From 4e9d47c7a68831ff78ad32873d568c1c65ad4a18 Mon Sep 17 00:00:00 2001 From: Russell Dodd Date: Wed, 18 Sep 2024 09:23:48 +0100 Subject: [PATCH] Rename all Roles to BusinessUnitUserPermissions & 'BusinessUserId' to 'BusinessUnitUserId' --- ...PO-235-Notes_RolesAndBusinessUnits.feature | 2 +- ...henticationInternalUserControllerTest.java | 16 ++++--- ...BusinessUnitControllerIntegrationTest.java | 8 ++-- .../TestingSupportControllerTest.java | 42 ++++++++++++------- .../aspect/AuthorizationAspect.java | 6 +-- .../aspect/AuthorizationAspectService.java | 3 +- .../aspect/AuthorizedRoleHasPermission.java | 6 +-- .../aspect/PermissionNotAllowedException.java | 12 +++--- .../model/BusinessUnitUserPermissions.java | 10 ++--- .../opal/authorisation/model/UserState.java | 42 ++++++++++--------- .../DefendantAccountController.java | 5 ++- .../controllers/develop/NoteController.java | 5 ++- .../service/opal/BusinessUnitUserService.java | 19 +++++---- .../service/opal/UserEntitlementService.java | 6 +-- .../hmcts/opal/service/opal/UserService.java | 8 ++-- .../opal/service/opal/UserStateService.java | 2 +- .../gov/hmcts/opal/util/PermissionUtil.java | 11 ++--- .../aspect/LogAuditDetailsAspectTest.java | 4 +- .../aspect/UserStateAspectServiceTest.java | 4 +- .../AuthorizationAspectServiceTest.java | 27 ++++++------ .../aspect/AuthorizationAspectTest.java | 16 +++---- .../BusinessUnitControllerTest.java | 10 ++--- .../opal/controllers/UserStateBuilder.java | 6 +-- .../opal/BusinessUnitUserServiceTest.java | 9 ++-- .../opal/service/opal/UserServiceTest.java | 3 +- .../hmcts/opal/util/PermissionUtilTest.java | 14 +++---- 26 files changed, 164 insertions(+), 132 deletions(-) diff --git a/src/functionalTest/resources/features/opalMode/PO-235-Notes_RolesAndBusinessUnits.feature b/src/functionalTest/resources/features/opalMode/PO-235-Notes_RolesAndBusinessUnits.feature index 71d7d6257..c813b2341 100644 --- a/src/functionalTest/resources/features/opalMode/PO-235-Notes_RolesAndBusinessUnits.feature +++ b/src/functionalTest/resources/features/opalMode/PO-235-Notes_RolesAndBusinessUnits.feature @@ -1,5 +1,5 @@ @PO-235 @Opal -Feature: tests for notes roles/permissions for accounts dependant on business units +Feature: tests for notes business unit users/permissions for accounts dependant on business units Scenario: A user can add a note to a business unit it is part of Given I am testing as the "opal-test@hmcts.net" user diff --git a/src/integrationTest/java/uk/gov/hmcts/opal/authentication/controller/AuthenticationInternalUserControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/opal/authentication/controller/AuthenticationInternalUserControllerTest.java index 95fe6dfc7..455f63e85 100644 --- a/src/integrationTest/java/uk/gov/hmcts/opal/authentication/controller/AuthenticationInternalUserControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/opal/authentication/controller/AuthenticationInternalUserControllerTest.java @@ -67,9 +67,9 @@ void testHandleOauthCode() throws Exception { UserState userState = UserState.builder() .userName("name") .userId(123L) - .roles(Set.of(BusinessUnitUserPermissions.builder() + .businessUnitUserPermissions(Set.of(BusinessUnitUserPermissions.builder() .businessUnitId((short) 123) - .businessUserId("BU123") + .businessUnitUserId("BU123") .permissions(Set.of( Permission.builder() .permissionId(1L) @@ -92,10 +92,14 @@ void testHandleOauthCode() throws Exception { .andExpect(jsonPath("$.access_token").value("accessToken")) .andExpect(jsonPath("$.user_state.user_name").value("name")) .andExpect(jsonPath("$.user_state.user_id").value("123")) - .andExpect(jsonPath("$.user_state.roles[0].business_unit_id").value("123")) - .andExpect(jsonPath("$.user_state.roles[0].business_user_id").value("BU123")) - .andExpect(jsonPath("$.user_state.roles[0].permissions[0].permission_id").value("1")) - .andExpect(jsonPath("$.user_state.roles[0].permissions[0].permission_name") + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].business_unit_id") + .value("123")) + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].business_unit_user_id") + .value("BU123")) + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].permissions[0].permission_id") + .value("1")) + .andExpect( + jsonPath("$.user_state.business_unit_user_permissions[0].permissions[0].permission_name") .value("Notes")); } diff --git a/src/integrationTest/java/uk/gov/hmcts/opal/controllers/BusinessUnitControllerIntegrationTest.java b/src/integrationTest/java/uk/gov/hmcts/opal/controllers/BusinessUnitControllerIntegrationTest.java index d4e334e71..3f109cc4c 100644 --- a/src/integrationTest/java/uk/gov/hmcts/opal/controllers/BusinessUnitControllerIntegrationTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/opal/controllers/BusinessUnitControllerIntegrationTest.java @@ -129,7 +129,7 @@ void testGetBusinessUnitRefData_Permission_success() throws Exception { when(businessUnitService.getReferenceData(any())).thenReturn(singletonList(refData)); when(userStateService.getUserStateUsingAuthToken(anyString())).thenReturn(userState); - when(userState.allRolesWithPermission(any())).thenReturn(new TestUserRoles(true)); + when(userState.allBusinessUnitUsersWithPermission(any())).thenReturn(new TestUserBusinessUnits(true)); mockMvc.perform(get(URL_BASE + "?permission=MANUAL_ACCOUNT_CREATION") .header("authorization", "Bearer some_value")) @@ -151,7 +151,7 @@ void testGetBusinessUnitRefData_Permission_empty() throws Exception { when(businessUnitService.getReferenceData(any())).thenReturn(singletonList(refData)); when(userStateService.getUserStateUsingAuthToken(anyString())).thenReturn(userState); - when(userState.allRolesWithPermission(any())).thenReturn(new TestUserRoles(false)); + when(userState.allBusinessUnitUsersWithPermission(any())).thenReturn(new TestUserBusinessUnits(false)); mockMvc.perform(get(URL_BASE + "?permission=MANUAL_ACCOUNT_CREATION") .header("authorization", "Bearer some_value")) @@ -185,10 +185,10 @@ private BusinessUnitReferenceData createBusinessUnitRefData() { "XX", "Fines", null, null); } - private class TestUserRoles implements UserState.UserRoles { + private class TestUserBusinessUnits implements UserState.UserBusinessUnits { private final boolean contains; - public TestUserRoles(boolean contains) { + public TestUserBusinessUnits(boolean contains) { this.contains = contains; } diff --git a/src/integrationTest/java/uk/gov/hmcts/opal/controllers/TestingSupportControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/opal/controllers/TestingSupportControllerTest.java index bd63aa4e0..57704fea0 100644 --- a/src/integrationTest/java/uk/gov/hmcts/opal/controllers/TestingSupportControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/opal/controllers/TestingSupportControllerTest.java @@ -12,8 +12,8 @@ import uk.gov.hmcts.opal.authentication.model.AccessTokenResponse; import uk.gov.hmcts.opal.authentication.model.SecurityToken; import uk.gov.hmcts.opal.authentication.service.AccessTokenService; -import uk.gov.hmcts.opal.authorisation.model.Permission; import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions; +import uk.gov.hmcts.opal.authorisation.model.Permission; import uk.gov.hmcts.opal.authorisation.model.UserState; import uk.gov.hmcts.opal.authorisation.service.AuthorisationService; import uk.gov.hmcts.opal.dto.AppMode; @@ -40,9 +40,9 @@ class TestingSupportControllerTest { private static final UserState USER_STATE = UserState.builder() .userName("name") .userId(123L) - .roles(Set.of(BusinessUnitUserPermissions.builder() + .businessUnitUserPermissions(Set.of(BusinessUnitUserPermissions.builder() .businessUnitId((short) 123) - .businessUserId("BU123") + .businessUnitUserId("BU123") .permissions(Set.of( Permission.builder() .permissionId(1L) @@ -132,10 +132,14 @@ void testGetToken() throws Exception { .andExpect(jsonPath("$.access_token").value("testToken")) .andExpect(jsonPath("$.user_state.user_name").value("name")) .andExpect(jsonPath("$.user_state.user_id").value("123")) - .andExpect(jsonPath("$.user_state.roles[0].business_unit_id").value("123")) - .andExpect(jsonPath("$.user_state.roles[0].business_user_id").value("BU123")) - .andExpect(jsonPath("$.user_state.roles[0].permissions[0].permission_id").value("1")) - .andExpect(jsonPath("$.user_state.roles[0].permissions[0].permission_name") + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].business_unit_id") + .value("123")) + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].business_unit_user_id") + .value("BU123")) + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].permissions[0].permission_id") + .value("1")) + .andExpect( + jsonPath("$.user_state.business_unit_user_permissions[0].permissions[0].permission_name") .value("Notes")); } @@ -160,10 +164,14 @@ void testGetTokenForUser() throws Exception { .andExpect(jsonPath("$.access_token").value("testToken")) .andExpect(jsonPath("$.user_state.user_name").value("name")) .andExpect(jsonPath("$.user_state.user_id").value("123")) - .andExpect(jsonPath("$.user_state.roles[0].business_unit_id").value("123")) - .andExpect(jsonPath("$.user_state.roles[0].business_user_id").value("BU123")) - .andExpect(jsonPath("$.user_state.roles[0].permissions[0].permission_id").value("1")) - .andExpect(jsonPath("$.user_state.roles[0].permissions[0].permission_name") + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].business_unit_id") + .value("123")) + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].business_unit_user_id") + .value("BU123")) + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].permissions[0].permission_id") + .value("1")) + .andExpect( + jsonPath("$.user_state.business_unit_user_permissions[0].permissions[0].permission_name") .value("Notes")); } @@ -199,10 +207,14 @@ void testGetTokenForUserFailure() throws Exception { .andExpect(jsonPath("$.access_token").value("testToken")) .andExpect(jsonPath("$.user_state.user_name").value("name")) .andExpect(jsonPath("$.user_state.user_id").value("123")) - .andExpect(jsonPath("$.user_state.roles[0].business_unit_id").value("123")) - .andExpect(jsonPath("$.user_state.roles[0].business_user_id").value("BU123")) - .andExpect(jsonPath("$.user_state.roles[0].permissions[0].permission_id").value("1")) - .andExpect(jsonPath("$.user_state.roles[0].permissions[0].permission_name") + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].business_unit_id") + .value("123")) + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].business_unit_user_id") + .value("BU123")) + .andExpect(jsonPath("$.user_state.business_unit_user_permissions[0].permissions[0].permission_id") + .value("1")) + .andExpect( + jsonPath("$.user_state.business_unit_user_permissions[0].permissions[0].permission_name") .value("Notes")); } } diff --git a/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspect.java b/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspect.java index 2b3c0eaf3..826c51467 100644 --- a/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspect.java +++ b/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspect.java @@ -40,10 +40,10 @@ public Object checkAuthorization(ProceedingJoinPoint joinPoint, Object[] args = joinPoint.getArgs(); UserState userState = userStateAspectService.getUserState(joinPoint); - BusinessUnitUserPermissions role = authorizationAspectService.getRole(args, userState); - if (checkRoleHasPermission(role, authorizedRoleHasPermission.value())) { + BusinessUnitUserPermissions businessUnitUserPermissions = authorizationAspectService.getRole(args, userState); + if (checkRoleHasPermission(businessUnitUserPermissions, authorizedRoleHasPermission.value())) { return joinPoint.proceed(); } - throw new PermissionNotAllowedException(authorizedRoleHasPermission.value(), role); + throw new PermissionNotAllowedException(authorizedRoleHasPermission.value(), businessUnitUserPermissions); } } diff --git a/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectService.java b/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectService.java index 862100990..34489f720 100644 --- a/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectService.java +++ b/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectService.java @@ -67,7 +67,8 @@ public BusinessUnitUserPermissions getRole(Object[] args, UserState userState) { } throw new RoleNotFoundException(format( "Can't infer the role for user %s. " - + "Annotated method needs to have arguments of types (Role, AddNoteDto, NoteDto).", + + "Annotated method needs to have arguments of types" + + " (BusinessUnitUserPermissions, AddNoteDto, NoteDto).", userState.getUserName() )); } diff --git a/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizedRoleHasPermission.java b/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizedRoleHasPermission.java index 011c290aa..1be1ce062 100644 --- a/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizedRoleHasPermission.java +++ b/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizedRoleHasPermission.java @@ -16,10 +16,10 @@ * The role can be one of the argument of the annotated method. * 
  *      @AuthorizedRoleHasPermission(Permissions.ACCOUNT_ENQUIRY)
- *      public void businessMethod(Role role) { ... }
+ *      public void businessMethod(BusinessUnitUserPermissions role) { ... }
  *
* The role can be inferred if one of the argument is of type NoteDto, the role will be picked by matching - * businessUnitId of NoteDto argument within the userState roles. + * businessUnitId of NoteDto argument within the userState businessUnitUserPermissions. * If this role has the permission then only execution will be allowed, otherwise PermissionNotAllowedException * will be thrown. * For example: @@ -28,7 +28,7 @@ * public NoteDto saveNote(NoteDto noteDto) { .. } * * The role can be inferred if one of the argument is of type NoteDto, the role will be picked by matching - * businessUnitId of AddNoteDto argument within the userState roles. + * businessUnitId of AddNoteDto argument within the userState businessUnitUserPermissions. * If this role has the permission then only execution will be allowed, otherwise PermissionNotAllowedException * will be thrown. * For example: diff --git a/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/PermissionNotAllowedException.java b/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/PermissionNotAllowedException.java index 425355581..5f01834f2 100644 --- a/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/PermissionNotAllowedException.java +++ b/src/main/java/uk/gov/hmcts/opal/authorisation/aspect/PermissionNotAllowedException.java @@ -8,17 +8,19 @@ public class PermissionNotAllowedException extends RuntimeException { private final Permissions permission; - private final BusinessUnitUserPermissions role; + private final BusinessUnitUserPermissions businessUnitUserPermissions; public PermissionNotAllowedException(Permissions value) { super(value + " permission is not allowed for the user"); this.permission = value; - this.role = null; + this.businessUnitUserPermissions = null; } - public PermissionNotAllowedException(Permissions permission, BusinessUnitUserPermissions role) { - super(permission + " permission is not allowed for the role " + role); + public PermissionNotAllowedException(Permissions permission, + BusinessUnitUserPermissions businessUnitUserPermissions) { + super(permission + " permission is not allowed for the businessUnitUserPermissions " + + businessUnitUserPermissions); this.permission = permission; - this.role = role; + this.businessUnitUserPermissions = businessUnitUserPermissions; } } diff --git a/src/main/java/uk/gov/hmcts/opal/authorisation/model/BusinessUnitUserPermissions.java b/src/main/java/uk/gov/hmcts/opal/authorisation/model/BusinessUnitUserPermissions.java index abed1d806..51cc497c3 100644 --- a/src/main/java/uk/gov/hmcts/opal/authorisation/model/BusinessUnitUserPermissions.java +++ b/src/main/java/uk/gov/hmcts/opal/authorisation/model/BusinessUnitUserPermissions.java @@ -15,7 +15,7 @@ public class BusinessUnitUserPermissions { @NonNull - String businessUserId; + String businessUnitUserId; @NonNull Short businessUnitId; @@ -25,11 +25,11 @@ public class BusinessUnitUserPermissions { Set permissions; @JsonCreator - public BusinessUnitUserPermissions(@JsonProperty("business_user_id") String businessUserId, + public BusinessUnitUserPermissions(@JsonProperty("business_unit_user_id") String businessUnitUserId, @JsonProperty("business_unit_id") Short businessUnitId, @JsonProperty("permissions") Set permissions) { - this.businessUserId = businessUserId; + this.businessUnitUserId = businessUnitUserId; this.businessUnitId = businessUnitId; this.permissions = permissions; } @@ -46,8 +46,8 @@ public boolean matchesBusinessUnitId(Short roleBusinessUnitId) { return businessUnitId.equals(roleBusinessUnitId); } - public static class DeveloperRole extends BusinessUnitUserPermissions { - DeveloperRole() { + public static class DeveloperBusinessUnitUserPermissions extends BusinessUnitUserPermissions { + DeveloperBusinessUnitUserPermissions() { super("", Short.MAX_VALUE, Collections.emptySet()); } diff --git a/src/main/java/uk/gov/hmcts/opal/authorisation/model/UserState.java b/src/main/java/uk/gov/hmcts/opal/authorisation/model/UserState.java index e938e6858..b59fbaf4a 100644 --- a/src/main/java/uk/gov/hmcts/opal/authorisation/model/UserState.java +++ b/src/main/java/uk/gov/hmcts/opal/authorisation/model/UserState.java @@ -6,7 +6,7 @@ import lombok.Data; import lombok.EqualsAndHashCode; import lombok.NonNull; -import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions.DeveloperRole; +import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions.DeveloperBusinessUnitUserPermissions; import java.util.Collections; import java.util.Optional; @@ -24,57 +24,58 @@ public class UserState { String userName; @EqualsAndHashCode.Exclude - Set roles; + Set businessUnitUserPermissions; @JsonCreator public UserState( @JsonProperty("user_id") Long userId, @JsonProperty("user_name") String userName, - @JsonProperty("roles") Set roles + @JsonProperty("business_unit_user_permissions") Set businessUnitUserPermissions ) { this.userId = userId; this.userName = userName; - this.roles = roles; + this.businessUnitUserPermissions = businessUnitUserPermissions; } public boolean anyRoleHasPermission(Permissions permission) { - return roles.stream().anyMatch(r -> r.hasPermission(permission)); + return businessUnitUserPermissions.stream().anyMatch(r -> r.hasPermission(permission)); } public boolean noRoleHasPermission(Permissions permission) { return !anyRoleHasPermission(permission); } - public UserRoles allRolesWithPermission(Permissions permission) { - return new UserRolesImpl( - roles.stream().filter(r -> r.hasPermission(permission)).collect(Collectors.toSet())); + public UserBusinessUnits allBusinessUnitUsersWithPermission(Permissions permission) { + return new UserBusinessUnitsImpl( + businessUnitUserPermissions.stream().filter(r -> r.hasPermission(permission)).collect(Collectors.toSet())); } public boolean hasRoleWithPermission(short roleBusinessUnitId, Permissions permission) { - return roles.stream() + return businessUnitUserPermissions.stream() .filter(r -> r.matchesBusinessUnitId(roleBusinessUnitId)) - .findAny() // Should be either zero or one roles that match the business unit id + .findAny() // Should be either zero or one businessUnitUserPermissions that match the business unit id .stream() .anyMatch(r -> r.hasPermission(permission)); } public Optional getRoleForBusinessUnit(Short businessUnitId) { - return roles.stream() + return businessUnitUserPermissions.stream() .filter(r -> r.matchesBusinessUnitId(businessUnitId)) .findFirst(); } - public static interface UserRoles { + public static interface UserBusinessUnits { boolean containsBusinessUnit(Short businessUnitId); } - public static class UserRolesImpl implements UserRoles { - private final Set roles; + public static class UserBusinessUnitsImpl implements UserBusinessUnits { + private final Set businessUnitUserPermissions; private final Set businessUnits; - public UserRolesImpl(Set roles) { - this.roles = roles; - businessUnits = roles.stream().map(r -> r.getBusinessUnitId()).collect(Collectors.toSet()); + public UserBusinessUnitsImpl(Set businessUnitUserPermissions) { + this.businessUnitUserPermissions = businessUnitUserPermissions; + businessUnits = businessUnitUserPermissions.stream().map(r -> r.getBusinessUnitId()) + .collect(Collectors.toSet()); } public boolean containsBusinessUnit(Short businessUnitId) { @@ -83,7 +84,8 @@ public boolean containsBusinessUnit(Short businessUnitId) { } public static class DeveloperUserState extends UserState { - private static final Optional DEV_ROLE = Optional.of(new DeveloperRole()); + private static final Optional DEV_ROLE = + Optional.of(new DeveloperBusinessUnitUserPermissions()); public DeveloperUserState() { super(0L, "Developer_User", Collections.emptySet()); @@ -100,8 +102,8 @@ public Optional getRoleForBusinessUnit(Short busine } @Override - public UserRoles allRolesWithPermission(Permissions permission) { - return new UserRoles() { + public UserBusinessUnits allBusinessUnitUsersWithPermission(Permissions permission) { + return new UserBusinessUnits() { @Override public boolean containsBusinessUnit(Short businessUnitId) { return true; diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/DefendantAccountController.java b/src/main/java/uk/gov/hmcts/opal/controllers/DefendantAccountController.java index 8053ac4a5..62fec92f8 100644 --- a/src/main/java/uk/gov/hmcts/opal/controllers/DefendantAccountController.java +++ b/src/main/java/uk/gov/hmcts/opal/controllers/DefendantAccountController.java @@ -117,7 +117,8 @@ public ResponseEntity addNote( log.info(":POST:addNote: {}", addNote.toPrettyJson()); UserState userState = userStateService.getUserStateUsingAuthToken(authHeaderValue); - BusinessUnitUserPermissions role = getRequiredRole(userState, addNote.getBusinessUnitId()); + BusinessUnitUserPermissions businessUnitUserPermissions = getRequiredRole(userState, + addNote.getBusinessUnitId()); NoteDto noteDto = NoteDto.builder() .associatedRecordId(addNote.getAssociatedRecordId()) @@ -125,7 +126,7 @@ public ResponseEntity addNote( .associatedRecordType(NOTE_ASSOC_REC_TYPE) .noteType("AA") // TODO - This will probably need to part of the AddNoteDto in future .businessUnitId(addNote.getBusinessUnitId()) - .postedBy(role.getBusinessUserId()) + .postedBy(businessUnitUserPermissions.getBusinessUnitUserId()) .postedByUserId(userState.getUserId()) .postedDate(LocalDateTime.now()) .build(); diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/develop/NoteController.java b/src/main/java/uk/gov/hmcts/opal/controllers/develop/NoteController.java index e94a87196..65e34f571 100644 --- a/src/main/java/uk/gov/hmcts/opal/controllers/develop/NoteController.java +++ b/src/main/java/uk/gov/hmcts/opal/controllers/develop/NoteController.java @@ -51,9 +51,10 @@ public ResponseEntity createNote( log.info(":POST:createNote: {}", noteDto.toPrettyJson()); UserState userState = userStateService.getUserStateUsingAuthToken(authHeaderValue); - BusinessUnitUserPermissions role = getRequiredRole(userState, noteDto.getBusinessUnitId()); + BusinessUnitUserPermissions businessUnitUserPermissions = getRequiredRole(userState, + noteDto.getBusinessUnitId()); - noteDto.setPostedBy(role.getBusinessUserId()); + noteDto.setPostedBy(businessUnitUserPermissions.getBusinessUnitUserId()); noteDto.setPostedByUserId(userState.getUserId()); NoteDto savedNoteDto = noteService.saveNote(noteDto); return new ResponseEntity<>(savedNoteDto, HttpStatus.CREATED); diff --git a/src/main/java/uk/gov/hmcts/opal/service/opal/BusinessUnitUserService.java b/src/main/java/uk/gov/hmcts/opal/service/opal/BusinessUnitUserService.java index 90df4bc37..d33a428e0 100644 --- a/src/main/java/uk/gov/hmcts/opal/service/opal/BusinessUnitUserService.java +++ b/src/main/java/uk/gov/hmcts/opal/service/opal/BusinessUnitUserService.java @@ -44,13 +44,14 @@ public List searchBusinessUnitUsers(BusinessUnitUserSear } /** - * Return a Set of Authorisation Roles mapped from BusinessUnitUsers keyed on the user id from the Users table. + * Return a Set of Authorisation Business Unit User Permissions mapped from BusinessUnitUsers keyed on the user + * id from the Users table. */ - public Set getAuthorisationRolesByUserId(Long userId) { + public Set getAuthorisationBusinessUnitPermissionsByUserId(Long userId) { List buuList = businessUnitUserRepository.findAllByUser_UserId(userId); return buuList.stream().map(buu -> BusinessUnitUserPermissions.builder() - .businessUserId(buu.getBusinessUnitUserId()) + .businessUnitUserId(buu.getBusinessUnitUserId()) .businessUnitId(buu.getBusinessUnit().getBusinessUnitId()) .permissions(userEntitlementService.getPermissionsByBusinessUnitUserId(buu.getBusinessUnitUserId())) .build()).collect(Collectors.toSet()); @@ -58,17 +59,17 @@ public Set getAuthorisationRolesByUserId(Long userI } /** - * Return a Set of 'cut down' Authorisation Roles mapped from BusinessUnitUsers keyed on the user id. - * This method is assuming that there are no Permissions for the Roles and so skips performing the additional - * repository queries that do get performed in the method above. + * Return a Set of 'cut down' Authorisation Business Unit Permissions mapped from Business Unit Users keyed on the + * user id. This method is assuming that there are no Permissions for the Business Unit Users and so skips + * performing the additional repository queries that do get performed in the method above. */ - public Set getLimitedRolesByUserId(Long userId) { + public Set getLimitedBusinessUnitPermissionsByUserId(Long userId) { List buuList = businessUnitUserRepository.findAllByUser_UserId(userId); return buuList.stream().map(buu -> BusinessUnitUserPermissions.builder() - .businessUserId(buu.getBusinessUnitUserId()) + .businessUnitUserId(buu.getBusinessUnitUserId()) .businessUnitId(buu.getBusinessUnit().getBusinessUnitId()) - .permissions(Collections.emptySet()) // We are assuming that Permissions exist for this Role. + .permissions(Collections.emptySet()) // Assuming that Permissions exist for BusinessUnitUserPermissions. .build()).collect(Collectors.toSet()); } diff --git a/src/main/java/uk/gov/hmcts/opal/service/opal/UserEntitlementService.java b/src/main/java/uk/gov/hmcts/opal/service/opal/UserEntitlementService.java index 796f719b4..8caeee348 100644 --- a/src/main/java/uk/gov/hmcts/opal/service/opal/UserEntitlementService.java +++ b/src/main/java/uk/gov/hmcts/opal/service/opal/UserEntitlementService.java @@ -8,8 +8,8 @@ import org.springframework.data.domain.Pageable; import org.springframework.stereotype.Service; import uk.gov.hmcts.opal.authentication.exception.AuthenticationException; -import uk.gov.hmcts.opal.authorisation.model.Permission; import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions; +import uk.gov.hmcts.opal.authorisation.model.Permission; import uk.gov.hmcts.opal.authorisation.model.UserState; import uk.gov.hmcts.opal.dto.search.UserEntitlementSearchDto; import uk.gov.hmcts.opal.entity.BusinessUnitUserEntity; @@ -82,8 +82,8 @@ public Optional getUserStateByUsername(String username) { return users.stream().findFirst().map(u -> UserState.builder() .userId(u.getUserId()) .userName(u.getUsername()) - .roles(businessUnitUsers.stream().map(buu -> BusinessUnitUserPermissions.builder() - .businessUserId(buu.getBusinessUnitUserId()) + .businessUnitUserPermissions(businessUnitUsers.stream().map(buu -> BusinessUnitUserPermissions.builder() + .businessUnitUserId(buu.getBusinessUnitUserId()) .businessUnitId(buu.getBusinessUnit().getBusinessUnitId()) .permissions(toPermissions(entitlementsMap.get(buu.getBusinessUnitUserId()))) .build()).collect(toSet())) diff --git a/src/main/java/uk/gov/hmcts/opal/service/opal/UserService.java b/src/main/java/uk/gov/hmcts/opal/service/opal/UserService.java index c6a8d93a0..644a8f1b2 100644 --- a/src/main/java/uk/gov/hmcts/opal/service/opal/UserService.java +++ b/src/main/java/uk/gov/hmcts/opal/service/opal/UserService.java @@ -56,12 +56,13 @@ public UserState getUserStateByUsername(String username) { return UserState.builder() .userId(user.getUserId()) .userName(user.getUsername()) - .roles(businessUnitUserService.getAuthorisationRolesByUserId(user.getUserId())) + .businessUnitUserPermissions(businessUnitUserService + .getAuthorisationBusinessUnitPermissionsByUserId(user.getUserId())) .build(); } /** - * Return a 'cut down' UserState object that that only tries to populate Roles but not Permissions. + * Return a 'cut down' UserState object that that only tries to populate Business Unit Users but not Permissions. * The assumption is that previous code has attempted to retrieve a UserState object via a query against * the UserEntitlementService, but failed. This could be because of a lack of Entitlements associated with * a BusinessUnitUnit, or a lack of BusinessUnitUsers associated with this user. So assuming there @@ -73,7 +74,8 @@ public Optional getLimitedUserStateByUsername(String username) { return userEntity.map(u -> UserState.builder() .userId(u.getUserId()) .userName(u.getUsername()) - .roles(businessUnitUserService.getLimitedRolesByUserId(u.getUserId())) + .businessUnitUserPermissions(businessUnitUserService + .getLimitedBusinessUnitPermissionsByUserId(u.getUserId())) .build()); } } diff --git a/src/main/java/uk/gov/hmcts/opal/service/opal/UserStateService.java b/src/main/java/uk/gov/hmcts/opal/service/opal/UserStateService.java index a7f6db19a..6fd29d0b0 100644 --- a/src/main/java/uk/gov/hmcts/opal/service/opal/UserStateService.java +++ b/src/main/java/uk/gov/hmcts/opal/service/opal/UserStateService.java @@ -15,7 +15,7 @@ @Slf4j(topic = "UserStateService") public class UserStateService { - protected static final String DEVELOPER_PERMISSIONS = "Dev-Role-Permissions"; + protected static final String DEVELOPER_PERMISSIONS = "Dev-BusinessUnitUserPermissions-Permissions"; private final AccessTokenService tokenService; diff --git a/src/main/java/uk/gov/hmcts/opal/util/PermissionUtil.java b/src/main/java/uk/gov/hmcts/opal/util/PermissionUtil.java index c4fe17547..42b08cf89 100644 --- a/src/main/java/uk/gov/hmcts/opal/util/PermissionUtil.java +++ b/src/main/java/uk/gov/hmcts/opal/util/PermissionUtil.java @@ -17,8 +17,9 @@ public static BusinessUnitUserPermissions getRequiredRole(UserState userState, S AccessDeniedException("User does not have an assigned role in business unit: " + businessUnitId)); } - public static boolean checkRoleHasPermission(BusinessUnitUserPermissions role, Permissions permission) { - if (role.doesNotHavePermission(permission)) { + public static boolean checkRoleHasPermission(BusinessUnitUserPermissions businessUnitUserPermissions, + Permissions permission) { + if (businessUnitUserPermissions.doesNotHavePermission(permission)) { throw new AccessDeniedException("User does not have the required permission: " + permission.description); } return true; @@ -37,12 +38,12 @@ public static List filterBusinessUnitsByPermissi return optPermission.map( permission -> { - UserState.UserRoles userRoles = userStateService + UserState.UserBusinessUnits userBusinessUnits = userStateService .getUserStateUsingAuthToken(authHeaderValue) - .allRolesWithPermission(permission); + .allBusinessUnitUsersWithPermission(permission); return refData .stream() - .filter(bu -> userRoles + .filter(bu -> userBusinessUnits .containsBusinessUnit(bu.getBusinessUnitId())) .toList(); }).orElse(refData); diff --git a/src/test/java/uk/gov/hmcts/opal/authentication/aspect/LogAuditDetailsAspectTest.java b/src/test/java/uk/gov/hmcts/opal/authentication/aspect/LogAuditDetailsAspectTest.java index 92d56f9b2..72931bbcd 100644 --- a/src/test/java/uk/gov/hmcts/opal/authentication/aspect/LogAuditDetailsAspectTest.java +++ b/src/test/java/uk/gov/hmcts/opal/authentication/aspect/LogAuditDetailsAspectTest.java @@ -32,9 +32,9 @@ class LogAuditDetailsAspectTest { private static final UserState USER_STATE = UserState.builder() .userName("name") .userId(123L) - .roles(Set.of(BusinessUnitUserPermissions.builder() + .businessUnitUserPermissions(Set.of(BusinessUnitUserPermissions.builder() .businessUnitId((short) 123) - .businessUserId("BU123") + .businessUnitUserId("BU123") .permissions(Set.of( Permission.builder() .permissionId(1L) diff --git a/src/test/java/uk/gov/hmcts/opal/authentication/aspect/UserStateAspectServiceTest.java b/src/test/java/uk/gov/hmcts/opal/authentication/aspect/UserStateAspectServiceTest.java index 57aa5e9ae..62ed0a1a9 100644 --- a/src/test/java/uk/gov/hmcts/opal/authentication/aspect/UserStateAspectServiceTest.java +++ b/src/test/java/uk/gov/hmcts/opal/authentication/aspect/UserStateAspectServiceTest.java @@ -47,9 +47,9 @@ class UserStateAspectServiceTest { private static final UserState USER_STATE = UserState.builder() .userName("name") .userId(123L) - .roles(Set.of(BusinessUnitUserPermissions.builder() + .businessUnitUserPermissions(Set.of(BusinessUnitUserPermissions.builder() .businessUnitId((short) 123) - .businessUserId("BU123") + .businessUnitUserId("BU123") .permissions(Set.of( Permission.builder() .permissionId(1L) diff --git a/src/test/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectServiceTest.java b/src/test/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectServiceTest.java index 5c90a2b98..5ac0cc2a6 100644 --- a/src/test/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectServiceTest.java +++ b/src/test/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectServiceTest.java @@ -14,8 +14,8 @@ import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import uk.gov.hmcts.opal.authentication.aspect.AccessTokenParam; -import uk.gov.hmcts.opal.authorisation.model.Permission; import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions; +import uk.gov.hmcts.opal.authorisation.model.Permission; import uk.gov.hmcts.opal.authorisation.model.UserState; import uk.gov.hmcts.opal.dto.AddNoteDto; @@ -33,9 +33,9 @@ @ExtendWith(MockitoExtension.class) class AuthorizationAspectServiceTest { - static final BusinessUnitUserPermissions ROLE = BusinessUnitUserPermissions.builder() + static final BusinessUnitUserPermissions BUSINESS_UNIT_USER_PERMISSIONS = BusinessUnitUserPermissions.builder() .businessUnitId((short) 12) - .businessUserId("BU123") + .businessUnitUserId("BU123") .permissions(Set.of( Permission.builder() .permissionId(1L) @@ -45,7 +45,7 @@ class AuthorizationAspectServiceTest { static final UserState USER_STATE = UserState.builder() .userId(123L).userName("John Smith") - .roles(Set.of(ROLE)) + .businessUnitUserPermissions(Set.of(BUSINESS_UNIT_USER_PERMISSIONS)) .build(); @MockBean @@ -151,12 +151,13 @@ void getAuthorization_WhenRequestAttributesNull_ReturnsOptionalEmpty() { } @Nested - class GetRole { + class GetBusinessUnitUserPermissions { @Test void getRole_WhenInvalidArguments() { Object[] args = {"invalid"}; String expectedMessage = "Can't infer the role for user John Smith." - + " Annotated method needs to have arguments of types (Role, AddNoteDto, NoteDto)."; + + " Annotated method needs to have arguments of types" + + " (BusinessUnitUserPermissions, AddNoteDto, NoteDto)."; RoleNotFoundException exception = assertThrows( RoleNotFoundException.class, @@ -171,19 +172,21 @@ void getRole_WhenAddNoteDtoArgument() { AddNoteDto addNoteDto = AddNoteDto.builder().businessUnitId((short) 12).build(); Object[] args = {addNoteDto}; - BusinessUnitUserPermissions actualRole = authorizationAspectService.getRole(args, USER_STATE); + BusinessUnitUserPermissions actualBusinessUnitUserPermissions = authorizationAspectService + .getRole(args, USER_STATE); - assertEquals(ROLE, actualRole); + assertEquals(BUSINESS_UNIT_USER_PERMISSIONS, actualBusinessUnitUserPermissions); } @Test void getRole_WhenRoleArgument() { - BusinessUnitUserPermissions expectedRole = ROLE; - Object[] args = {expectedRole}; + BusinessUnitUserPermissions expectedBusinessUnitUserPermissions = BUSINESS_UNIT_USER_PERMISSIONS; + Object[] args = {expectedBusinessUnitUserPermissions}; - BusinessUnitUserPermissions actualRole = authorizationAspectService.getRole(args, USER_STATE); + BusinessUnitUserPermissions actualBusinessUnitUserPermissions = authorizationAspectService + .getRole(args, USER_STATE); - assertEquals(expectedRole, actualRole); + assertEquals(expectedBusinessUnitUserPermissions, actualBusinessUnitUserPermissions); } } diff --git a/src/test/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectTest.java b/src/test/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectTest.java index fb80b137a..399124b86 100644 --- a/src/test/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectTest.java +++ b/src/test/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectTest.java @@ -13,9 +13,9 @@ import org.springframework.security.access.AccessDeniedException; import uk.gov.hmcts.opal.authentication.aspect.UserStateAspectService; import uk.gov.hmcts.opal.authentication.exception.MissingRequestHeaderException; +import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions; import uk.gov.hmcts.opal.authorisation.model.Permission; import uk.gov.hmcts.opal.authorisation.model.Permissions; -import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions; import uk.gov.hmcts.opal.authorisation.model.UserState; import uk.gov.hmcts.opal.service.opal.UserStateService; @@ -34,9 +34,9 @@ @ExtendWith(MockitoExtension.class) class AuthorizationAspectTest { - static final BusinessUnitUserPermissions ROLE = BusinessUnitUserPermissions.builder() + static final BusinessUnitUserPermissions BUSINESS_UNIT_USER_PERMISSIONS = BusinessUnitUserPermissions.builder() .businessUnitId((short) 123) - .businessUserId("BU123") + .businessUnitUserId("BU123") .permissions(Set.of( Permission.builder() .permissionId(54L) @@ -46,7 +46,7 @@ class AuthorizationAspectTest { static final UserState USER_STATE = UserState.builder() .userName("name") .userId(123L) - .roles(Set.of(ROLE)) + .businessUnitUserPermissions(Set.of(BUSINESS_UNIT_USER_PERMISSIONS)) .build(); @MockBean @@ -68,7 +68,7 @@ class AuthorizationAspectTest { AuthorizationAspect authorizationAspect; @Nested - class AuthorizedAnyRoleHasPermissionAspect { + class AuthorizedAnyBusinessUnitUserPermissionsHasPermissionAspect { @Test void checkAuthorization_WhenAuthorizationHeaderMissing_ThrowsException() { @@ -122,7 +122,7 @@ void checkAuthorization_WhenUserDoesNotHavePermission_ThrowsException() throws T } @Nested - class AuthorizedRoleHasPermissionAspect { + class AuthorizedBusinessUnitUserPermissionsHasPermissionAspect { @Test void checkAuthorization_WhenUserHasPermission_ReturnsProceededObject() throws Throwable { @@ -133,7 +133,7 @@ void checkAuthorization_WhenUserHasPermission_ReturnsProceededObject() throws Th when(joinPoint.proceed()).thenReturn(new Object()); when(authorizedRoleHasPermission.value()).thenReturn(Permissions.ACCOUNT_ENQUIRY); - when(authorizationAspectService.getRole(any(), any())).thenReturn(ROLE); + when(authorizationAspectService.getRole(any(), any())).thenReturn(BUSINESS_UNIT_USER_PERMISSIONS); Object result = authorizationAspect.checkAuthorization(joinPoint, authorizedRoleHasPermission); @@ -149,7 +149,7 @@ void checkAuthorization_WhenUserDoesNotHavePermission_ThrowsException() throws T when(joinPoint.proceed()).thenReturn(new Object()); when(authorizedRoleHasPermission.value()).thenReturn(Permissions.ACCOUNT_ENQUIRY_NOTES); - when(authorizationAspectService.getRole(any(), any())).thenReturn(ROLE); + when(authorizationAspectService.getRole(any(), any())).thenReturn(BUSINESS_UNIT_USER_PERMISSIONS); AccessDeniedException exception = Assertions.assertThrows( AccessDeniedException.class, diff --git a/src/test/java/uk/gov/hmcts/opal/controllers/BusinessUnitControllerTest.java b/src/test/java/uk/gov/hmcts/opal/controllers/BusinessUnitControllerTest.java index 0f711c8f9..720fe2b18 100644 --- a/src/test/java/uk/gov/hmcts/opal/controllers/BusinessUnitControllerTest.java +++ b/src/test/java/uk/gov/hmcts/opal/controllers/BusinessUnitControllerTest.java @@ -10,7 +10,7 @@ import org.springframework.http.ResponseEntity; import uk.gov.hmcts.opal.authorisation.model.Permissions; import uk.gov.hmcts.opal.authorisation.model.UserState; -import uk.gov.hmcts.opal.authorisation.model.UserState.UserRoles; +import uk.gov.hmcts.opal.authorisation.model.UserState.UserBusinessUnits; import uk.gov.hmcts.opal.dto.reference.BusinessUnitReferenceDataResults; import uk.gov.hmcts.opal.dto.search.BusinessUnitSearchDto; import uk.gov.hmcts.opal.entity.BusinessUnitEntity; @@ -107,7 +107,7 @@ void testGetBusinessUnitsRefData_Permission_Success() { when(businessUnitService.getReferenceData(any())).thenReturn(businessUnitList); when(userStateService.getUserStateUsingAuthToken(anyString())).thenReturn(userState); - when(userState.allRolesWithPermission(any())).thenReturn(new TestUserRoles(true)); + when(userState.allBusinessUnitUsersWithPermission(any())).thenReturn(new TestUserBusinessUnits(true)); // Act Optional filter = Optional.empty(); @@ -133,7 +133,7 @@ void testGetBusinessUnitsRefData_Permission_Empty() { when(businessUnitService.getReferenceData(any())).thenReturn(businessUnitList); when(userStateService.getUserStateUsingAuthToken(anyString())).thenReturn(userState); - when(userState.allRolesWithPermission(any())).thenReturn(new TestUserRoles(false)); + when(userState.allBusinessUnitUsersWithPermission(any())).thenReturn(new TestUserBusinessUnits(false)); // Act Optional filter = Optional.empty(); @@ -159,10 +159,10 @@ private BusinessUnitReferenceData createBusinessUnitReferenceData() { } - private class TestUserRoles implements UserRoles { + private class TestUserBusinessUnits implements UserBusinessUnits { private final boolean contains; - public TestUserRoles(boolean contains) { + public TestUserBusinessUnits(boolean contains) { this.contains = contains; } diff --git a/src/test/java/uk/gov/hmcts/opal/controllers/UserStateBuilder.java b/src/test/java/uk/gov/hmcts/opal/controllers/UserStateBuilder.java index 2c425dd18..f50bf6902 100644 --- a/src/test/java/uk/gov/hmcts/opal/controllers/UserStateBuilder.java +++ b/src/test/java/uk/gov/hmcts/opal/controllers/UserStateBuilder.java @@ -23,17 +23,17 @@ public static UserState createUserState() { )))); } - public static UserState createUserState(Set roles) { + public static UserState createUserState(Set businessUnitUserPermissions) { return UserState.builder() .userId(345L) .userName("John Smith") - .roles(roles) + .businessUnitUserPermissions(businessUnitUserPermissions) .build(); } public static BusinessUnitUserPermissions createRole(Set permissions) { return BusinessUnitUserPermissions.builder() - .businessUserId("JK0320") + .businessUnitUserId("JK0320") .businessUnitId((short)50) .permissions(permissions) .build(); diff --git a/src/test/java/uk/gov/hmcts/opal/service/opal/BusinessUnitUserServiceTest.java b/src/test/java/uk/gov/hmcts/opal/service/opal/BusinessUnitUserServiceTest.java index 1fc9333fd..cd60658f6 100644 --- a/src/test/java/uk/gov/hmcts/opal/service/opal/BusinessUnitUserServiceTest.java +++ b/src/test/java/uk/gov/hmcts/opal/service/opal/BusinessUnitUserServiceTest.java @@ -78,7 +78,7 @@ void testSearchBusinessUnitUsers() { } @Test - void testGetAuthorisationRolesByUserId() { + void testGetAuthorisationBusinessUnitPermissionsByUserId() { // Arrange BusinessUnitEntity bue = BusinessUnitEntity.builder().businessUnitId((short)100).build(); BusinessUnitUserEntity businessUnitUserEntity = BusinessUnitUserEntity.builder() @@ -88,7 +88,8 @@ void testGetAuthorisationRolesByUserId() { when(userEntitlementService.getPermissionsByBusinessUnitUserId(any())).thenReturn(Collections.emptySet()); // Act - Set result = businessUnitUserService.getAuthorisationRolesByUserId(0L); + Set result = businessUnitUserService + .getAuthorisationBusinessUnitPermissionsByUserId(0L); // Assert assertNotNull(result); @@ -97,7 +98,7 @@ void testGetAuthorisationRolesByUserId() { } @Test - void testGetLimitedRolesByUserId() { + void testGetLimitedBusinessUnitPermissionsByUserId() { // Arrange BusinessUnitEntity bue = BusinessUnitEntity.builder().businessUnitId((short)100).build(); BusinessUnitUserEntity businessUnitUserEntity = BusinessUnitUserEntity.builder() @@ -106,7 +107,7 @@ void testGetLimitedRolesByUserId() { when(businessUnitUserRepository.findAllByUser_UserId(any())).thenReturn(list); // Act - Set result = businessUnitUserService.getLimitedRolesByUserId(0L); + Set result = businessUnitUserService.getLimitedBusinessUnitPermissionsByUserId(0L); // Assert assertNotNull(result); diff --git a/src/test/java/uk/gov/hmcts/opal/service/opal/UserServiceTest.java b/src/test/java/uk/gov/hmcts/opal/service/opal/UserServiceTest.java index d235b8763..8ba230ff3 100644 --- a/src/test/java/uk/gov/hmcts/opal/service/opal/UserServiceTest.java +++ b/src/test/java/uk/gov/hmcts/opal/service/opal/UserServiceTest.java @@ -80,7 +80,8 @@ void testGetUserStateByUsername() { // Arrange UserEntity userEntity = UserEntity.builder().userId(123L).username("John Smith").build(); when(userRepository.findByUsername(any())).thenReturn(userEntity); - when(businessUnitUserService.getAuthorisationRolesByUserId(any())).thenReturn(Collections.emptySet()); + when(businessUnitUserService.getAuthorisationBusinessUnitPermissionsByUserId(any())) + .thenReturn(Collections.emptySet()); // Act UserState result = userService.getUserStateByUsername(""); diff --git a/src/test/java/uk/gov/hmcts/opal/util/PermissionUtilTest.java b/src/test/java/uk/gov/hmcts/opal/util/PermissionUtilTest.java index 045dcf097..69a20762b 100644 --- a/src/test/java/uk/gov/hmcts/opal/util/PermissionUtilTest.java +++ b/src/test/java/uk/gov/hmcts/opal/util/PermissionUtilTest.java @@ -2,8 +2,8 @@ import org.junit.jupiter.api.Test; import org.springframework.security.access.AccessDeniedException; -import uk.gov.hmcts.opal.authorisation.model.Permissions; import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions; +import uk.gov.hmcts.opal.authorisation.model.Permissions; import uk.gov.hmcts.opal.authorisation.model.UserState; import java.util.Collections; @@ -20,28 +20,28 @@ class PermissionUtilTest { @Test void testCheckRoleHasPermission_success() { - BusinessUnitUserPermissions role = createRole(createSinglePermissions(41L)); + BusinessUnitUserPermissions businessUnitUserPermissions = createRole(createSinglePermissions(41L)); Permissions permission = Permissions.ACCOUNT_ENQUIRY_NOTES; - assertTrue(PermissionUtil.checkRoleHasPermission(role, permission)); + assertTrue(PermissionUtil.checkRoleHasPermission(businessUnitUserPermissions, permission)); } @Test void testCheckRoleHasPermission_fail1() { - BusinessUnitUserPermissions role = createRole(Collections.emptySet()); + BusinessUnitUserPermissions businessUnitUserPermissions = createRole(Collections.emptySet()); Permissions permission = Permissions.ACCOUNT_ENQUIRY; AccessDeniedException ade = assertThrows( AccessDeniedException.class, - () -> PermissionUtil.checkRoleHasPermission(role, permission)); + () -> PermissionUtil.checkRoleHasPermission(businessUnitUserPermissions, permission)); assertEquals("User does not have the required permission: Account Enquiry", ade.getMessage()); } @Test void testCheckRoleHasPermission_fail2() { - BusinessUnitUserPermissions role = createRole(createSinglePermissions(41L)); + BusinessUnitUserPermissions businessUnitUserPermissions = createRole(createSinglePermissions(41L)); Permissions permission = Permissions.ACCOUNT_ENQUIRY; AccessDeniedException ade = assertThrows( AccessDeniedException.class, - () -> PermissionUtil.checkRoleHasPermission(role, permission)); + () -> PermissionUtil.checkRoleHasPermission(businessUnitUserPermissions, permission)); assertEquals("User does not have the required permission: Account Enquiry", ade.getMessage()); }