Merge pull request #2407 from hongwei1/develop

feature/updated methods

obp-api/src/main/resources/i18n/lift-core_es_ES.properties

@@ -718,7 +718,7 @@ OBP-30030 = se pudo insertar el Producto
 OBP-30031 = se ha podido actualizar el Producto
 OBP-30032 = se pudo insertar la tarjeta
 OBP-30033 = se ha podido actualizar la tarjeta
-OBP-30034 = ViewId no es soportado. Sólo admite cuatro ahora':  Owner, Accountant, Auditor, _Public.
+OBP-30034 = ViewId no es soportado. Sólo admite cuatro ahora':  owner, accountant, auditor, _public.
 OBP-30035 = se ha encontrado el enlace con el cliente
 OBP-30036 = se ha podido crear o actualizar CounterpartyMetadata
 OBP-30037 = se han encontrado los metadatos de la contraparte. Por favor, especifique valores válidos para BANK_ID, ACCOUNT_ID y COUNTERPARTY_ID. 

obp-api/src/main/scala/code/api/OAuth2.scala

@@ -27,7 +27,6 @@ TESOBE (http://www.tesobe.com/)
 package code.api
 
 import java.net.URI
-import java.util
 import code.api.util.ErrorMessages._
 import code.api.util.{APIUtil, CallContext, JwtUtil}
 import code.consumer.Consumers
@@ -180,8 +179,8 @@ object OAuth2Login extends RestHelper with MdcLoggable {
 
       // In case a user is created via OpenID Connect flow implies provider = hydraPublicUrl
       // In case a user is created via GUI of OBP-API implies provider = Constant.localIdentityProvider
-      val user = Users.users.vend.getUserByUserName(introspectOAuth2Token.getIss, introspectOAuth2Token.getSub).or(
-        Users.users.vend.getUserByUserName(Constant.localIdentityProvider, introspectOAuth2Token.getSub)
+      val user = Users.users.vend.getUserByProviderAndUsername(introspectOAuth2Token.getIss, introspectOAuth2Token.getSub).or(
+        Users.users.vend.getUserByProviderAndUsername(Constant.localIdentityProvider, introspectOAuth2Token.getSub)
       )
       user match {
         case Full(u) =>

obp-api/src/main/scala/code/api/ResourceDocs1_4_0/MessageDocsSwaggerDefinitions.scala

@@ -1,5 +1,6 @@
 package code.api.ResourceDocs1_4_0
 
+import code.api.Constant
 import java.util.Date
 
 import code.api.util.APIUtil._
@@ -23,7 +24,7 @@ object MessageDocsSwaggerDefinitions
     balanceAmount = balanceAmountExample.value,
     balanceCurrency = currencyExample.value,
     owners = List(owner1Example.value),
-    viewsToGenerate = List("Owner", "Accountant", "Auditor"),
+    viewsToGenerate = List(Constant.SYSTEM_OWNER_VIEW_ID, Constant.SYSTEM_ACCOUNTANT_VIEW_ID,Constant.SYSTEM_AUDITOR_VIEW_ID),
     bankRoutingScheme = bankRoutingSchemeExample.value,
     bankRoutingAddress = bankRoutingAddressExample.value,
     branchRoutingScheme = branchRoutingSchemeExample.value,

obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala

@@ -345,8 +345,8 @@ object SwaggerDefinitionsJSON {
     hide_metadata_if_alias_used = hideMetadataIfAliasUsedExample.value.toBoolean,
     allowed_actions = allowedActionsV500,
     // Version 5.0.0
-    can_grant_access_to_views = Some(List(viewIdExample.value)),
-    can_revoke_access_to_views = Some(List(viewIdExample.value))
+    can_grant_access_to_views = Some(List(Constant.SYSTEM_OWNER_VIEW_ID)),
+    can_revoke_access_to_views = Some(List(Constant.SYSTEM_OWNER_VIEW_ID))
   )
 
   val updateCustomViewJson = UpdateCustomViewJson(
@@ -447,8 +447,8 @@ object SwaggerDefinitionsJSON {
     hide_metadata_if_alias_used = true,
     allowed_actions = allowedActionsV500,
     // Version 5.0.0
-    can_grant_access_to_views = Some(List("owner")),
-    can_revoke_access_to_views = Some(List("owner"))
+    can_grant_access_to_views = Some(List(Constant.SYSTEM_OWNER_VIEW_ID)),
+    can_revoke_access_to_views = Some(List(Constant.SYSTEM_OWNER_VIEW_ID))
   )
   lazy val updateSystemViewJson500 = updateViewJsonV500.copy(is_public = false, is_firehose = Some(false))
 
@@ -3079,15 +3079,15 @@ object SwaggerDefinitionsJSON {
     can_see_bank_account_credit_limit = true,
     can_create_direct_debit = true,
     can_create_standing_order = true,
-    can_grant_access_to_views = List("Owner"),
-    can_revoke_access_to_views = List("Owner")
+    can_grant_access_to_views = List(Constant.SYSTEM_OWNER_VIEW_ID),
+    can_revoke_access_to_views = List(Constant.SYSTEM_OWNER_VIEW_ID)
   )
 
   val viewsJsonV500 = ViewsJsonV500(
     views = List(viewJsonV500)
   )
 
-  val viewIdJsonV500 = ViewIdJsonV500(id = "owner")
+  val viewIdJsonV500 = ViewIdJsonV500(id = Constant.SYSTEM_OWNER_VIEW_ID)
   val viewIdsJsonV500 = ViewsIdsJsonV500(
     views = List(viewIdJsonV500)
   )

obp-api/src/main/scala/code/api/berlin/group/v1_3/PaymentInitiationServicePISApi.scala

@@ -1,5 +1,6 @@
 package code.api.builder.PaymentInitiationServicePISApi
 
+import code.api.Constant
 import code.api.ResourceDocs1_4_0.SwaggerDefinitionsJSON.sepaCreditTransfersBerlinGroupV13
 import code.api.berlin.group.v1_3.JSONFactory_BERLIN_GROUP_1_3.{CancelPaymentResponseJson,
   CancelPaymentResponseLinks, LinkHrefJson, UpdatePaymentPsuDataJson, checkUpdatePsuAuthentication,checkAuthorisationConfirmation,
@@ -590,7 +591,7 @@ Check the transaction status of a payment initiation.""",
           for {
             (createdTransactionRequest, callContext) <- NewStyle.function.createTransactionRequestv400(
               u,
-              ViewId("Owner"), //This is the default
+              ViewId(Constant.SYSTEM_OWNER_VIEW_ID), //This is the default
               fromAccount,
               toAccount,
               TransactionRequestType(transactionRequestTypes.toString),

obp-api/src/main/scala/code/api/constant/constant.scala

@@ -13,7 +13,7 @@ object Constant extends MdcLoggable {
 
   object Pagination {
     final val offset = 0
-    final val limit = 500
+    final val limit = 50
   }
 
   final val shortEndpointTimeoutInMillis = APIUtil.getPropsAsLongValue(nameOfProperty = "short_endpoint_timeout", 1L * 1000L)
@@ -62,24 +62,35 @@ object Constant extends MdcLoggable {
   final val SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID = "ReadTransactionsBerlinGroup"
 
   //TODO, this need to be double check
-  final val ALL_SYSTEM_VIEWS_CREATED_FROM_BOOT = List(
-    SYSTEM_OWNER_VIEW_ID,
-    SYSTEM_AUDITOR_VIEW_ID,
-    SYSTEM_ACCOUNTANT_VIEW_ID,
-    SYSTEM_FIREHOSE_VIEW_ID,
-    SYSTEM_STANDARD_VIEW_ID,
-    SYSTEM_STAGE_ONE_VIEW_ID,
-    SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID,
-    SYSTEM_READ_ACCOUNTS_BASIC_VIEW_ID,
-    SYSTEM_READ_ACCOUNTS_DETAIL_VIEW_ID,
-    SYSTEM_READ_BALANCES_VIEW_ID,
-    SYSTEM_READ_TRANSACTIONS_BASIC_VIEW_ID,
-    SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID,
-    SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID,
-    SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID,
-    SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID,
-    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID
-  ) 
+  final val ALL_SYSTEM_VIEWS_CREATED_FROM_BOOT = 
+    SYSTEM_OWNER_VIEW_ID::
+    SYSTEM_AUDITOR_VIEW_ID::
+    SYSTEM_ACCOUNTANT_VIEW_ID::
+    SYSTEM_FIREHOSE_VIEW_ID::
+    SYSTEM_STANDARD_VIEW_ID::
+    SYSTEM_STAGE_ONE_VIEW_ID::
+    SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID::
+    SYSTEM_READ_ACCOUNTS_BASIC_VIEW_ID::
+    SYSTEM_READ_ACCOUNTS_DETAIL_VIEW_ID::
+    SYSTEM_READ_BALANCES_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_BASIC_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID::
+    SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
+    SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID :: Nil
+
+  final val ALL_SYSTEM_VIEWS_CREATED_FROM_CBS = 
+    SYSTEM_OWNER_VIEW_ID::
+    SYSTEM_ACCOUNTANT_VIEW_ID::
+    SYSTEM_AUDITOR_VIEW_ID::
+    SYSTEM_STAGE_ONE_VIEW_ID::
+    SYSTEM_STANDARD_VIEW_ID::
+    SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID::
+    SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
+    SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID :: Nil
+
   //These are the default incoming and outgoing account ids. we will create both during the boot.scala.
   final val INCOMING_SETTLEMENT_ACCOUNT_ID = "OBP-INCOMING-SETTLEMENT-ACCOUNT"    
   final val OUTGOING_SETTLEMENT_ACCOUNT_ID = "OBP-OUTGOING-SETTLEMENT-ACCOUNT"    

obp-api/src/main/scala/code/api/directlogin.scala

@@ -491,14 +491,9 @@ object DirectLogin extends RestHelper with MdcLoggable {
     val username = directLoginParameters.getOrElse("username", "")
     val password = directLoginParameters.getOrElse("password", "")
 
-    var userId = for {id <- AuthUser.getResourceUserId(username, password)} yield id
-
-    if (userId.isEmpty) {
-      if ( ! AuthUser.externalUserHelper(username, password).isEmpty)
-      	userId = for {id <- AuthUser.getResourceUserId(username, password)} yield id
-    }
-
-    userId
+    //we first try to get the userId from local, if not find, we try to get it from external 
+    AuthUser.getResourceUserId(username, password)
+        .or(AuthUser.externalUserHelper(username, password).map(_.user.get))
   }
 
 

obp-api/src/main/scala/code/api/util/ErrorMessages.scala

@@ -338,14 +338,7 @@ object ErrorMessages {
   val CreateCardError = "OBP-30032: Could not insert the Card"
   val UpdateCardError = "OBP-30033: Could not update the Card"
 
-  val ViewIdNotSupported = s"OBP-30034: This ViewId is not supported. Only the following can be used: " +
-    s"$SYSTEM_OWNER_VIEW_ID, " +
-    s"$SYSTEM_ACCOUNTANT_VIEW_ID, " +
-    s"$SYSTEM_AUDITOR_VIEW_ID, " +
-    s"$SYSTEM_STAGE_ONE_VIEW_ID, " +
-    s"$SYSTEM_STANDARD_VIEW_ID, " +
-    s"$SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID, " +
-    s"$CUSTOM_PUBLIC_VIEW_ID."
+  val ViewIdNotSupported = s"OBP-30034: This ViewId is not supported. Only the following can be used: " 
 
   val UserCustomerLinkNotFound = "OBP-30035: User Customer Link not found"
 

obp-api/src/main/scala/code/api/util/ExampleValue.scala

@@ -1,6 +1,7 @@
 package code.api.util
 
 
+import code.api.Constant
 import code.api.util.APIUtil.{DateWithMs, DateWithMsExampleString, formatDate, oneYearAgo, oneYearAgoDate, parseDate}
 import code.api.util.ErrorMessages.{InvalidJsonFormat, UnknownError, UserHasMissingRoles, UserNotLoggedIn}
 import net.liftweb.json.JsonDSL._
@@ -331,10 +332,10 @@ object ExampleValue {
   lazy val owner1Example = ConnectorField("SusanSmith", "A username that is the owner of the account.")
   glossaryItems += makeGlossaryItem("Account.owner", owner1Example)
 
-  lazy val viewIdExample = ConnectorField("owner", "A viewId can be owner, accountant, public ....")
+  lazy val viewIdExample = ConnectorField(Constant.SYSTEM_OWNER_VIEW_ID, "A viewId can be owner, accountant ....")
   glossaryItems += makeGlossaryItem("view.id", viewIdExample)
 
-  lazy val viewNameExample = ConnectorField("Owner","A viewName can be Owner, Accountant, Public ....")
+  lazy val viewNameExample = ConnectorField(Constant.SYSTEM_OWNER_VIEW_ID,"A viewName can be owner, accountant ....")
   glossaryItems += makeGlossaryItem("view.name",viewNameExample)
 
   lazy val viewDescriptionExample = ConnectorField("This view is for the owner for the account.", "A description for this view.")
@@ -1497,15 +1498,15 @@ object ExampleValue {
   glossaryItems += makeGlossaryItem("basket_id", basketIdExample)
 
   lazy val consentRequestPayloadExample = ConnectorField(
-    """{
+    s"""{
       |  "everything": false,
       |  "account_access": [
       |    {
       |      "account_routing": {
       |        "scheme": "AccountNumber",
       |        "address": "4930396"
       |      },
-      |      "view_id": "owner"
+      |      "view_id": "${Constant.SYSTEM_OWNER_VIEW_ID}"
       |    }
       |  ],
       |  "phone_number": "+44 07972 444 876",

obp-api/src/main/scala/code/api/util/Glossary.scala

@@ -1,7 +1,7 @@
 package code.api.util
 
 import java.io.File
-
+import code.api.Constant
 import code.api.Constant.{PARAM_LOCALE, directLoginHeaderName}
 import code.api.util.APIUtil.{getObpApiRoot, getServerUrl}
 import code.api.util.ExampleValue.{accountIdExample, bankIdExample, customerIdExample, userIdExample}
@@ -1752,7 +1752,7 @@ object Glossary extends MdcLoggable  {
 |
 |Body:
 |
-|	{  "everything":false,  "views":[{    "bank_id":"gh.29.uk",    "account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",    "view_id":"owner"  }],  "entitlements":[{    "bank_id":"gh.29.uk",    "role_name":"CanGetCustomer"  }],  "consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",  "phone_number":"+44 07972 444 876",  "valid_from":"2022-04-29T10:40:03Z",  "time_to_live":3600}
+|	{  "everything":false,  "views":[{    "bank_id":"gh.29.uk",    "account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",    "view_id":${Constant.SYSTEM_OWNER_VIEW_ID}],  "entitlements":[{    "bank_id":"gh.29.uk",    "role_name":"CanGetCustomer"  }],  "consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",  "phone_number":"+44 07972 444 876",  "valid_from":"2022-04-29T10:40:03Z",  "time_to_live":3600}
 |
 |Headers:
 |

obp-api/src/main/scala/code/api/util/NewStyle.scala

@@ -80,6 +80,7 @@ import code.endpointMapping.{EndpointMappingProvider, EndpointMappingT}
 import code.endpointTag.EndpointTagT
 import code.util.Helper.MdcLoggable
 import code.views.system.AccountAccess
+import com.openbankproject.commons.model.enums.SuppliedAnswerType
 import net.liftweb.mapper.By
 
 object NewStyle extends MdcLoggable{
@@ -408,7 +409,7 @@ object NewStyle extends MdcLoggable{
     }
 
     def getBankAccountByAccountId(accountId : AccountId, callContext: Option[CallContext]) : OBPReturnType[BankAccount] = {
-      Connector.connector.vend.getBankAccountByAccountId(accountId : AccountId, callContext: Option[CallContext]) map { i =>
+      Connector.connector.vend.checkBankAccountExists(BankId(defaultBankId), accountId : AccountId, callContext: Option[CallContext]) map { i =>
         (unboxFullOrFail(i._1, callContext,s"$BankAccountNotFoundByAccountId Current account_id is $accountId", 404 ), i._2)
       }
     }
@@ -1300,9 +1301,8 @@ object NewStyle extends MdcLoggable{
       }
     }
 
-
-    def validateChallengeAnswer(challengeId: String, hashOfSuppliedAnswer: String, callContext: Option[CallContext]): OBPReturnType[Boolean] = 
-     Connector.connector.vend.validateChallengeAnswer(challengeId: String, hashOfSuppliedAnswer: String, callContext: Option[CallContext]) map { i =>
+    def validateChallengeAnswer(challengeId: String, suppliedAnswer: String, suppliedAnswerType:SuppliedAnswerType.Value,  callContext: Option[CallContext]): OBPReturnType[Boolean] = 
+     Connector.connector.vend.validateChallengeAnswerV2(challengeId, suppliedAnswer, suppliedAnswerType, callContext) map { i =>
        (unboxFullOrFail(i._1, callContext, s"${
          InvalidChallengeAnswer
            .replace("answer may be expired.", s"answer may be expired (${transactionRequestChallengeTtl} seconds).")
@@ -1330,6 +1330,7 @@ object NewStyle extends MdcLoggable{
        (unboxFullOrFail(i._1, callContext, s"$InvalidConnectorResponse() "), i._2)
       }
 
+    //At moment this method is used for Berlin Group Payments
     def validateChallengeAnswerC2(
       challengeType: ChallengeType.Value,
       transactionRequestId: Option[String], 
@@ -1358,6 +1359,8 @@ object NewStyle extends MdcLoggable{
         }
       }
     }
+
+    //At moment this method is used for Berlin Group SigningBasketsApi.scala
     def validateChallengeAnswerC3(
       challengeType: ChallengeType.Value,
       transactionRequestId: Option[String],

obp-api/src/main/scala/code/api/util/migration/Migration.scala

@@ -584,8 +584,15 @@ object Migration extends MdcLoggable {
             val tableName = table.dbTableName
             val sdf = new SimpleDateFormat("yyyy_MM_dd_HH_mm_ss_SSS")
             val resultDate = new Date(System.currentTimeMillis())
-            DB.prepareStatement(s"CREATE TABLE ${tableName}_backup_${sdf.format(resultDate)} AS (SELECT * FROM $tableName); ", conn){
-              stmt => stmt.executeQuery()
+            val dbDriver = APIUtil.getPropsValue("db.driver","org.h2.Driver")
+            val sqlQuery = if (dbDriver.contains("com.microsoft.sqlserver.jdbc.SQLServerDriver")) {
+              s"SELECT * INTO ${tableName}_backup_${sdf.format(resultDate)} FROM $tableName;"
+            }else{
+              s"CREATE TABLE ${tableName}_backup_${sdf.format(resultDate)} AS (SELECT * FROM $tableName);"
+            }
+            DB.prepareStatement(sqlQuery, conn){
+              stmt => stmt.execute() //statement.executeQuery() expects a resultset and you don't get one.
+              // Use statement.execute() for an ALTER-statement to avoid this issue.
             }
             true
           } catch {

obp-api/src/main/scala/code/api/util/migration/MigrationInfoOfAccoutHolders.scala

@@ -1,5 +1,6 @@
 package code.api.util.migration
 
+import code.api.Constant
 import java.time.format.DateTimeFormatter
 import java.time.{ZoneId, ZonedDateTime}
 
@@ -42,7 +43,7 @@ object BankAccountHoldersAndOwnerViewAccess {
             ownerViewAccess = AccountAccess.findAll(
               By(AccountAccess.bank_id, bankId),
               By(AccountAccess.account_id, accountId),
-              ByList(AccountAccess.view_id, List("owner", "_owner"))
+              ByList(AccountAccess.view_id, List(Constant.SYSTEM_OWNER_VIEW_ID, "_owner"))
             )
           } yield {
             (bankId, accountId, ownerViewAccess.size > 0)

obp-api/src/main/scala/code/api/util/migration/MigrationOfAuthUser.scala

@@ -27,18 +27,18 @@ object MigrationOfAuthUser {
         val executedSql =
           DbFunction.maybeWrite(true, Schemifier.infoF _) {
             APIUtil.getPropsValue("db.driver") match    {
-              case Full(value) if value.contains("com.microsoft.sqlserver.jdbc.SQLServerDriver") =>
+              case Full(dbDriver) if dbDriver.contains("com.microsoft.sqlserver.jdbc.SQLServerDriver") =>
                 () =>
                   s"""
-                    |${Helper.dropIndexIfExists(value,"authUser", "authuser_username_provider")}
+                    |${Helper.dropIndexIfExists(dbDriver,"authUser", "authuser_username_provider")}
                     |
                     |ALTER TABLE authuser ALTER COLUMN username varchar(100);
                     |ALTER TABLE authuser ALTER COLUMN provider varchar(100);
                     |ALTER TABLE authuser ALTER COLUMN firstname varchar(100);
                     |ALTER TABLE authuser ALTER COLUMN lastname varchar(100);
                     |ALTER TABLE authuser ALTER COLUMN email varchar(100);
                     |
-                    |${Helper.createIndexIfNotExists(value,"authUser", "authuser_username_provider")}
+                    |${Helper.createIndexIfNotExists(dbDriver,"authUser", "authuser_username_provider")}
                     |""".stripMargin
               case _ =>
                 () =>

obp-api/src/main/scala/code/api/util/migration/MigrationOfCustomerAttributes.scala

@@ -27,9 +27,9 @@ object MigrationOfCustomerAttributes {
         val executedSql =
           DbFunction.maybeWrite(true, Schemifier.infoF _) {
             APIUtil.getPropsValue("db.driver") match    {
-              case Full(value) if value.contains("com.microsoft.sqlserver.jdbc.SQLServerDriver") =>
+              case Full(dbDriver) if dbDriver.contains("com.microsoft.sqlserver.jdbc.SQLServerDriver") =>
                 () => "ALTER TABLE mappedcustomerattribute ALTER COLUMN mvalue varchar(2000);"
-              case Full(value) if value.contains("com.mysql.cj.jdbc.Driver") => // MySQL
+              case Full(dbDriver) if dbDriver.contains("com.mysql.cj.jdbc.Driver") => // MySQL
                 () => "ALTER TABLE mappedcustomerattribute MODIFY COLUMN mvalue varchar(2000);"
               case _ =>
                 () => "ALTER TABLE mappedcustomerattribute ALTER COLUMN mvalue type varchar(2000);"