From 250d4ecce9d67282a16b97a6752be58ca238a8c8 Mon Sep 17 00:00:00 2001 From: macacia Date: Fri, 25 Oct 2024 17:27:11 +0200 Subject: [PATCH] feat: P4ADEV-1303-modify-GetUserInfo-to-handle-system-user (#105) --- ...horizeClientCredentialsRequestService.java | 7 +- .../user/IamUserInfoDTO2UserInfoMapper.java | 61 +++-- ...zeClientCredentialsRequestServiceTest.java | 7 +- .../IamUserInfoDTO2UserInfoMapperTest.java | 225 ++++++++++++------ 4 files changed, 200 insertions(+), 100 deletions(-) diff --git a/src/main/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestService.java b/src/main/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestService.java index e40d6537..4b88005a 100644 --- a/src/main/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestService.java +++ b/src/main/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestService.java @@ -10,7 +10,9 @@ @Service @Slf4j public class AuthorizeClientCredentialsRequestService { + private static final String PIATTAFORMA_UNITARIA_CLIENT_ID_PREFIX = "piattaforma-unitaria_"; + private final ClientService clientService; private final ClientMapper clientMapper; private final String piattaformaUnitariaClientSecret; @@ -41,11 +43,10 @@ private ClientDTO authorizeSilCredentials(String clientId, String clientSecret) private ClientDTO authorizePiattaformaUnitariaCredentials(String clientId, String clientSecret) { if (!clientSecret.equals(piattaformaUnitariaClientSecret)) throw new ClientUnauthorizedException("Unauthorized client for piattaforma-unitaria client-credentials"); - String[] splittedClientId = clientId.split("_"); return ClientDTO.builder() .clientId(clientId) - .clientName(splittedClientId[0]) - .organizationIpaCode(splittedClientId[1]) + .clientName(PIATTAFORMA_UNITARIA_CLIENT_ID_PREFIX) + .organizationIpaCode(clientId.substring(PIATTAFORMA_UNITARIA_CLIENT_ID_PREFIX.length())) .clientSecret(clientSecret) .build(); } diff --git a/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java b/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java index b29c05ff..0f37978e 100644 --- a/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java +++ b/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java @@ -6,17 +6,21 @@ import it.gov.pagopa.payhub.auth.model.User; import it.gov.pagopa.payhub.auth.repository.OperatorsRepository; import it.gov.pagopa.payhub.auth.repository.UsersRepository; +import it.gov.pagopa.payhub.auth.utils.Constants; import it.gov.pagopa.payhub.model.generated.UserInfo; import it.gov.pagopa.payhub.model.generated.UserOrganizationRoles; import org.springframework.stereotype.Service; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import java.util.function.Function; @Service public class IamUserInfoDTO2UserInfoMapper implements Function { + private static final String WS_USER_SUFFIX = "-WS_USER"; + private final UsersRepository usersRepository; private final OperatorsRepository operatorsRepository; @@ -27,26 +31,49 @@ public IamUserInfoDTO2UserInfoMapper(UsersRepository usersRepository, OperatorsR @Override public UserInfo apply(IamUserInfoDTO iamUserInfoDTO) { + if (iamUserInfoDTO.isSystemUser()) { + return systemUserMapper(iamUserInfoDTO); + } + return userInfoMapper(iamUserInfoDTO); + } + + private UserInfo systemUserMapper(IamUserInfoDTO iamUserInfoDTO) { + String organizationIpaCode = iamUserInfoDTO.getOrganizationAccess().getOrganizationIpaCode(); + return UserInfo.builder() + .userId(iamUserInfoDTO.getUserId()) + .mappedExternalUserId(organizationIpaCode + WS_USER_SUFFIX) + .fiscalCode(iamUserInfoDTO.getFiscalCode()) + .familyName(iamUserInfoDTO.getFamilyName()) + .name(iamUserInfoDTO.getName()) + .issuer(iamUserInfoDTO.getIssuer()) + .organizations(Collections.singletonList(UserOrganizationRoles.builder() + .organizationIpaCode(organizationIpaCode) + .roles(Collections.singletonList(Constants.ROLE_ADMIN)) + .build())) + .build(); + } + + private UserInfo userInfoMapper(IamUserInfoDTO iamUserInfoDTO) { User user = usersRepository.findById(iamUserInfoDTO.getInnerUserId()).orElseThrow(() -> new UserNotFoundException("Cannot found user having inner id:" + iamUserInfoDTO.getInnerUserId())); List userRoles = operatorsRepository.findAllByUserId(iamUserInfoDTO.getInnerUserId()); UserInfo userInfo = UserInfo.builder() - .userId(user.getUserId()) - .mappedExternalUserId(user.getMappedExternalUserId()) - .fiscalCode(iamUserInfoDTO.getFiscalCode()) - .familyName(iamUserInfoDTO.getFamilyName()) - .name(iamUserInfoDTO.getName()) - .issuer(iamUserInfoDTO.getIssuer()) - .organizations(userRoles.stream() - .map(r -> UserOrganizationRoles.builder() - .operatorId(r.getOperatorId()) - .organizationIpaCode(r.getOrganizationIpaCode()) - .roles(new ArrayList<>(r.getRoles())) - .email(r.getEmail()) - .build()) - .toList()) - .build(); - - if(iamUserInfoDTO.getOrganizationAccess()!=null){ + .userId(user.getUserId()) + .mappedExternalUserId(user.getMappedExternalUserId()) + .fiscalCode(iamUserInfoDTO.getFiscalCode()) + .familyName(iamUserInfoDTO.getFamilyName()) + .name(iamUserInfoDTO.getName()) + .issuer(iamUserInfoDTO.getIssuer()) + .organizations(userRoles.stream() + .map(r -> UserOrganizationRoles.builder() + .operatorId(r.getOperatorId()) + .organizationIpaCode(r.getOrganizationIpaCode()) + .roles(new ArrayList<>(r.getRoles())) + .email(r.getEmail()) + .build()) + .toList()) + .build(); + + if(iamUserInfoDTO.getOrganizationAccess() != null){ userInfo.setOrganizationAccess(iamUserInfoDTO.getOrganizationAccess().getOrganizationIpaCode()); } return userInfo; diff --git a/src/test/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestServiceTest.java b/src/test/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestServiceTest.java index 937ac58f..c557185e 100644 --- a/src/test/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestServiceTest.java @@ -93,16 +93,15 @@ void givenSystemUserWhenMatcherThenAssertionOk() { // Given String clientId = "piattaforma-unitaria_IPA_TEST"; String clientSecret = "SECRET"; - String[] splitted = clientId.split("_"); - + String piattaformaUnitaria = "piattaforma-unitaria_"; // When ClientDTO actualClientDTO = service.authorizeCredentials(clientId, clientSecret); // Then Assertions.assertEquals( ClientDTO.builder() .clientId(clientId) - .clientName(splitted[0]) - .organizationIpaCode(splitted[1]) + .clientName(piattaformaUnitaria) + .organizationIpaCode(clientId.substring((piattaformaUnitaria).length())) .clientSecret(clientSecret) .build(), actualClientDTO); } diff --git a/src/test/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapperTest.java b/src/test/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapperTest.java index c5c555e9..1ab2b3d2 100644 --- a/src/test/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapperTest.java +++ b/src/test/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapperTest.java @@ -7,6 +7,7 @@ import it.gov.pagopa.payhub.auth.model.User; import it.gov.pagopa.payhub.auth.repository.OperatorsRepository; import it.gov.pagopa.payhub.auth.repository.UsersRepository; +import it.gov.pagopa.payhub.auth.utils.Constants; import it.gov.pagopa.payhub.model.generated.UserInfo; import it.gov.pagopa.payhub.model.generated.UserOrganizationRoles; import org.junit.jupiter.api.AfterEach; @@ -45,9 +46,9 @@ void verifyNotMoreInteractions() { void givenNotUserWhenApplyThenUserNotFoundException(){ // Given IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() - .userId("EXTERNALUSERID") - .innerUserId("INNERUSERID") - .build(); + .userId("EXTERNALUSERID") + .innerUserId("INNERUSERID") + .build(); Mockito.when(usersRepositoryMock.findById(iamUserInfo.getInnerUserId())).thenReturn(Optional.empty()); @@ -59,84 +60,137 @@ void givenNotUserWhenApplyThenUserNotFoundException(){ void givenCompleteDataWhenApplyThenOk(){ // Given IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() - .userId("EXTERNALUSERID") - .innerUserId("INNERUSERID") - .fiscalCode("FISCALCODE") - .familyName("FAMILYNAME") - .name("NAME") - .issuer("ISSUER") - .organizationAccess(IamUserOrganizationRolesDTO.builder() - .organizationIpaCode("ORG") - .email("EMAIL") - .build()) - .build(); + .userId("EXTERNALUSERID") + .innerUserId("INNERUSERID") + .fiscalCode("FISCALCODE") + .familyName("FAMILYNAME") + .name("NAME") + .issuer("ISSUER") + .organizationAccess(IamUserOrganizationRolesDTO.builder() + .organizationIpaCode("ORG") + .email("EMAIL") + .build()) + .build(); User user = User.builder() - .userId(iamUserInfo.getInnerUserId()) - .mappedExternalUserId("MAPPEDEXTERNALUSERID") - .build(); + .userId(iamUserInfo.getInnerUserId()) + .mappedExternalUserId("MAPPEDEXTERNALUSERID") + .build(); List organizationRoles = List.of(Operator.builder() - .operatorId("OPERATORID") - .organizationIpaCode("ORG") - .roles(Set.of("ROLE")) - .build()); + .operatorId("OPERATORID") + .organizationIpaCode("ORG") + .roles(Set.of("ROLE")) + .email("EMAIL") + .build()); + + UserInfo expected = UserInfo.builder() + .userId("INNERUSERID") + .mappedExternalUserId("MAPPEDEXTERNALUSERID") + .fiscalCode("FISCALCODE") + .familyName("FAMILYNAME") + .name("NAME") + .issuer("ISSUER") + .organizationAccess("ORG") + .organizations(List.of(UserOrganizationRoles.builder() + .operatorId("OPERATORID") + .organizationIpaCode("ORG") + .roles(List.of("ROLE")) + .email("EMAIL") + .build())) + .build(); - testApplyOk(iamUserInfo, user, organizationRoles); + Mockito.when(usersRepositoryMock.findById(iamUserInfo.getInnerUserId())).thenReturn(Optional.of(user)); + Mockito.when(operatorsRepositoryMock.findAllByUserId(user.getUserId())).thenReturn(organizationRoles); + + // When + UserInfo result = mapper.apply(iamUserInfo); + + // Then + Assertions.assertEquals(expected, result); } @Test void givenNotOperatorsWhenApplyThenOk(){ // Given IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() - .userId("EXTERNALUSERID") - .innerUserId("INNERUSERID") - .fiscalCode("FISCALCODE") - .familyName("FAMILYNAME") - .name("NAME") - .issuer("ISSUER") - .organizationAccess(IamUserOrganizationRolesDTO.builder() - .organizationIpaCode("ORG") - .email("EMAIL") - .build()) - .build(); + .userId("EXTERNALUSERID") + .innerUserId("INNERUSERID") + .fiscalCode("FISCALCODE") + .familyName("FAMILYNAME") + .name("NAME") + .issuer("ISSUER") + .organizationAccess(IamUserOrganizationRolesDTO.builder() + .organizationIpaCode("ORG") + .email("EMAIL") + .build()) + .build(); User user = User.builder() - .userId(iamUserInfo.getInnerUserId()) - .mappedExternalUserId("MAPPEDEXTERNALUSERID") - .build(); + .userId(iamUserInfo.getInnerUserId()) + .mappedExternalUserId("MAPPEDEXTERNALUSERID") + .build(); + + UserInfo expected = UserInfo.builder() + .userId("INNERUSERID") + .mappedExternalUserId("MAPPEDEXTERNALUSERID") + .fiscalCode("FISCALCODE") + .familyName("FAMILYNAME") + .name("NAME") + .issuer("ISSUER") + .organizationAccess("ORG") + .organizations(Collections.emptyList()) + .build(); - testApplyOk(iamUserInfo, user, Collections.emptyList()); + Mockito.when(usersRepositoryMock.findById(iamUserInfo.getInnerUserId())).thenReturn(Optional.of(user)); + Mockito.when(operatorsRepositoryMock.findAllByUserId(user.getUserId())).thenReturn(Collections.emptyList()); + + // When + UserInfo result = mapper.apply(iamUserInfo); + + // Then + Assertions.assertEquals(expected, result); } @Test void givenNoOrganizationAccessWhenApplyThenOk(){ // Given IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() - .userId("EXTERNALUSERID") - .innerUserId("INNERUSERID") - .fiscalCode("FISCALCODE") - .familyName("FAMILYNAME") - .name("NAME") - .issuer("ISSUER") - .build(); + .userId("EXTERNALUSERID") + .innerUserId("INNERUSERID") + .fiscalCode("FISCALCODE") + .familyName("FAMILYNAME") + .name("NAME") + .issuer("ISSUER") + .build(); User user = User.builder() - .userId(iamUserInfo.getInnerUserId()) - .mappedExternalUserId("MAPPEDEXTERNALUSERID") - .build(); + .userId(iamUserInfo.getInnerUserId()) + .mappedExternalUserId("MAPPEDEXTERNALUSERID") + .build(); List organizationRoles = List.of(Operator.builder() - .operatorId("OPERATORID") - .organizationIpaCode("ORG") - .roles(Set.of("ROLE")) - .email("EMAIL") - .build()); + .operatorId("OPERATORID") + .organizationIpaCode("ORG") + .roles(Set.of("ROLE")) + .email("EMAIL") + .build()); + + UserInfo expected = UserInfo.builder() + .userId("INNERUSERID") + .mappedExternalUserId("MAPPEDEXTERNALUSERID") + .fiscalCode("FISCALCODE") + .familyName("FAMILYNAME") + .name("NAME") + .issuer("ISSUER") + .organizations(List.of(UserOrganizationRoles.builder() + .operatorId("OPERATORID") + .organizationIpaCode("ORG") + .roles(List.of("ROLE")) + .email("EMAIL") + .build())) + .build(); - testApplyOk(iamUserInfo, user, organizationRoles); - } - - private void testApplyOk(IamUserInfoDTO iamUserInfo, User user, List organizationRoles) { Mockito.when(usersRepositoryMock.findById(iamUserInfo.getInnerUserId())).thenReturn(Optional.of(user)); Mockito.when(operatorsRepositoryMock.findAllByUserId(user.getUserId())).thenReturn(organizationRoles); @@ -144,25 +198,44 @@ private void testApplyOk(IamUserInfoDTO iamUserInfo, User user, List o UserInfo result = mapper.apply(iamUserInfo); // Then - Assertions.assertEquals( - UserInfo.builder() - .userId(user.getUserId()) - .mappedExternalUserId(user.getMappedExternalUserId()) - .fiscalCode(iamUserInfo.getFiscalCode()) - .familyName(iamUserInfo.getFamilyName()) - .name(iamUserInfo.getName()) - .issuer(iamUserInfo.getIssuer()) - .organizationAccess(iamUserInfo.getOrganizationAccess()!=null? iamUserInfo.getOrganizationAccess().getOrganizationIpaCode(): null) - .organizations(organizationRoles.stream() - .map(r -> UserOrganizationRoles.builder() - .operatorId(r.getOperatorId()) - .organizationIpaCode(r.getOrganizationIpaCode()) - .roles(new ArrayList<>(r.getRoles())) - .email(r.getEmail()) - .build()) - .toList()) - .build(), - result - ); + Assertions.assertEquals(expected, result); } + + @Test + void givenSystemUserWhenApplyThenOk(){ + // Given + IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() + .systemUser(Boolean.TRUE) + .userId("EXTERNALUSERID") + .innerUserId("INNERUSERID") + .fiscalCode("FISCALCODE") + .familyName("FAMILYNAME") + .name("NAME") + .issuer("IPA_CODE") + .organizationAccess(IamUserOrganizationRolesDTO.builder() + .organizationIpaCode("IPA_CODE") + .roles(Collections.singletonList(Constants.ROLE_ADMIN)) + .build()) + .build(); + + UserInfo expected = UserInfo.builder() + .userId("EXTERNALUSERID") + .mappedExternalUserId("IPA_CODE-WS_USER") + .fiscalCode("FISCALCODE") + .familyName("FAMILYNAME") + .name("NAME") + .issuer("IPA_CODE") + .organizations(Collections.singletonList(UserOrganizationRoles.builder() + .organizationIpaCode("IPA_CODE") + .roles(List.of(Constants.ROLE_ADMIN)) + .build())) + .build(); + + // When + UserInfo result = mapper.apply(iamUserInfo); + + // Then + Assertions.assertEquals(expected, result); + } + }