Rename 'Roles' object to 'BusinessUnitUserPermissions'

src/integrationTest/java/uk/gov/hmcts/opal/authentication/controller/AuthenticationInternalUserControllerTest.java

@@ -13,7 +13,7 @@
 import uk.gov.hmcts.opal.authentication.service.AccessTokenService;
 import uk.gov.hmcts.opal.authentication.service.AuthenticationService;
 import uk.gov.hmcts.opal.authorisation.model.Permission;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.authorisation.service.AuthorisationService;
 
@@ -67,7 +67,7 @@ void testHandleOauthCode() throws Exception {
  UserState userState = UserState.builder()
  .userName("name")
  .userId(123L)
- .roles(Set.of(Role.builder()
+ .roles(Set.of(BusinessUnitUserPermissions.builder()
  .businessUnitId((short) 123)
  .businessUserId("BU123")
  .permissions(Set.of(

src/integrationTest/java/uk/gov/hmcts/opal/controllers/TestingSupportControllerTest.java

@@ -13,7 +13,7 @@
 import uk.gov.hmcts.opal.authentication.model.SecurityToken;
 import uk.gov.hmcts.opal.authentication.service.AccessTokenService;
 import uk.gov.hmcts.opal.authorisation.model.Permission;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.authorisation.service.AuthorisationService;
 import uk.gov.hmcts.opal.dto.AppMode;
@@ -40,7 +40,7 @@ class TestingSupportControllerTest {
  private static final UserState USER_STATE = UserState.builder()
  .userName("name")
  .userId(123L)
- .roles(Set.of(Role.builder()
+ .roles(Set.of(BusinessUnitUserPermissions.builder()
  .businessUnitId((short) 123)
  .businessUserId("BU123")
  .permissions(Set.of(

src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspect.java

@@ -6,7 +6,7 @@
 import org.aspectj.lang.annotation.Aspect;
 import org.springframework.stereotype.Component;
 import uk.gov.hmcts.opal.authentication.aspect.UserStateAspectService;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 
 import static uk.gov.hmcts.opal.util.PermissionUtil.checkAnyRoleHasPermission;
@@ -40,11 +40,10 @@ public Object checkAuthorization(ProceedingJoinPoint joinPoint,
  Object[] args = joinPoint.getArgs();
  UserState userState = userStateAspectService.getUserState(joinPoint);
 
- Role role = authorizationAspectService.getRole(args, userState);
+ BusinessUnitUserPermissions role = authorizationAspectService.getRole(args, userState);
  if (checkRoleHasPermission(role, authorizedRoleHasPermission.value())) {
  return joinPoint.proceed();
  }
  throw new PermissionNotAllowedException(authorizedRoleHasPermission.value(), role);
  }
 }
-

src/main/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectService.java

@@ -7,7 +7,7 @@
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import uk.gov.hmcts.opal.authentication.aspect.AccessTokenParam;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.dto.AddNoteDto;
 import uk.gov.hmcts.opal.dto.NoteDto;
@@ -55,10 +55,10 @@ public Optional<String> getAuthorization(String authHeaderValue) {
  return Optional.empty();
  }
 
- public Role getRole(Object[] args, UserState userState) {
+ public BusinessUnitUserPermissions getRole(Object[] args, UserState userState) {
  for (Object arg : args) {
- if (arg instanceof Role) {
- return (Role) arg;
+ if (arg instanceof BusinessUnitUserPermissions) {
+ return (BusinessUnitUserPermissions) arg;
  } else if (arg instanceof AddNoteDto addNoteDto) {
  return getRequiredRole(userState, addNoteDto.getBusinessUnitId());
  } else if (arg instanceof NoteDto noteDto) {

src/main/java/uk/gov/hmcts/opal/authorisation/aspect/PermissionNotAllowedException.java

@@ -2,21 +2,21 @@
 
 import lombok.Getter;
 import uk.gov.hmcts.opal.authorisation.model.Permissions;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 
 @Getter
 public class PermissionNotAllowedException extends RuntimeException {
 
  private final Permissions permission;
- private final Role role;
+ private final BusinessUnitUserPermissions role;
 
  public PermissionNotAllowedException(Permissions value) {
  super(value + " permission is not allowed for the user");
  this.permission = value;
  this.role = null;
  }
 
- public PermissionNotAllowedException(Permissions permission, Role role) {
+ public PermissionNotAllowedException(Permissions permission, BusinessUnitUserPermissions role) {
  super(permission + " permission is not allowed for the role " + role);
  this.permission = permission;
  this.role = role;

src/main/java/uk/gov/hmcts/opal/authorisation/model/Role.java → src/main/java/uk/gov/hmcts/opal/authorisation/model/BusinessUnitUserPermissions.java

@@ -12,7 +12,7 @@
 
 @Builder
 @Data
-public class Role {
+public class BusinessUnitUserPermissions {
 
  @NonNull
  String businessUserId;
@@ -25,9 +25,9 @@ public class Role {
  Set<Permission> permissions;
 
  @JsonCreator
- public Role(@JsonProperty("business_user_id") String businessUserId,
- @JsonProperty("business_unit_id") Short businessUnitId,
- @JsonProperty("permissions") Set<Permission> permissions) {
+ public BusinessUnitUserPermissions(@JsonProperty("business_user_id") String businessUserId,
+  @JsonProperty("business_unit_id") Short businessUnitId,
+  @JsonProperty("permissions") Set<Permission> permissions) {
 
  this.businessUserId = businessUserId;
  this.businessUnitId = businessUnitId;
@@ -46,7 +46,7 @@ public boolean matchesBusinessUnitId(Short roleBusinessUnitId) {
  return businessUnitId.equals(roleBusinessUnitId);
  }
 
- public static class DeveloperRole extends Role {
+ public static class DeveloperRole extends BusinessUnitUserPermissions {
  DeveloperRole() {
  super("", Short.MAX_VALUE, Collections.emptySet());
  }

src/main/java/uk/gov/hmcts/opal/authorisation/model/UserState.java

@@ -6,7 +6,7 @@
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NonNull;
-import uk.gov.hmcts.opal.authorisation.model.Role.DeveloperRole;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions.DeveloperRole;
 
 import java.util.Collections;
 import java.util.Optional;
@@ -24,13 +24,13 @@ public class UserState {
  String userName;
 
  @EqualsAndHashCode.Exclude
- Set<Role> roles;
+ Set<BusinessUnitUserPermissions> roles;
 
  @JsonCreator
  public UserState(
  @JsonProperty("user_id") Long userId,
  @JsonProperty("user_name") String userName,
- @JsonProperty("roles") Set<Role> roles
+ @JsonProperty("roles") Set<BusinessUnitUserPermissions> roles
  ) {
  this.userId = userId;
  this.userName = userName;
@@ -58,7 +58,7 @@ public boolean hasRoleWithPermission(short roleBusinessUnitId, Permissions permi
  .anyMatch(r -> r.hasPermission(permission));
  }
 
- public Optional<Role> getRoleForBusinessUnit(Short businessUnitId) {
+ public Optional<BusinessUnitUserPermissions> getRoleForBusinessUnit(Short businessUnitId) {
  return roles.stream()
  .filter(r -> r.matchesBusinessUnitId(businessUnitId))
  .findFirst();
@@ -69,10 +69,10 @@ public static interface UserRoles {
  }
 
  public static class UserRolesImpl implements UserRoles {
- private final Set<Role> roles;
+ private final Set<BusinessUnitUserPermissions> roles;
  private final Set<Short> businessUnits;
 
- public UserRolesImpl(Set<Role> roles) {
+ public UserRolesImpl(Set<BusinessUnitUserPermissions> roles) {
  this.roles = roles;
  businessUnits = roles.stream().map(r -> r.getBusinessUnitId()).collect(Collectors.toSet());
  }
@@ -83,7 +83,7 @@ public boolean containsBusinessUnit(Short businessUnitId) {
  }
 
  public static class DeveloperUserState extends UserState {
- private static final Optional<Role> DEV_ROLE = Optional.of(new DeveloperRole());
+ private static final Optional<BusinessUnitUserPermissions> DEV_ROLE = Optional.of(new DeveloperRole());
 
  public DeveloperUserState() {
  super(0L, "Developer_User", Collections.emptySet());
@@ -95,7 +95,7 @@ public boolean anyRoleHasPermission(Permissions permission) {
  }
 
  @Override
- public Optional<Role> getRoleForBusinessUnit(Short businessUnitId) {
+ public Optional<BusinessUnitUserPermissions> getRoleForBusinessUnit(Short businessUnitId) {
  return DEV_ROLE;
  }
 

src/main/java/uk/gov/hmcts/opal/controllers/DefendantAccountController.java

@@ -15,7 +15,7 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.dto.AccountDetailsDto;
 import uk.gov.hmcts.opal.dto.AccountEnquiryDto;
@@ -117,7 +117,7 @@ public ResponseEntity<NoteDto> addNote(
  log.info(":POST:addNote: {}", addNote.toPrettyJson());
 
  UserState userState = userStateService.getUserStateUsingAuthToken(authHeaderValue);
- Role role = getRequiredRole(userState, addNote.getBusinessUnitId());
+ BusinessUnitUserPermissions role = getRequiredRole(userState, addNote.getBusinessUnitId());
 
  NoteDto noteDto = NoteDto.builder()
  .associatedRecordId(addNote.getAssociatedRecordId())

src/main/java/uk/gov/hmcts/opal/controllers/develop/NoteController.java

@@ -14,7 +14,7 @@
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.dto.NoteDto;
 import uk.gov.hmcts.opal.dto.search.NoteSearchDto;
@@ -51,7 +51,7 @@ public ResponseEntity<NoteDto> createNote(
  log.info(":POST:createNote: {}", noteDto.toPrettyJson());
 
  UserState userState = userStateService.getUserStateUsingAuthToken(authHeaderValue);
- Role role = getRequiredRole(userState, noteDto.getBusinessUnitId());
+ BusinessUnitUserPermissions role = getRequiredRole(userState, noteDto.getBusinessUnitId());
 
  noteDto.setPostedBy(role.getBusinessUserId());
  noteDto.setPostedByUserId(userState.getUserId());

src/main/java/uk/gov/hmcts/opal/service/opal/BusinessUnitUserService.java

@@ -6,7 +6,7 @@
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.stereotype.Service;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.dto.search.BusinessUnitUserSearchDto;
 import uk.gov.hmcts.opal.entity.BusinessUnitUserEntity;
 import uk.gov.hmcts.opal.repository.BusinessUnitUserRepository;
@@ -46,10 +46,10 @@ public List<BusinessUnitUserEntity> searchBusinessUnitUsers(BusinessUnitUserSear
  /**
  * Return a Set of Authorisation Roles mapped from BusinessUnitUsers keyed on the user id from the Users table.
  */
- public Set<Role> getAuthorisationRolesByUserId(Long userId) {
+ public Set<BusinessUnitUserPermissions> getAuthorisationRolesByUserId(Long userId) {
  List<BusinessUnitUserEntity> buuList = businessUnitUserRepository.findAllByUser_UserId(userId);
 
- return buuList.stream().map(buu -> Role.builder()
+ return buuList.stream().map(buu -> BusinessUnitUserPermissions.builder()
  .businessUserId(buu.getBusinessUnitUserId())
  .businessUnitId(buu.getBusinessUnit().getBusinessUnitId())
  .permissions(userEntitlementService.getPermissionsByBusinessUnitUserId(buu.getBusinessUnitUserId()))
@@ -62,10 +62,10 @@ public Set<Role> getAuthorisationRolesByUserId(Long userId) {
  * This method is assuming that there are no Permissions for the Roles and so skips performing the additional
  * repository queries that <i>do</i> get performed in the method above.
  */
- public Set<Role> getLimitedRolesByUserId(Long userId) {
+ public Set<BusinessUnitUserPermissions> getLimitedRolesByUserId(Long userId) {
  List<BusinessUnitUserEntity> buuList = businessUnitUserRepository.findAllByUser_UserId(userId);
 
- return buuList.stream().map(buu -> Role.builder()
+ return buuList.stream().map(buu -> BusinessUnitUserPermissions.builder()
  .businessUserId(buu.getBusinessUnitUserId())
  .businessUnitId(buu.getBusinessUnit().getBusinessUnitId())
  .permissions(Collections.emptySet()) // We are assuming that Permissions exist for this Role.

src/main/java/uk/gov/hmcts/opal/service/opal/UserEntitlementService.java

@@ -9,7 +9,7 @@
 import org.springframework.stereotype.Service;
 import uk.gov.hmcts.opal.authentication.exception.AuthenticationException;
 import uk.gov.hmcts.opal.authorisation.model.Permission;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.dto.search.UserEntitlementSearchDto;
 import uk.gov.hmcts.opal.entity.BusinessUnitUserEntity;
@@ -82,7 +82,7 @@ public Optional<UserState> getUserStateByUsername(String username) {
  return users.stream().findFirst().map(u -> UserState.builder()
  .userId(u.getUserId())
  .userName(u.getUsername())
- .roles(businessUnitUsers.stream().map(buu -> Role.builder()
+ .roles(businessUnitUsers.stream().map(buu -> BusinessUnitUserPermissions.builder()
  .businessUserId(buu.getBusinessUnitUserId())
  .businessUnitId(buu.getBusinessUnit().getBusinessUnitId())
  .permissions(toPermissions(entitlementsMap.get(buu.getBusinessUnitUserId())))

src/main/java/uk/gov/hmcts/opal/util/PermissionUtil.java

@@ -2,7 +2,7 @@
 
 import org.springframework.security.access.AccessDeniedException;
 import uk.gov.hmcts.opal.authorisation.model.Permissions;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.entity.BusinessUnitRef;
 import uk.gov.hmcts.opal.service.opal.UserStateService;
@@ -12,12 +12,12 @@
 
 public class PermissionUtil {
 
- public static Role getRequiredRole(UserState userState, Short businessUnitId) {
+ public static BusinessUnitUserPermissions getRequiredRole(UserState userState, Short businessUnitId) {
  return userState.getRoleForBusinessUnit(businessUnitId).orElseThrow(() -> new
  AccessDeniedException("User does not have an assigned role in business unit: " + businessUnitId));
  }
 
- public static boolean checkRoleHasPermission(Role role, Permissions permission) {
+ public static boolean checkRoleHasPermission(BusinessUnitUserPermissions role, Permissions permission) {
  if (role.doesNotHavePermission(permission)) {
  throw new AccessDeniedException("User does not have the required permission: " + permission.description);
  }

src/test/java/uk/gov/hmcts/opal/authentication/aspect/LogAuditDetailsAspectTest.java

@@ -13,7 +13,7 @@
 import uk.gov.hmcts.opal.authentication.exception.MissingRequestHeaderException;
 import uk.gov.hmcts.opal.authorisation.model.LogActions;
 import uk.gov.hmcts.opal.authorisation.model.Permission;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.dto.AddLogAuditDetailDto;
 import uk.gov.hmcts.opal.service.opal.LogAuditDetailService;
@@ -32,7 +32,7 @@ class LogAuditDetailsAspectTest {
  private static final UserState USER_STATE = UserState.builder()
  .userName("name")
  .userId(123L)
- .roles(Set.of(Role.builder()
+ .roles(Set.of(BusinessUnitUserPermissions.builder()
  .businessUnitId((short) 123)
  .businessUserId("BU123")
  .permissions(Set.of(
@@ -162,4 +162,3 @@ void writeAuditLog_shouldHandleGeneralExceptionGracefully() {
  }
  }
 }
-

src/test/java/uk/gov/hmcts/opal/authentication/aspect/UserStateAspectServiceTest.java

@@ -11,7 +11,7 @@
 import uk.gov.hmcts.opal.authentication.exception.MissingRequestHeaderException;
 import uk.gov.hmcts.opal.authorisation.aspect.AuthorizationAspectService;
 import uk.gov.hmcts.opal.authorisation.model.Permission;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.service.opal.UserStateService;
 
@@ -47,7 +47,7 @@ class UserStateAspectServiceTest {
  private static final UserState USER_STATE = UserState.builder()
  .userName("name")
  .userId(123L)
- .roles(Set.of(Role.builder()
+ .roles(Set.of(BusinessUnitUserPermissions.builder()
  .businessUnitId((short) 123)
  .businessUserId("BU123")
  .permissions(Set.of(

src/test/java/uk/gov/hmcts/opal/authorisation/aspect/AuthorizationAspectServiceTest.java

@@ -15,7 +15,7 @@
 import org.springframework.web.context.request.ServletRequestAttributes;
 import uk.gov.hmcts.opal.authentication.aspect.AccessTokenParam;
 import uk.gov.hmcts.opal.authorisation.model.Permission;
-import uk.gov.hmcts.opal.authorisation.model.Role;
+import uk.gov.hmcts.opal.authorisation.model.BusinessUnitUserPermissions;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.dto.AddNoteDto;
 
@@ -33,7 +33,7 @@
 @ExtendWith(MockitoExtension.class)
 class AuthorizationAspectServiceTest {
 
- static final Role ROLE = Role.builder()
+ static final BusinessUnitUserPermissions ROLE = BusinessUnitUserPermissions.builder()
  .businessUnitId((short) 12)
  .businessUserId("BU123")
  .permissions(Set.of(
@@ -171,17 +171,17 @@ void getRole_WhenAddNoteDtoArgument() {
  AddNoteDto addNoteDto = AddNoteDto.builder().businessUnitId((short) 12).build();
  Object[] args = {addNoteDto};
 
- Role actualRole = authorizationAspectService.getRole(args, USER_STATE);
+ BusinessUnitUserPermissions actualRole = authorizationAspectService.getRole(args, USER_STATE);
 
  assertEquals(ROLE, actualRole);
  }
 
  @Test
  void getRole_WhenRoleArgument() {
- Role expectedRole = ROLE;
+ BusinessUnitUserPermissions expectedRole = ROLE;
  Object[] args = {expectedRole};
 
- Role actualRole = authorizationAspectService.getRole(args, USER_STATE);
+ BusinessUnitUserPermissions actualRole = authorizationAspectService.getRole(args, USER_STATE);
 
  assertEquals(expectedRole, actualRole);
  }