBank(bankId, callContext) - _ <- NewStyle.function.hasEntitlement(bankId.value, u.userId, canGetCustomer, callContext) - failMsg = s"$InvalidJsonFormat The Json body should be the $PostCustomerOverviewJsonV500 " - postedData <- NewStyle.function.tryons(failMsg, 400, callContext) { + postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the $PostCustomerOverviewJsonV500 ", 400, cc.callContext) { json.extract[PostCustomerOverviewJsonV500] } - (customer, callContext) <- NewStyle.function.getCustomerByCustomerNumber(postedData.customer_number, bank.bankId, callContext) + (customer, callContext) <- NewStyle.function.getCustomerByCustomerNumber(postedData.customer_number, bankId, cc.callContext) (customerAttributes, callContext) <- NewStyle.function.getCustomerAttributes( bankId, CustomerId(customer.customerId), @@ -1093,21 +1089,17 @@ trait APIMethods500 { UnknownError ), List(apiTagCustomer, apiTagKyc ,apiTagNewStyle), - Some(List(canGetCustomer)) + Some(List(canGetCustomerOverviewFlat)) ) lazy val getCustomerOverviewFlat : OBPEndpoint = { case "banks" :: BankId(bankId) :: "customers" :: "customer-number-query" :: "overview-flat" :: Nil JsonPost json -> req => { cc => for { - (Full(u), callContext) <- authenticatedAccess(cc) - (bank, callContext) <- NewStyle.function.getBank(bankId, callContext) - _ <- NewStyle.function.hasEntitlement(bankId.value, u.userId, canGetCustomer, callContext) - failMsg = s"$InvalidJsonFormat The Json body should be the $PostCustomerOverviewJsonV500 " - postedData <- NewStyle.function.tryons(failMsg, 400, callContext) { + postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the $PostCustomerOverviewJsonV500 ", 400, cc.callContext) { json.extract[PostCustomerOverviewJsonV500] } - (customer, callContext) <- NewStyle.function.getCustomerByCustomerNumber(postedData.customer_number, bank.bankId, callContext) + (customer, callContext) <- NewStyle.function.getCustomerByCustomerNumber(postedData.customer_number, bankId, cc.callContext) (customerAttributes, callContext) <- NewStyle.function.getCustomerAttributes( bankId, CustomerId(customer.customerId), diff --git a/obp-api/src/test/scala/code/api/v5_0_0/CustomerOverviewTest.scala b/obp-api/src/test/scala/code/api/v5_0_0/CustomerOverviewTest.scala index 4ec4f1b7b..3bfe5f6bd 100644 --- a/obp-api/src/test/scala/code/api/v5_0_0/CustomerOverviewTest.scala +++ b/obp-api/src/test/scala/code/api/v5_0_0/CustomerOverviewTest.scala @@ -87,13 +87,13 @@ class CustomerOverviewTest extends V500ServerSetup { val response = makePostRequest(request, write(getCustomerJson)) Then("We should get a 403") response.code should equal(403) - And("error should be " + canGetCustomer) + And("error should be " + canGetCustomerOverview) val errorMessage = response.body.extract[ErrorMessage].message errorMessage contains (UserHasMissingRoles) should be (true) - errorMessage contains (canGetCustomer.toString()) should be (true) + errorMessage contains (canGetCustomerOverview.toString()) should be (true) } scenario(s"We will call the endpoint $ApiEndpoint1 with a user credentials and a proper role", ApiEndpoint1, VersionOfApi) { - Entitlement.entitlement.vend.addEntitlement(bankId, resourceUser1.userId, CanGetCustomer.toString) + Entitlement.entitlement.vend.addEntitlement(bankId, resourceUser1.userId, CanGetCustomerOverview.toString) When(s"We make a request $VersionOfApi") val request = (v5_0_0_Request / "banks" / bankId / "customers" / "customer-number-query" / "overview").POST <@(user1) val response = makePostRequest(request, write(getCustomerJson)) @@ -106,7 +106,7 @@ class CustomerOverviewTest extends V500ServerSetup { val legalName = "Evelin Doe" val mobileNumber = "+44 123 456" val customer: CustomerJsonV310 = createCustomerEndpointV500(bankId, legalName, mobileNumber) - Entitlement.entitlement.vend.addEntitlement(bankId, resourceUser1.userId, CanGetCustomer.toString) + Entitlement.entitlement.vend.addEntitlement(bankId, resourceUser1.userId, CanGetCustomerOverview.toString) When(s"We make a request $VersionOfApi") val request = (v5_0_0_Request / "banks" / bankId / "customers" / "customer-number-query" / "overview").POST <@(user1) val response = makePostRequest(request, write(PostCustomerOverviewJsonV500(customer.customer_number))) @@ -140,13 +140,13 @@ class CustomerOverviewTest extends V500ServerSetup { val response = makePostRequest(request, write(getCustomerJson)) Then("We should get a 403") response.code should equal(403) - And("error should be " + canGetCustomer) + And("error should be " + canGetCustomerOverviewFlat) val errorMessage = response.body.extract[ErrorMessage].message errorMessage contains (UserHasMissingRoles) should be (true) - errorMessage contains (canGetCustomer.toString()) should be (true) + errorMessage contains (canGetCustomerOverviewFlat.toString()) should be (true) } scenario(s"We will call the endpoint $ApiEndpoint2 with a user credentials and a proper role", ApiEndpoint1, VersionOfApi) { - Entitlement.entitlement.vend.addEntitlement(bankId, resourceUser1.userId, CanGetCustomer.toString) + Entitlement.entitlement.vend.addEntitlement(bankId, resourceUser1.userId, CanGetCustomerOverviewFlat.toString) When(s"We make a request $VersionOfApi") val request = (v5_0_0_Request / "banks" / bankId / "customers" / "customer-number-query" / "overview-flat").POST <@(user1) val response = makePostRequest(request, write(getCustomerJson)) @@ -159,7 +159,7 @@ class CustomerOverviewTest extends V500ServerSetup { val legalName = "Evelin Doe" val mobileNumber = "+44 123 456" val customer: CustomerJsonV310 = createCustomerEndpointV500(bankId, legalName, mobileNumber) - Entitlement.entitlement.vend.addEntitlement(bankId, resourceUser1.userId, CanGetCustomer.toString) + Entitlement.entitlement.vend.addEntitlement(bankId, resourceUser1.userId, CanGetCustomerOverviewFlat.toString) When(s"We make a request $VersionOfApi") val request = (v5_0_0_Request / "banks" / bankId / "customers" / "customer-number-query" / "overview-flat").POST <@(user1) val response = makePostRequest(request, write(PostCustomerOverviewJsonV500(customer.customer_number)))