diff --git a/openapi/p4pa-auth.openapi.yaml b/openapi/p4pa-auth.openapi.yaml index 1d63313..fd357ba 100644 --- a/openapi/p4pa-auth.openapi.yaml +++ b/openapi/p4pa-auth.openapi.yaml @@ -551,8 +551,6 @@ components: - email - issuer - organizations - - brokerId - - brokerFiscalCode - canManageUsers properties: userId: diff --git a/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java b/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java index 67f3d30..e0d69cf 100644 --- a/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java +++ b/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java @@ -42,14 +42,14 @@ public IamUserInfoDTO2UserInfoMapper(@Value("${app.enable-access-organization-mo public UserInfo apply(IamUserInfoDTO iamUserInfoDTO, String accessToken) { if (iamUserInfoDTO.isSystemUser()) { - return systemUserMapper(iamUserInfoDTO); + return systemUserMapper(iamUserInfoDTO, accessToken); } return userInfoMapper(iamUserInfoDTO, accessToken); } - private UserInfo systemUserMapper(IamUserInfoDTO iamUserInfoDTO) { + private UserInfo systemUserMapper(IamUserInfoDTO iamUserInfoDTO, String accessToken) { String organizationIpaCode = iamUserInfoDTO.getOrganizationAccess().getOrganizationIpaCode(); - return UserInfo.builder() + UserInfo userInfo = UserInfo.builder() .userId(iamUserInfoDTO.getUserId()) .mappedExternalUserId(buildSystemMappedExternalUserId(organizationIpaCode)) .fiscalCode(iamUserInfoDTO.getFiscalCode()) @@ -61,6 +61,8 @@ private UserInfo systemUserMapper(IamUserInfoDTO iamUserInfoDTO) { .roles(Collections.singletonList(Constants.ROLE_ADMIN)) .build())) .build(); + setBrokerInfo(userInfo, iamUserInfoDTO, accessToken); + return userInfo; } public static String buildSystemMappedExternalUserId(String organizationIpaCode) { @@ -71,8 +73,6 @@ private UserInfo userInfoMapper(IamUserInfoDTO iamUserInfoDTO, String accessToke User user = usersRepository.findById(iamUserInfoDTO.getInnerUserId()).orElseThrow(() -> new UserNotFoundException("Cannot found user having inner id:" + iamUserInfoDTO.getInnerUserId())); List userRoles = operatorsRepository.findAllByUserId(iamUserInfoDTO.getInnerUserId()); - Broker brokerInfo = getSessionBroker(iamUserInfoDTO, userRoles, accessToken); - UserInfo userInfo = UserInfo.builder() .userId(user.getUserId()) .mappedExternalUserId(user.getMappedExternalUserId()) @@ -93,18 +93,15 @@ private UserInfo userInfoMapper(IamUserInfoDTO iamUserInfoDTO, String accessToke if (iamUserInfoDTO.getOrganizationAccess() != null) { userInfo.setOrganizationAccess(iamUserInfoDTO.getOrganizationAccess().getOrganizationIpaCode()); } - if (brokerInfo != null) { - userInfo.setBrokerId(brokerInfo.getBrokerId()); - userInfo.setBrokerFiscalCode(brokerInfo.getBrokerFiscalCode()); - } + setBrokerInfo(userInfo, iamUserInfoDTO, accessToken); userInfo.setCanManageUsers(!organizationAccessMode); return userInfo; } - private Broker getSessionBroker(IamUserInfoDTO iamUserInfoDTO, List userRoles, String accessToken) { + private Broker getSessionBroker(IamUserInfoDTO iamUserInfoDTO, List userOrganizations, String accessToken) { String orgIpaCode = Optional.ofNullable(iamUserInfoDTO.getOrganizationAccess()) .map(IamUserOrganizationRolesDTO::getOrganizationIpaCode) - .orElseGet(() -> !userRoles.isEmpty() ? userRoles.get(0).getOrganizationIpaCode() : null); + .orElseGet(() -> userOrganizations.isEmpty() ? null : userOrganizations.get(0).getOrganizationIpaCode()); if (orgIpaCode != null) { Organization organization = organizationSearchClient.getOrganizationByIpaCode(orgIpaCode, accessToken); @@ -115,4 +112,15 @@ private Broker getSessionBroker(IamUserInfoDTO iamUserInfoDTO, List us return null; } + private void setBrokerInfo(UserInfo userInfo, IamUserInfoDTO iamUserInfo, String accessToken) { + Broker brokerInfo = getSessionBroker(iamUserInfo, userInfo.getOrganizations(), accessToken); + + if (brokerInfo != null) { + userInfo.setBrokerId(brokerInfo.getBrokerId()); + userInfo.setBrokerFiscalCode(brokerInfo.getBrokerFiscalCode()); + } else { + throw new IllegalStateException("Broker information not found for the user."); + } + } + } diff --git a/src/test/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapperTest.java b/src/test/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapperTest.java index 93ac0a4..ad8925b 100644 --- a/src/test/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapperTest.java +++ b/src/test/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapperTest.java @@ -11,6 +11,7 @@ import it.gov.pagopa.payhub.auth.utils.Constants; import it.gov.pagopa.payhub.dto.generated.UserInfo; import it.gov.pagopa.payhub.dto.generated.UserOrganizationRoles; +import it.gov.pagopa.pu.p4pa_organization.dto.generated.Broker; import it.gov.pagopa.pu.p4pa_organization.dto.generated.Organization; import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.Assertions; @@ -54,7 +55,7 @@ void verifyNotMoreInteractions() { @Test void givenNotUserWhenApplyThenUserNotFoundException() { String accessToken = "sampleAccessToken"; - // Given + IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() .userId("EXTERNALUSERID") .innerUserId("INNERUSERID") @@ -62,14 +63,13 @@ void givenNotUserWhenApplyThenUserNotFoundException() { Mockito.when(usersRepositoryMock.findById(iamUserInfo.getInnerUserId())).thenReturn(Optional.empty()); - // When, Then Assertions.assertThrows(UserNotFoundException.class, () -> mapper.apply(iamUserInfo, accessToken)); } @Test void givenCompleteDataWhenApplyThenOk() { String accessToken = "sampleAccessToken"; - // Given + IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() .userId("EXTERNALUSERID") .innerUserId("INNERUSERID") @@ -109,25 +109,32 @@ void givenCompleteDataWhenApplyThenOk() { .roles(List.of("ROLE")) .email("EMAIL") .build())) + .brokerId(1L) .canManageUsers(!organizationAccessMode) .build(); Mockito.when(usersRepositoryMock.findById(iamUserInfo.getInnerUserId())).thenReturn(Optional.of(user)); Mockito.when(operatorsRepositoryMock.findAllByUserId(user.getUserId())).thenReturn(organizationRoles); + + Organization mockOrganization = new Organization(); + mockOrganization.setBrokerId(1L); Mockito.when(organizationSearchClientMock.getOrganizationByIpaCode(Mockito.eq("ORG"), Mockito.anyString())) - .thenReturn(new Organization()); + .thenReturn(mockOrganization); + + Broker mockBroker = new Broker(); + mockBroker.setBrokerId(1L); + Mockito.when(organizationSearchClientMock.getBrokerById(Mockito.anyLong(), Mockito.anyString())) + .thenReturn(mockBroker); - // When UserInfo result = mapper.apply(iamUserInfo, accessToken); - // Then Assertions.assertEquals(expected, result); } @Test void givenNotOperatorsWhenApplyThenOk() { String accessToken = "sampleAccessToken"; - // Given + IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() .userId("EXTERNALUSERID") .innerUserId("INNERUSERID") @@ -155,23 +162,32 @@ void givenNotOperatorsWhenApplyThenOk() { .issuer("ISSUER") .organizationAccess("ORG") .organizations(Collections.emptyList()) + .brokerId(1L) .canManageUsers(!organizationAccessMode) .build(); Mockito.when(usersRepositoryMock.findById(iamUserInfo.getInnerUserId())).thenReturn(Optional.of(user)); Mockito.when(operatorsRepositoryMock.findAllByUserId(user.getUserId())).thenReturn(Collections.emptyList()); - // When + Organization mockOrganization = new Organization(); + mockOrganization.setBrokerId(1L); + Mockito.when(organizationSearchClientMock.getOrganizationByIpaCode(Mockito.eq("ORG"), Mockito.anyString())) + .thenReturn(mockOrganization); + + Broker mockBroker = new Broker(); + mockBroker.setBrokerId(1L); + Mockito.when(organizationSearchClientMock.getBrokerById(Mockito.anyLong(), Mockito.anyString())) + .thenReturn(mockBroker); + UserInfo result = mapper.apply(iamUserInfo, accessToken); - // Then Assertions.assertEquals(expected, result); } @Test void givenNoOrganizationAccessWhenApplyThenOk() { String accessToken = "sampleAccessToken"; - // Given + IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() .userId("EXTERNALUSERID") .innerUserId("INNERUSERID") @@ -206,23 +222,32 @@ void givenNoOrganizationAccessWhenApplyThenOk() { .roles(List.of("ROLE")) .email("EMAIL") .build())) + .brokerId(1L) .canManageUsers(!organizationAccessMode) .build(); Mockito.when(usersRepositoryMock.findById(iamUserInfo.getInnerUserId())).thenReturn(Optional.of(user)); Mockito.when(operatorsRepositoryMock.findAllByUserId(user.getUserId())).thenReturn(organizationRoles); - // When + Organization mockOrganization = new Organization(); + mockOrganization.setBrokerId(1L); + Mockito.when(organizationSearchClientMock.getOrganizationByIpaCode(Mockito.eq("ORG"), Mockito.anyString())) + .thenReturn(mockOrganization); + + Broker mockBroker = new Broker(); + mockBroker.setBrokerId(1L); + Mockito.when(organizationSearchClientMock.getBrokerById(Mockito.anyLong(), Mockito.anyString())) + .thenReturn(mockBroker); + UserInfo result = mapper.apply(iamUserInfo, accessToken); - // Then Assertions.assertEquals(expected, result); } @Test void givenSystemUserWhenApplyThenOk() { String accessToken = "sampleAccessToken"; - // Given + IamUserInfoDTO iamUserInfo = IamUserInfoDTO.builder() .systemUser(Boolean.TRUE) .userId("EXTERNALUSERID") @@ -248,13 +273,23 @@ void givenSystemUserWhenApplyThenOk() { .organizationIpaCode("IPA_CODE") .roles(List.of(Constants.ROLE_ADMIN)) .build())) + .brokerId(1L) .build(); - // When + Organization mockOrganization = new Organization(); + mockOrganization.setBrokerId(1L); + Mockito.when(organizationSearchClientMock.getOrganizationByIpaCode(Mockito.eq("IPA_CODE"), Mockito.anyString())) + .thenReturn(mockOrganization); + + Broker mockBroker = new Broker(); + mockBroker.setBrokerId(1L); + Mockito.when(organizationSearchClientMock.getBrokerById(Mockito.anyLong(), Mockito.anyString())) + .thenReturn(mockBroker); + UserInfo result = mapper.apply(iamUserInfo, accessToken); - // Then Assertions.assertEquals(expected, result); } + }