From 705e93a355873b907117c515a59f6c492005f8bf Mon Sep 17 00:00:00 2001 From: Marcus Aspin Date: Tue, 30 Jan 2024 17:46:38 +0000 Subject: [PATCH] PI-1827 Add user access endpoint for Tier UI (#3143) * PI-1827 Add user access endpoint for Tier UI * Add test --- .../hmpps/service/UserAccessService.kt | 3 ++ .../hmpps/service/UserAccessServiceTest.kt | 11 ++++++ projects/tier-to-delius/build.gradle.kts | 1 + .../hmpps/controller/UserController.kt | 21 +++++++++++ .../hmpps/controller/UserControllerTest.kt | 37 +++++++++++++++++++ 5 files changed, 73 insertions(+) create mode 100644 projects/tier-to-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/controller/UserController.kt create mode 100644 projects/tier-to-delius/src/test/kotlin/uk/gov/justice/digital/hmpps/controller/UserControllerTest.kt diff --git a/libs/limited-access/src/main/kotlin/uk/gov/justice/digital/hmpps/service/UserAccessService.kt b/libs/limited-access/src/main/kotlin/uk/gov/justice/digital/hmpps/service/UserAccessService.kt index 20d226199d..7f7b21258c 100644 --- a/libs/limited-access/src/main/kotlin/uk/gov/justice/digital/hmpps/service/UserAccessService.kt +++ b/libs/limited-access/src/main/kotlin/uk/gov/justice/digital/hmpps/service/UserAccessService.kt @@ -8,6 +8,9 @@ import uk.gov.justice.digital.hmpps.entity.isRestricted @Service class UserAccessService(private val uar: UserAccessRepository) { + fun caseAccessFor(username: String, crn: String) = + userAccessFor(username, listOf(crn)).access.first { it.crn == crn } + fun userAccessFor(username: String, crns: List): UserAccess { val user = uar.findByUsername(username) diff --git a/libs/limited-access/src/test/kotlin/uk/gov/justice/digital/hmpps/service/UserAccessServiceTest.kt b/libs/limited-access/src/test/kotlin/uk/gov/justice/digital/hmpps/service/UserAccessServiceTest.kt index 8a173a6415..3e07cc60f1 100644 --- a/libs/limited-access/src/test/kotlin/uk/gov/justice/digital/hmpps/service/UserAccessServiceTest.kt +++ b/libs/limited-access/src/test/kotlin/uk/gov/justice/digital/hmpps/service/UserAccessServiceTest.kt @@ -57,6 +57,17 @@ internal class UserAccessServiceTest { assertThat(res, equalTo(userAccess())) } + @Test + fun `single case access is correctly returned`() { + val pas = givenLimitedAccessResults() + whenever(uar.findByUsername("john-smith")).thenReturn(LimitedAccessUser("john-smith", 1)) + whenever(uar.getAccessFor("john-smith", listOf("E123456"))).thenReturn(pas) + + val res = userAccessService.caseAccessFor("john-smith", "E123456") + + assertThat(res, equalTo(userAccess().access[0])) + } + private fun givenLimitedAccessResults() = listOf( object : PersonAccess { diff --git a/projects/tier-to-delius/build.gradle.kts b/projects/tier-to-delius/build.gradle.kts index bc9b944a2c..5324b8d016 100644 --- a/projects/tier-to-delius/build.gradle.kts +++ b/projects/tier-to-delius/build.gradle.kts @@ -8,6 +8,7 @@ dependencies { implementation(project(":libs:messaging")) implementation(project(":libs:oauth-client")) implementation(project(":libs:oauth-server")) + implementation(project(":libs:limited-access")) implementation("org.springframework.boot:spring-boot-starter-actuator") implementation("org.springframework.boot:spring-boot-starter-data-jpa") diff --git a/projects/tier-to-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/controller/UserController.kt b/projects/tier-to-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/controller/UserController.kt new file mode 100644 index 0000000000..18b5fbd65e --- /dev/null +++ b/projects/tier-to-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/controller/UserController.kt @@ -0,0 +1,21 @@ +package uk.gov.justice.digital.hmpps.controller + +import org.springframework.security.access.prepost.PreAuthorize +import org.springframework.web.bind.annotation.GetMapping +import org.springframework.web.bind.annotation.PathVariable +import org.springframework.web.bind.annotation.RequestMapping +import org.springframework.web.bind.annotation.RestController +import uk.gov.justice.digital.hmpps.service.CaseAccess +import uk.gov.justice.digital.hmpps.service.UserAccessService + +@RestController +@RequestMapping("users") +@PreAuthorize("hasRole('TIER_DETAILS')") +class UserController(private val userAccessService: UserAccessService) { + + @GetMapping("/{username}/access/{crn}") + fun userAccessCheck( + @PathVariable username: String, + @PathVariable crn: String, + ): CaseAccess = userAccessService.caseAccessFor(username, crn) +} diff --git a/projects/tier-to-delius/src/test/kotlin/uk/gov/justice/digital/hmpps/controller/UserControllerTest.kt b/projects/tier-to-delius/src/test/kotlin/uk/gov/justice/digital/hmpps/controller/UserControllerTest.kt new file mode 100644 index 0000000000..2686bf5a54 --- /dev/null +++ b/projects/tier-to-delius/src/test/kotlin/uk/gov/justice/digital/hmpps/controller/UserControllerTest.kt @@ -0,0 +1,37 @@ +package uk.gov.justice.digital.hmpps.controller + +import org.hamcrest.CoreMatchers.equalTo +import org.hamcrest.MatcherAssert.assertThat +import org.junit.jupiter.api.Test +import org.junit.jupiter.api.extension.ExtendWith +import org.mockito.InjectMocks +import org.mockito.Mock +import org.mockito.junit.jupiter.MockitoExtension +import org.mockito.kotlin.whenever +import uk.gov.justice.digital.hmpps.service.CaseAccess +import uk.gov.justice.digital.hmpps.service.UserAccessService + +@ExtendWith(MockitoExtension::class) +internal class UserControllerTest { + @Mock + lateinit var userAccessService: UserAccessService + + @InjectMocks + lateinit var userController: UserController + + @Test + fun `check user access`() { + val caseAccess = CaseAccess( + crn = "crn", + userRestricted = false, + userExcluded = true, + exclusionMessage = "testing", + ) + + whenever(userAccessService.caseAccessFor("username", "crn")).thenReturn(caseAccess) + + val response = userController.userAccessCheck("username", "crn") + + assertThat(response, equalTo(caseAccess)) + } +} \ No newline at end of file