Merge branch 'new-test-branch' into validate-cert

api-gateway/src/main/java/org/swasth/apigateway/ApiGatewayApplication.java

@@ -53,19 +53,23 @@ public Map<String, Acl> aclMap(@Value("${rbac.path:classpath:rbac.yaml}") String
 		List<Map> rbacs = (List) obj.get("rbac");
 
 		Map<String, Acl> aclMap = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
-		for(Map rbac : rbacs){
+		for (Map rbac : rbacs) {
 			Acl acl = new Acl();
-			if(rbac.get("paths") != null){
-				acl.setPaths(new HashSet((List) rbac.get("paths")));
+			if (rbac.get("role") != null) {
+				String[] roles = ((String) rbac.get("role")).split(",");
+				for (String role : roles) {
+					role = role.trim();
+					if (rbac.get("paths") != null) {
+						acl.setPaths(new HashSet((List) rbac.get("paths")));
+					}
+					if (rbac.get("regexPaths") != null) {
+						acl.setRegexPaths((List) rbac.get("regexPaths"));
+					}
+					aclMap.put(role, acl);
+				}
 			}
-			if(rbac.get("regexPaths") != null){
-				acl.setRegexPaths((List) rbac.get("regexPaths"));
-			}
-			aclMap.put((String) rbac.get("role"), acl);
 		}
-
 		return aclMap;
-
 	}
 
 	public static void main(String[] args) {

api-gateway/src/main/java/org/swasth/apigateway/filters/AuditValidationFilter.java

@@ -60,7 +60,7 @@ public GatewayFilter apply(Config config) {
                     ArrayList<String> roles = (ArrayList<String>) participant.get("roles");
                     String code = (String) participant.get(Constants.PARTICIPANT_CODE);
                     Map<String, String> filters = (Map<String, String>) filterMap.get("filters");
-                    if (roles.contains("payor") || roles.contains("provider")) {
+                    if (roles.contains("payor") || roles.contains("provider") || roles.stream().anyMatch(Constants.PROVIDER_SPECIFIC_ROLES::contains)) {
                         filters.put("x-hcx-sender_code", code);
                         filterMap.put("filters", filters);
                         logger.debug("updated filters: {}", filterMap);

api-gateway/src/main/java/org/swasth/apigateway/models/BaseRequest.java

@@ -12,7 +12,6 @@
 
 import java.text.MessageFormat;
 import java.text.ParseException;
-import java.text.SimpleDateFormat;
 import java.util.*;
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
@@ -185,7 +184,7 @@ public void validateUsingAuditData(List<String> allowedEntitiesForForward, List<
         for (Map<String, Object> audit : correlationAuditData) {
             String action = (String) audit.get(ACTION);
             String entity = getEntity(action);
-            validateCondition(!OPERATIONAL_ENTITIES.contains(entity) && action.contains("on_") && ((List<String>) audit.get(RECIPIENT_ROLE)).contains(PROVIDER) && audit.get(STATUS).equals(COMPLETE_STATUS), ErrorCodes.ERR_INVALID_CORRELATION_ID, CLOSED_CYCLE_MSG);
+            validateCondition(!OPERATIONAL_ENTITIES.contains(entity) && action.contains("on_") && ((((List<String>) audit.get(RECIPIENT_ROLE)).contains(PROVIDER)) || ((List<String>) audit.get(RECIPIENT_ROLE)).stream().anyMatch(PROVIDER_SPECIFIC_ROLES::contains)) && audit.get(STATUS).equals(COMPLETE_STATUS), ErrorCodes.ERR_INVALID_CORRELATION_ID, CLOSED_CYCLE_MSG);
         }
         String actionEntity = getEntity(jweRequest.getApiAction());
         if (!OPERATIONAL_ENTITIES.contains(actionEntity)) {
@@ -213,7 +212,7 @@ public void validateUsingAuditData(List<String> allowedEntitiesForForward, List<
                     validateCondition(getHcxRecipientCode().equals(audit.get(HCX_SENDER_CODE)), ErrorCodes.ERR_INVALID_FORWARD_REQ, FORWARD_REQ_ERR_MSG);
                 }
             }
-        } else if (!EXCLUDE_ENTITIES.contains(getEntity(path)) && !apiAction.contains("on_") && checkParticipantRole(allowedRolesForForward, senderRoles) && recipientRoles.contains(PROVIDER)) {
+        } else if (!EXCLUDE_ENTITIES.contains(getEntity(path)) && !apiAction.contains("on_") && checkParticipantRole(allowedRolesForForward, senderRoles) && ((recipientRoles.contains(PROVIDER)) || (recipientRoles.stream().anyMatch(PROVIDER_SPECIFIC_ROLES::contains)))) {
             throw new ClientException(ErrorCodes.ERR_ACCESS_DENIED, INVALID_API_CALL);
         }
         // validation to check if participant is forwarding the request to provider
@@ -363,20 +362,12 @@ public String getEntity(String path) {
     private List<Map<String, Object>> filteredList(List<Map<String, Object>> correlationFilteredData, int days) {
         return correlationFilteredData.stream()
                 .filter(map -> COMPLETE_STATUS.equals(map.get(STATUS)))
-                .filter(map -> {
-                    try {
-                        return isWithinLastDays((String) map.get(TIMESTAMP), days);
-                    } catch (ParseException e) {
-                        throw new RuntimeException(e);
-                    }
-                }).collect(Collectors.toList());
+                .filter(map -> isWithinLastDays((Long) map.get(UPDATED_TIME), days)).collect(Collectors.toList());
     }
 
-    private boolean isWithinLastDays(String timestamp,int days) throws ParseException {
-        SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ");
+    private boolean isWithinLastDays(long timestamp ,int days) {
         Date currentDate = new Date();
-        Date date = sdf.parse(timestamp);
-        long differenceInMillis = currentDate.getTime() - date.getTime();
+        long differenceInMillis = currentDate.getTime() - timestamp;
         long daysDifference = TimeUnit.DAYS.convert(differenceInMillis, TimeUnit.MILLISECONDS);
         return daysDifference > days;
     }

api-gateway/src/main/resources/application.yaml

@@ -201,8 +201,9 @@ spring:
             - RewritePath=/${version.external08}/applicant/(?<segment>/?.*), /${version.internal}/applicant/$\{segment}
             - RewritePath=/${version.external08}/onboard/user/(?<segment>/?.*), /${version.internal}/onboard/user/$\{segment}
             - RewritePath=/${version.external08}/onboard/applicant/(?<segment>/?.*), /${version.internal}/onboard/applicant/$\{segment}
+            - RewritePath=/${version.external08}/api-access/secret/(?<segment>/?.*), /${version.internal}/api-access/secret/$\{segment}
           predicates:
-            - Path=/${version.external08}/participant/verify, /${version.external08}/participant/verify/identity, /${version.external08}/participant/verification/link/send, /${version.external08}/participant/onboard/update, /${version.external08}/applicant/getinfo, /${version.external08}/applicant/verify,/${version.external07}/applicant/search*,/${version.external08}/applicant/search*,/url/*, /${version.external08}/onboard/user/invite, /${version.external08}/onboard/user/invite/accept, /${version.external08}/onboard/user/invite/reject, /${version.external08}/onboard/applicant/password/generate
+            - Path=/${version.external08}/participant/verify, /${version.external08}/participant/verify/identity, /${version.external08}/participant/verification/link/send, /${version.external08}/participant/onboard/update, /${version.external08}/applicant/getinfo, /${version.external08}/applicant/verify,/${version.external07}/applicant/search*,/${version.external08}/applicant/search*,/url/*, /${version.external08}/onboard/user/invite, /${version.external08}/onboard/user/invite/accept, /${version.external08}/onboard/user/invite/reject, /${version.external08}/onboard/applicant/password/generate, /${version.external08}/api-access/secret/generate
 
         - id: hcx-mock-service-route
           uri: ${hcx-mock-service.basePath}

api-gateway/src/main/resources/rbac.yaml

@@ -10,7 +10,7 @@ rbac:
       - /url/**
       - /auth/**
   - role: AUTHENTICATED
-  - role: provider
+  - role: provider,provider.hospital,provider.clinic,provider.practitioner,provider.diagnostics,provider.pharmacy
     paths:
       - /v0.7/coverageeligibility/check
       - /v0.7/predetermination/submit
@@ -262,6 +262,7 @@ rbac:
       - /v0.8/participant/update
       - /v0.8/onboard/applicant/password/generate
       - /v0.8/participant/onboard/update
+      - /v0.8/api-access/secret/generate
     regexPaths:
       - /v0.8/user/**
       - /v0.8/participant/user/**