mirror of
https://github.com/OpenBankProject/OBP-API.git
synced 2026-02-06 16:56:56 +00:00
refactor names hasOwnerView and hasView
This commit is contained in:
Simon Redfern
parent
79a3a1b4ff
commit
efdb47f5c3
@ -1291,7 +1291,7 @@ trait APIMethods200 {
|
||||
_ <- Views.views.vend.view(viewId, BankIdAccountId(fromAccount.bankId,fromAccount.accountId)) ?~! ViewNotFound
|
||||
_ <- tryo(availableViews.find(_ == viewId)) ?~! UserNoPermissionAccessView
|
||||
|
||||
_ <- booleanToBox(u.hasThisAccountOwnerView(fromAccount) == true || hasEntitlement(fromAccount.bankId.value, u.userId, canCreateAnyTransactionRequest) == true, InsufficientAuthorisationToCreateTransactionRequest)
|
||||
_ <- booleanToBox(u.hasOwnerView(fromAccount) == true || hasEntitlement(fromAccount.bankId.value, u.userId, canCreateAnyTransactionRequest) == true, InsufficientAuthorisationToCreateTransactionRequest)
|
||||
toBankId <- tryo(BankId(transBodyJson.to.bank_id))
|
||||
toAccountId <- tryo(AccountId(transBodyJson.to.account_id))
|
||||
toAccount <- BankAccount(toBankId, toAccountId) ?~! {ErrorMessages.CounterpartyNotFound}
|
||||
|
||||
@ -411,7 +411,7 @@ trait APIMethods210 {
|
||||
_ <- Bank(bankId) ?~! {BankNotFound}
|
||||
fromAccount <- BankAccount(bankId, accountId) ?~! {AccountNotFound}
|
||||
_ <- Views.views.vend.view(viewId, BankIdAccountId(fromAccount.bankId,fromAccount.accountId)) ?~! {ViewNotFound}
|
||||
isOwnerOrHasEntitlement <- booleanToBox(u.hasThisAccountOwnerView(fromAccount) == true ||
|
||||
isOwnerOrHasEntitlement <- booleanToBox(u.hasOwnerView(fromAccount) == true ||
|
||||
hasEntitlement(fromAccount.bankId.value, u.userId, canCreateAnyTransactionRequest) == true, InsufficientAuthorisationToCreateTransactionRequest)
|
||||
_ <- tryo(assert(Props.get("transactionRequests_supported_types", "").split(",").contains(transactionRequestType.value))) ?~!
|
||||
s"${InvalidTransactionRequestType}: '${transactionRequestType.value}'"
|
||||
@ -680,7 +680,7 @@ trait APIMethods210 {
|
||||
_ <- Bank(bankId) ?~! {BankNotFound}
|
||||
fromAccount <- BankAccount(bankId, accountId) ?~! {AccountNotFound}
|
||||
_ <- tryo(fromAccount.permittedViews(cc.user).find(_ == viewId)) ?~! {UserHasMissingRoles + viewId}
|
||||
_ <- booleanToBox(u.hasThisAccountOwnerView(fromAccount), UserNoOwnerView)
|
||||
_ <- booleanToBox(u.hasOwnerView(fromAccount), UserNoOwnerView)
|
||||
transactionRequests <- Connector.connector.vend.getTransactionRequests210(u, fromAccount)
|
||||
}
|
||||
yield {
|
||||
|
||||
@ -356,7 +356,7 @@ trait Connector extends MdcLoggable{
|
||||
for{
|
||||
fromAccount <- getBankAccount(fromAccountUID.bankId, fromAccountUID.accountId) ?~
|
||||
s"$BankAccountNotFound Account ${fromAccountUID.accountId} not found at bank ${fromAccountUID.bankId}"
|
||||
isOwner <- booleanToBox(initiator.hasThisAccountOwnerView(fromAccount), "user does not have access to owner view")
|
||||
isOwner <- booleanToBox(initiator.hasOwnerView(fromAccount), "user does not have access to owner view")
|
||||
toAccount <- getBankAccount(toAccountUID.bankId, toAccountUID.accountId) ?~
|
||||
s"$BankAccountNotFound Account ${toAccountUID.accountId} not found at bank ${toAccountUID.bankId}"
|
||||
sameCurrency <- booleanToBox(fromAccount.currency == toAccount.currency, {
|
||||
@ -426,7 +426,7 @@ trait Connector extends MdcLoggable{
|
||||
val request = for {
|
||||
fromAccountType <- getBankAccount(fromAccount.bankId, fromAccount.accountId) ?~
|
||||
s"account ${fromAccount.accountId} not found at bank ${fromAccount.bankId}"
|
||||
isOwner <- booleanToBox(initiator.hasThisAccountOwnerView(fromAccount), "user does not have access to owner view")
|
||||
isOwner <- booleanToBox(initiator.hasOwnerView(fromAccount), "user does not have access to owner view")
|
||||
toAccountType <- getBankAccount(toAccount.bankId, toAccount.accountId) ?~
|
||||
s"account ${toAccount.accountId} not found at bank ${toAccount.bankId}"
|
||||
rawAmt <- tryo { BigDecimal(body.value.amount) } ?~! s"amount ${body.value.amount} not convertible to number"
|
||||
@ -485,7 +485,7 @@ trait Connector extends MdcLoggable{
|
||||
// Always create a new Transaction Request
|
||||
val request = for {
|
||||
fromAccountType <- getBankAccount(fromAccount.bankId, fromAccount.accountId) ?~ s"account ${fromAccount.accountId} not found at bank ${fromAccount.bankId}"
|
||||
isOwner <- booleanToBox(initiator.hasThisAccountOwnerView(fromAccount) == true || hasEntitlement(fromAccount.bankId.value, initiator.userId, canCreateAnyTransactionRequest) == true, ErrorMessages.InsufficientAuthorisationToCreateTransactionRequest)
|
||||
isOwner <- booleanToBox(initiator.hasOwnerView(fromAccount) == true || hasEntitlement(fromAccount.bankId.value, initiator.userId, canCreateAnyTransactionRequest) == true, ErrorMessages.InsufficientAuthorisationToCreateTransactionRequest)
|
||||
toAccountType <- getBankAccount(toAccount.bankId, toAccount.accountId) ?~ s"account ${toAccount.accountId} not found at bank ${toAccount.bankId}"
|
||||
rawAmt <- tryo { BigDecimal(body.value.amount) } ?~! s"amount ${body.value.amount} not convertible to number"
|
||||
// isValidTransactionRequestType is checked at API layer. Maybe here too.
|
||||
@ -723,7 +723,7 @@ trait Connector extends MdcLoggable{
|
||||
for {
|
||||
fromAccount <- getBankAccount(fromAccount.bankId, fromAccount.accountId) ?~
|
||||
s"account ${fromAccount.accountId} not found at bank ${fromAccount.bankId}"
|
||||
isOwner <- booleanToBox(initiator.hasThisAccountOwnerView(fromAccount), "user does not have access to owner view")
|
||||
isOwner <- booleanToBox(initiator.hasOwnerView(fromAccount), "user does not have access to owner view")
|
||||
transactionRequests <- getTransactionRequestsImpl(fromAccount)
|
||||
} yield transactionRequests
|
||||
|
||||
@ -784,7 +784,7 @@ trait Connector extends MdcLoggable{
|
||||
for {
|
||||
fromAccount <- getBankAccount(fromAccount.bankId, fromAccount.accountId) ?~
|
||||
s"account ${fromAccount.accountId} not found at bank ${fromAccount.bankId}"
|
||||
isOwner <- booleanToBox(initiator.hasThisAccountOwnerView(fromAccount), "user does not have access to owner view")
|
||||
isOwner <- booleanToBox(initiator.hasOwnerView(fromAccount), "user does not have access to owner view")
|
||||
transactionRequestTypes <- getTransactionRequestTypesImpl(fromAccount)
|
||||
} yield transactionRequestTypes
|
||||
}
|
||||
|
||||
@ -325,7 +325,7 @@ trait BankAccount extends MdcLoggable {
|
||||
* Delete this account (if connector allows it, e.g. local mirror of account data)
|
||||
* */
|
||||
final def remove(user : User): Box[Boolean] = {
|
||||
if(user.hasThisAccountOwnerView(this)){
|
||||
if(user.hasOwnerView(this)){
|
||||
Full(Connector.connector.vend.removeAccount(this.bankId, this.accountId).openOrThrowException(attemptedToOpenAnEmptyBox))
|
||||
} else {
|
||||
Failure("user : " + user.emailAddress + " does not have access to owner view on account " + accountId, Empty, Empty)
|
||||
@ -333,7 +333,7 @@ trait BankAccount extends MdcLoggable {
|
||||
}
|
||||
|
||||
final def updateLabel(user : User, label : String): Box[Boolean] = {
|
||||
if(user.hasThisAccountOwnerView(this)){
|
||||
if(user.hasOwnerView(this)){
|
||||
Connector.connector.vend.updateAccountLabel(this.bankId, this.accountId, label)
|
||||
} else {
|
||||
Failure("user : " + user.emailAddress + " does not have access to owner view on account " + accountId, Empty, Empty)
|
||||
@ -400,7 +400,7 @@ trait BankAccount extends MdcLoggable {
|
||||
case Some(u) if view.isFirehose && APIUtil.canUseFirehose(u) =>
|
||||
true
|
||||
case Some(u) =>
|
||||
u.hasThisView(view)
|
||||
u.hasView(view)
|
||||
case _ =>
|
||||
false
|
||||
}
|
||||
@ -412,7 +412,7 @@ trait BankAccount extends MdcLoggable {
|
||||
*/
|
||||
final def permissions(user : User) : Box[List[Permission]] = {
|
||||
//check if the user have access to the owner view in this the account
|
||||
if(user.hasThisAccountOwnerView(this))
|
||||
if(user.hasOwnerView(this))
|
||||
Full(Views.views.vend.permissions(BankIdAccountId(this.bankId,this.accountId)))
|
||||
else
|
||||
Failure("user " + user.emailAddress + " does not have access to owner view on account " + accountId, Empty, Empty)
|
||||
@ -426,7 +426,7 @@ trait BankAccount extends MdcLoggable {
|
||||
*/
|
||||
final def permission(user : User, otherUserProvider : String, otherUserIdGivenByProvider: String) : Box[Permission] = {
|
||||
//check if the user have access to the owner view in this the account
|
||||
if(user.hasThisAccountOwnerView(this))
|
||||
if(user.hasOwnerView(this))
|
||||
for{
|
||||
u <- User.findByProviderId(otherUserProvider, otherUserIdGivenByProvider)
|
||||
p <- Views.views.vend.permission(BankIdAccountId(this.bankId,this.accountId), u)
|
||||
@ -444,7 +444,7 @@ trait BankAccount extends MdcLoggable {
|
||||
*/
|
||||
final def addPermission(user : User, viewUID : ViewIdBankIdAccountId, otherUserProvider : String, otherUserIdGivenByProvider: String) : Box[View] = {
|
||||
//check if the user have access to the owner view in this the account
|
||||
if(user.hasThisAccountOwnerView(this))
|
||||
if(user.hasOwnerView(this))
|
||||
for{
|
||||
otherUser <- User.findByProviderId(otherUserProvider, otherUserIdGivenByProvider) //check if the userId corresponds to a user
|
||||
savedView <- Views.views.vend.addPermission(viewUID, otherUser) ?~ "could not save the privilege"
|
||||
@ -462,7 +462,7 @@ trait BankAccount extends MdcLoggable {
|
||||
*/
|
||||
final def addPermissions(user : User, viewUIDs : List[ViewIdBankIdAccountId], otherUserProvider : String, otherUserIdGivenByProvider: String) : Box[List[View]] = {
|
||||
//check if the user have access to the owner view in this the account
|
||||
if(user.hasThisAccountOwnerView(this))
|
||||
if(user.hasOwnerView(this))
|
||||
for{
|
||||
otherUser <- User.findByProviderId(otherUserProvider, otherUserIdGivenByProvider) //check if the userId corresponds to a user
|
||||
grantedViews <- Views.views.vend.addPermissions(viewUIDs, otherUser) ?~ "could not save the privilege"
|
||||
@ -480,7 +480,7 @@ trait BankAccount extends MdcLoggable {
|
||||
*/
|
||||
final def revokePermission(user : User, viewUID : ViewIdBankIdAccountId, otherUserProvider : String, otherUserIdGivenByProvider: String) : Box[Boolean] = {
|
||||
//check if the user have access to the owner view in this the account
|
||||
if(user.hasThisAccountOwnerView(this))
|
||||
if(user.hasOwnerView(this))
|
||||
for{
|
||||
otherUser <- User.findByProviderId(otherUserProvider, otherUserIdGivenByProvider) //check if the userId corresponds to a user
|
||||
isRevoked <- Views.views.vend.revokePermission(viewUID, otherUser) ?~ "could not revoke the privilege"
|
||||
@ -499,7 +499,7 @@ trait BankAccount extends MdcLoggable {
|
||||
|
||||
final def revokeAllPermissions(user : User, otherUserProvider : String, otherUserIdGivenByProvider: String) : Box[Boolean] = {
|
||||
//check if the user have access to the owner view in this the account
|
||||
if(user.hasThisAccountOwnerView(this))
|
||||
if(user.hasOwnerView(this))
|
||||
for{
|
||||
otherUser <- User.findByProviderId(otherUserProvider, otherUserIdGivenByProvider) //check if the userId corresponds to a user
|
||||
isRevoked <- Views.views.vend.revokeAllPermissions(bankId, accountId, otherUser)
|
||||
@ -515,14 +515,14 @@ trait BankAccount extends MdcLoggable {
|
||||
|
||||
final def views(user : User) : Box[List[View]] = {
|
||||
//check if the user has access to the owner view in this the account
|
||||
if(user.hasThisAccountOwnerView(this)) {
|
||||
if(user.hasOwnerView(this)) {
|
||||
Full(Views.views.vend.views(BankIdAccountId(this.bankId,this.accountId))) }
|
||||
else
|
||||
Failure("user : " + user.emailAddress + " does not have access to owner view on account " + accountId, Empty, Empty)
|
||||
}
|
||||
|
||||
final def createView(userDoingTheCreate : User,v: CreateViewJson): Box[View] = {
|
||||
if(!userDoingTheCreate.hasThisAccountOwnerView(this)) {
|
||||
if(!userDoingTheCreate.hasOwnerView(this)) {
|
||||
Failure({"user: " + userDoingTheCreate.idGivenByProvider + " at provider " + userDoingTheCreate.provider + " does not have owner access"})
|
||||
} else {
|
||||
val view = Views.views.vend.createView(BankIdAccountId(this.bankId,this.accountId), v)
|
||||
@ -537,7 +537,7 @@ trait BankAccount extends MdcLoggable {
|
||||
}
|
||||
|
||||
final def updateView(userDoingTheUpdate : User, viewId : ViewId, v: UpdateViewJSON) : Box[View] = {
|
||||
if(!userDoingTheUpdate.hasThisAccountOwnerView(this)) {
|
||||
if(!userDoingTheUpdate.hasOwnerView(this)) {
|
||||
Failure({"user: " + userDoingTheUpdate.idGivenByProvider + " at provider " + userDoingTheUpdate.provider + " does not have owner access"})
|
||||
} else {
|
||||
val view = Views.views.vend.updateView(BankIdAccountId(this.bankId,this.accountId), viewId, v)
|
||||
@ -552,7 +552,7 @@ trait BankAccount extends MdcLoggable {
|
||||
}
|
||||
|
||||
final def removeView(userDoingTheRemove : User, viewId: ViewId) : Box[Unit] = {
|
||||
if(!userDoingTheRemove.hasThisAccountOwnerView(this)) {
|
||||
if(!userDoingTheRemove.hasOwnerView(this)) {
|
||||
return Failure({"user: " + userDoingTheRemove.idGivenByProvider + " at provider " + userDoingTheRemove.provider + " does not have owner access"})
|
||||
} else {
|
||||
val deleted = Views.views.vend.removeView(viewId, BankIdAccountId(this.bankId,this.accountId))
|
||||
|
||||
@ -128,7 +128,7 @@ class ModeratedTransactionMetadata(
|
||||
u <- Box(user) ?~ { "User must be logged in"}
|
||||
tagList <- Box(tags) ?~ { "You must be able to see tags in order to delete them"}
|
||||
tag <- Box(tagList.find(tag => tag.id_ == tagId)) ?~ {"Tag with id " + tagId + "not found for this transaction"}
|
||||
deleteFunc <- if(tag.postedBy == user || u.hasThisAccountOwnerView(bankAccount))
|
||||
deleteFunc <- if(tag.postedBy == user || u.hasOwnerView(bankAccount))
|
||||
Box(deleteTag) ?~ "Deleting tags not permitted for this view"
|
||||
else
|
||||
Failure("deleting tags not permitted for the current user")
|
||||
@ -145,7 +145,7 @@ class ModeratedTransactionMetadata(
|
||||
u <- Box(user) ?~ { "User must be logged in"}
|
||||
imageList <- Box(images) ?~ { "You must be able to see images in order to delete them"}
|
||||
image <- Box(imageList.find(image => image.id_ == imageId)) ?~ {"Image with id " + imageId + "not found for this transaction"}
|
||||
deleteFunc <- if(image.postedBy == user || u.hasThisAccountOwnerView(bankAccount))
|
||||
deleteFunc <- if(image.postedBy == user || u.hasOwnerView(bankAccount))
|
||||
Box(deleteImage) ?~ "Deleting images not permitted for this view"
|
||||
else
|
||||
Failure("Deleting images not permitted for the current user")
|
||||
@ -159,7 +159,7 @@ class ModeratedTransactionMetadata(
|
||||
u <- Box(user) ?~ { "User must be logged in"}
|
||||
commentList <- Box(comments) ?~ {"You must be able to see comments in order to delete them"}
|
||||
comment <- Box(commentList.find(comment => comment.id_ == commentId)) ?~ {"Comment with id "+commentId+" not found for this transaction"}
|
||||
deleteFunc <- if(comment.postedBy == user || u.hasThisAccountOwnerView(bankAccount))
|
||||
deleteFunc <- if(comment.postedBy == user || u.hasOwnerView(bankAccount))
|
||||
Box(deleteComment) ?~ "Deleting comments not permitted for this view"
|
||||
else
|
||||
Failure("Deleting comments not permitted for the current user")
|
||||
@ -173,7 +173,7 @@ class ModeratedTransactionMetadata(
|
||||
u <- Box(user) ?~ { "User must be logged in"}
|
||||
whereTagOption <- Box(whereTag) ?~ {"You must be able to see the where tag in order to delete it"}
|
||||
whereTag <- Box(whereTagOption) ?~ {"there is no tag to delete"}
|
||||
deleteFunc <- if(whereTag.postedBy == user || u.hasThisAccountOwnerView(bankAccount))
|
||||
deleteFunc <- if(whereTag.postedBy == user || u.hasOwnerView(bankAccount))
|
||||
Box(deleteWhereTag) ?~ "Deleting tag is not permitted for this view"
|
||||
else
|
||||
Failure("Deleting tags not permitted for the current user")
|
||||
|
||||
@ -72,8 +72,8 @@ trait User extends MdcLoggable {
|
||||
(privateViewsUserCanAccess++publicViewsUserCanAccess).distinct
|
||||
|
||||
}
|
||||
final def hasThisView(v: View): Boolean = allViewsUserCanAccess.contains(v)
|
||||
final def hasThisAccountOwnerView(bankAccount: BankAccount): Boolean ={
|
||||
final def hasView(v: View): Boolean = allViewsUserCanAccess.contains(v)
|
||||
final def hasOwnerView(bankAccount: BankAccount): Boolean ={
|
||||
//find the bankAccount owner view object
|
||||
val viewImplBox = ViewImpl.find(ViewId("owner"),BankIdAccountId(bankAccount.bankId, bankAccount.accountId))
|
||||
val viewImpl = viewImplBox match {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user