diff --git a/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/UserRestController.java b/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/UserRestController.java index 18bec4b..f9ac063 100644 --- a/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/UserRestController.java +++ b/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/UserRestController.java @@ -13,12 +13,13 @@ import org.tkit.onecx.permission.bff.rs.mappers.UserMapper; import gen.org.tkit.onecx.permission.bff.rs.internal.UserApiService; -import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserRolesAndPermissionsCriteriaDTO; -import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserRolesAndPermissionsPageResultDTO; +import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserCriteriaDTO; +import gen.org.tkit.onecx.permission.client.api.AssignmentInternalApi; import gen.org.tkit.onecx.permission.client.api.PermissionInternalApi; import gen.org.tkit.onecx.permission.client.api.RoleInternalApi; import gen.org.tkit.onecx.permission.client.model.PermissionPageResult; import gen.org.tkit.onecx.permission.client.model.RolePageResult; +import gen.org.tkit.onecx.permission.client.model.UserAssignmentPageResult; public class UserRestController implements UserApiService { @@ -35,22 +36,41 @@ public class UserRestController implements UserApiService { @RestClient PermissionInternalApi permissionClient; + @Inject + @RestClient + AssignmentInternalApi assignmentClient; + @Inject HttpHeaders headers; @Override - public Response getUserRolesAndPermissions(UserRolesAndPermissionsCriteriaDTO userRolesAndPermissionsCriteriaDTO) { - UserRolesAndPermissionsPageResultDTO resultDTO; + public Response getUserRoles(UserCriteriaDTO userCriteriaDTO) { var token = headers.getHeaderString(AUTHORIZATION); try (Response roleResponse = roleClient - .getUserRoles(userMapper.mapRoleRequest(userRolesAndPermissionsCriteriaDTO, token))) { - try (Response permissionResponse = permissionClient - .getUsersPermissions(userMapper.mapPermissionRequest(userRolesAndPermissionsCriteriaDTO, token))) { - resultDTO = userMapper.map(roleResponse.readEntity(RolePageResult.class), - permissionResponse.readEntity(PermissionPageResult.class)); - } + .getUserRoles(userMapper.mapUserRoleRequest(userCriteriaDTO, token))) { + return Response.status(Response.Status.OK) + .entity(userMapper.map(roleResponse.readEntity(RolePageResult.class))).build(); + } + } + + @Override + public Response getUserPermissions(UserCriteriaDTO userCriteriaDTO) { + var token = headers.getHeaderString(AUTHORIZATION); + try (Response permissionResponse = permissionClient + .getUsersPermissions(userMapper.mapUserPermissionRequest(userCriteriaDTO, token))) { + return Response.status(Response.Status.OK).entity(userMapper.map( + permissionResponse.readEntity(PermissionPageResult.class))).build(); + } + } + + @Override + public Response getUserAssignments(UserCriteriaDTO userCriteriaDTO) { + var token = headers.getHeaderString(AUTHORIZATION); + try (Response assignmentResponse = assignmentClient + .getUserAssignments(userMapper.mapUserAssignmentRequest(userCriteriaDTO, token))) { + return Response.status(Response.Status.OK).entity(userMapper.map( + assignmentResponse.readEntity(UserAssignmentPageResult.class))).build(); } - return Response.status(Response.Status.OK).entity(resultDTO).build(); } @ServerExceptionMapper diff --git a/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/UserMapper.java b/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/UserMapper.java index 5133d5a..d79223e 100644 --- a/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/UserMapper.java +++ b/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/UserMapper.java @@ -4,33 +4,28 @@ import org.mapstruct.Mapping; import org.tkit.quarkus.rs.mappers.OffsetDateTimeMapper; -import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserRolesAndPermissionsCriteriaDTO; -import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserRolesAndPermissionsPageResultDTO; -import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserRolesAndPermissionsPageResultPermissionsDTO; -import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserRolesAndPermissionsPageResultRolesDTO; -import gen.org.tkit.onecx.permission.client.model.PermissionPageResult; -import gen.org.tkit.onecx.permission.client.model.PermissionRequest; -import gen.org.tkit.onecx.permission.client.model.RolePageResult; -import gen.org.tkit.onecx.permission.client.model.RoleRequest; +import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserAssignmentPageResultDTO; +import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserCriteriaDTO; +import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserPermissionsPageResultDTO; +import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserRolesPageResultDTO; +import gen.org.tkit.onecx.permission.client.model.*; @Mapper(uses = { OffsetDateTimeMapper.class }) public interface UserMapper { - @Mapping(target = "pageSize", source = "userRolesAndPermissionsCriteriaDTO.rolesPageSize") - @Mapping(target = "pageNumber", source = "userRolesAndPermissionsCriteriaDTO.rolesPageNumber") - RoleRequest mapRoleRequest(UserRolesAndPermissionsCriteriaDTO userRolesAndPermissionsCriteriaDTO, String token); + RoleRequest mapUserRoleRequest(UserCriteriaDTO userCriteriaDTO, String token); - @Mapping(target = "pageSize", source = "userRolesAndPermissionsCriteriaDTO.permissionsPageSize") - @Mapping(target = "pageNumber", source = "userRolesAndPermissionsCriteriaDTO.permissionsPageNumber") - PermissionRequest mapPermissionRequest(UserRolesAndPermissionsCriteriaDTO userRolesAndPermissionsCriteriaDTO, String token); + PermissionRequest mapUserPermissionRequest(UserCriteriaDTO userCriteriaDTO, String token); - @Mapping(target = "roles", source = "rolePageResult") - @Mapping(target = "permissions", source = "permissionPageResult") - UserRolesAndPermissionsPageResultDTO map(RolePageResult rolePageResult, PermissionPageResult permissionPageResult); + AssignmentRequest mapUserAssignmentRequest(UserCriteriaDTO userCriteriaDTO, String token); @Mapping(target = "removeStreamItem", ignore = true) - UserRolesAndPermissionsPageResultRolesDTO map(RolePageResult rolePageResult); + UserPermissionsPageResultDTO map(PermissionPageResult permissionPageResult); @Mapping(target = "removeStreamItem", ignore = true) - UserRolesAndPermissionsPageResultPermissionsDTO map(PermissionPageResult permissionPageResult); + UserRolesPageResultDTO map(RolePageResult rolePageResult); + + @Mapping(target = "removeStreamItem", ignore = true) + UserAssignmentPageResultDTO map(UserAssignmentPageResult pageResult); + } diff --git a/src/main/openapi/openapi-bff.yaml b/src/main/openapi/openapi-bff.yaml index 3be214e..0ce3b64 100644 --- a/src/main/openapi/openapi-bff.yaml +++ b/src/main/openapi/openapi-bff.yaml @@ -657,7 +657,7 @@ paths: application/json: schema: $ref: '#/components/schemas/WorkspaceDetails' - /user/me: + /user/permissions: post: x-onecx: permissions: @@ -665,23 +665,115 @@ paths: - read tags: - user - description: get user roles and permissions - operationId: getUserRolesAndPermissions + description: get user permissions + operationId: getUserPermissions requestBody: required: true content: application/json: schema: - $ref: '#/components/schemas/UserRolesAndPermissionsCriteria' + $ref: '#/components/schemas/UserCriteria' responses: "200": description: OK content: application/json: schema: - $ref: '#/components/schemas/UserRolesAndPermissionsPageResult' + $ref: '#/components/schemas/UserPermissionsPageResult' + /user/roles: + post: + x-onecx: + permissions: + role: + - read + tags: + - user + description: get user roles + operationId: getUserRoles + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/UserCriteria' + responses: + "200": + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/UserRolesPageResult' + /user/assignments: + post: + x-onecx: + permissions: + assignment: + - read + tags: + - user + description: get user assignments + operationId: getUserAssignments + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/UserCriteria' + responses: + "200": + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/UserAssignmentPageResult' components: schemas: + UserCriteria: + type: object + properties: + pageNumber: + format: int32 + description: The number of page. + default: 0 + type: integer + pageSize: + format: int32 + description: The size of page + default: 100 + type: integer + UserAssignmentPageResult: + type: object + properties: + totalElements: + format: int64 + description: The total elements in the resource. + type: integer + number: + format: int32 + type: integer + size: + format: int32 + type: integer + totalPages: + format: int64 + type: integer + stream: + type: array + items: + $ref: '#/components/schemas/UserAssignment' + UserAssignment: + type: object + properties: + roleName: + type: string + productName: + type: string + applicationId: + type: string + resource: + type: string + action: + type: string UserRolesAndPermissionsCriteria: type: object properties: @@ -705,49 +797,46 @@ components: description: The size of page default: 100 type: integer - UserRolesAndPermissionsPageResult: + UserPermissionsPageResult: type: object properties: - roles: - type: object - properties: - totalElements: - format: int64 - description: The total elements in the resource. - type: integer - number: - format: int32 - type: integer - size: - format: int32 - type: integer - totalPages: - format: int64 - type: integer - stream: - type: array - items: - $ref: '#/components/schemas/Role' - permissions: - type: object - properties: - totalElements: - format: int64 - description: The total elements in the resource. - type: integer - number: - format: int32 - type: integer - size: - format: int32 - type: integer - totalPages: - format: int64 - type: integer - stream: - type: array - items: - $ref: '#/components/schemas/Permission' + totalElements: + format: int64 + description: The total elements in the resource. + type: integer + number: + format: int32 + type: integer + size: + format: int32 + type: integer + totalPages: + format: int64 + type: integer + stream: + type: array + items: + $ref: '#/components/schemas/Permission' + UserRolesPageResult: + type: object + properties: + totalElements: + format: int64 + description: The total elements in the resource. + type: integer + number: + format: int32 + type: integer + size: + format: int32 + type: integer + totalPages: + format: int64 + type: integer + stream: + type: array + items: + $ref: '#/components/schemas/Role' CreateRolesRequest: type: object properties: diff --git a/src/test/java/org/tkit/onecx/permission/rs/UserRestControllerTest.java b/src/test/java/org/tkit/onecx/permission/rs/UserRestControllerTest.java index 53635c8..4719946 100644 --- a/src/test/java/org/tkit/onecx/permission/rs/UserRestControllerTest.java +++ b/src/test/java/org/tkit/onecx/permission/rs/UserRestControllerTest.java @@ -17,8 +17,7 @@ import org.mockserver.model.MediaType; import org.tkit.onecx.permission.bff.rs.controllers.UserRestController; -import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserRolesAndPermissionsCriteriaDTO; -import gen.org.tkit.onecx.permission.bff.rs.internal.model.UserRolesAndPermissionsPageResultDTO; +import gen.org.tkit.onecx.permission.bff.rs.internal.model.*; import gen.org.tkit.onecx.permission.client.model.*; import io.quarkiverse.mockserver.test.InjectMockServerClient; import io.quarkus.test.common.http.TestHTTPEndpoint; @@ -34,7 +33,7 @@ class UserRestControllerTest extends AbstractTest { final String TOKEN = keycloakClient.getAccessToken(ADMIN); @Test - void getUserRolesAndPermissions() { + void getUserRoles() { var testToken = "Bearer " + TOKEN; RoleRequest roleRequest = new RoleRequest(); roleRequest.pageNumber(0).pageSize(5).token(testToken); @@ -48,6 +47,31 @@ void getUserRolesAndPermissions() { .withContentType(MediaType.APPLICATION_JSON) .withBody(JsonBody.json(roleResponse))); + UserCriteriaDTO criteriaDTO = new UserCriteriaDTO(); + criteriaDTO.setPageNumber(0); + criteriaDTO.setPageSize(5); + + var output = given() + .when() + .auth().oauth2(TOKEN) + .header(APM_HEADER_PARAM, ADMIN) + .contentType(APPLICATION_JSON) + .body(criteriaDTO) + .post("/roles") + .then() + .statusCode(Response.Status.OK.getStatusCode()) + .contentType(APPLICATION_JSON) + .extract().as(UserRolesPageResultDTO.class); + + Assertions.assertNotNull(output); + Assertions.assertEquals(1, output.getStream().size()); + mockServerClient.clear("mock1"); + } + + @Test + void getUserPermissions() { + var testToken = "Bearer " + TOKEN; + PermissionRequest permissionRequest = new PermissionRequest(); permissionRequest.pageNumber(0).pageSize(5).token(testToken); @@ -60,11 +84,9 @@ void getUserRolesAndPermissions() { .withContentType(MediaType.APPLICATION_JSON) .withBody(JsonBody.json(permissionResponse))); - UserRolesAndPermissionsCriteriaDTO criteriaDTO = new UserRolesAndPermissionsCriteriaDTO(); - criteriaDTO.setPermissionsPageNumber(0); - criteriaDTO.setPermissionsPageSize(5); - criteriaDTO.setRolesPageNumber(0); - criteriaDTO.setRolesPageSize(5); + UserCriteriaDTO criteriaDTO = new UserCriteriaDTO(); + criteriaDTO.setPageNumber(0); + criteriaDTO.setPageSize(5); var output = given() .when() @@ -72,22 +94,55 @@ void getUserRolesAndPermissions() { .header(APM_HEADER_PARAM, ADMIN) .contentType(APPLICATION_JSON) .body(criteriaDTO) - .post() + .post("/permissions") .then() .statusCode(Response.Status.OK.getStatusCode()) .contentType(APPLICATION_JSON) - .extract().as(UserRolesAndPermissionsPageResultDTO.class); + .extract().as(UserPermissionsPageResultDTO.class); Assertions.assertNotNull(output); - Assertions.assertEquals(1, output.getRoles().getStream().size()); - Assertions.assertEquals(1, output.getPermissions().getStream().size()); + Assertions.assertEquals(1, output.getStream().size()); + mockServerClient.clear("mock2"); + } + @Test + void getUserAssignments() { + var testToken = "Bearer " + TOKEN; + AssignmentRequest assignmentRequest = new AssignmentRequest(); + assignmentRequest.pageNumber(0).pageSize(5).token(testToken); + + UserAssignmentPageResult assignmentResponse = new UserAssignmentPageResult(); + assignmentResponse.stream(List.of(new UserAssignment().roleName("role1").applicationId("app1"))); + mockServerClient.when(request().withPath("/internal/assignments/me").withMethod(HttpMethod.POST) + .withBody(JsonBody.json(assignmentRequest))) + .withId("mock1") + .respond(httpRequest -> response().withStatusCode(Response.Status.OK.getStatusCode()) + .withContentType(MediaType.APPLICATION_JSON) + .withBody(JsonBody.json(assignmentResponse))); + + UserCriteriaDTO criteriaDTO = new UserCriteriaDTO(); + criteriaDTO.setPageNumber(0); + criteriaDTO.setPageSize(5); + + var output = given() + .when() + .auth().oauth2(TOKEN) + .header(APM_HEADER_PARAM, ADMIN) + .contentType(APPLICATION_JSON) + .body(criteriaDTO) + .post("/assignments") + .then() + .statusCode(Response.Status.OK.getStatusCode()) + .contentType(APPLICATION_JSON) + .extract().as(UserAssignmentPageResultDTO.class); + + Assertions.assertNotNull(output); + Assertions.assertEquals(1, output.getStream().size()); mockServerClient.clear("mock1"); - mockServerClient.clear("mock2"); } @Test - void getUserRolesAndPermissions_BAD_REQUEST() { + void getUserRoles_BAD_REQUEST() { var testToken = "Bearer " + TOKEN; RoleRequest roleRequest = new RoleRequest(); roleRequest.pageNumber(0).pageSize(5).token(testToken); @@ -98,6 +153,29 @@ void getUserRolesAndPermissions_BAD_REQUEST() { .respond(httpRequest -> response().withStatusCode(Response.Status.BAD_REQUEST.getStatusCode()) .withContentType(MediaType.APPLICATION_JSON)); + UserCriteriaDTO criteriaDTO = new UserCriteriaDTO(); + criteriaDTO.setPageNumber(0); + criteriaDTO.setPageSize(5); + + var output = given() + .when() + .auth().oauth2(TOKEN) + .header(APM_HEADER_PARAM, ADMIN) + .contentType(APPLICATION_JSON) + .body(criteriaDTO) + .post("/roles") + .then() + .statusCode(Response.Status.BAD_REQUEST.getStatusCode()); + + Assertions.assertNotNull(output); + mockServerClient.clear("mock1"); + mockServerClient.clear("mock2"); + } + + @Test + void getUserPermissions_BAD_REQUEST() { + var testToken = "Bearer " + TOKEN; + PermissionRequest permissionRequest = new PermissionRequest(); permissionRequest.pageNumber(0).pageSize(5).token(testToken); @@ -107,11 +185,9 @@ void getUserRolesAndPermissions_BAD_REQUEST() { .respond(httpRequest -> response().withStatusCode(Response.Status.BAD_REQUEST.getStatusCode()) .withContentType(MediaType.APPLICATION_JSON)); - UserRolesAndPermissionsCriteriaDTO criteriaDTO = new UserRolesAndPermissionsCriteriaDTO(); - criteriaDTO.setPermissionsPageNumber(0); - criteriaDTO.setPermissionsPageSize(5); - criteriaDTO.setRolesPageNumber(0); - criteriaDTO.setRolesPageSize(5); + UserCriteriaDTO criteriaDTO = new UserCriteriaDTO(); + criteriaDTO.setPageNumber(0); + criteriaDTO.setPageSize(5); var output = given() .when() @@ -119,12 +195,41 @@ void getUserRolesAndPermissions_BAD_REQUEST() { .header(APM_HEADER_PARAM, ADMIN) .contentType(APPLICATION_JSON) .body(criteriaDTO) - .post() + .post("/permissions") + .then() + .statusCode(Response.Status.BAD_REQUEST.getStatusCode()); + + Assertions.assertNotNull(output); + mockServerClient.clear("mock2"); + } + + @Test + void getUserAssignments_BAD_REQUEST() { + var testToken = "Bearer " + TOKEN; + AssignmentRequest assignmentRequest = new AssignmentRequest(); + assignmentRequest.pageNumber(0).pageSize(5).token(testToken); + + mockServerClient.when(request().withPath("/internal/assignments/me").withMethod(HttpMethod.POST) + .withBody(JsonBody.json(assignmentRequest))) + .withId("mock2") + .respond(httpRequest -> response().withStatusCode(Response.Status.BAD_REQUEST.getStatusCode()) + .withContentType(MediaType.APPLICATION_JSON)); + + UserCriteriaDTO criteriaDTO = new UserCriteriaDTO(); + criteriaDTO.setPageNumber(0); + criteriaDTO.setPageSize(5); + + var output = given() + .when() + .auth().oauth2(TOKEN) + .header(APM_HEADER_PARAM, ADMIN) + .contentType(APPLICATION_JSON) + .body(criteriaDTO) + .post("/assignments") .then() .statusCode(Response.Status.BAD_REQUEST.getStatusCode()); Assertions.assertNotNull(output); - mockServerClient.clear("mock1"); mockServerClient.clear("mock2"); } }