PI-2135 Add user access endpoint for Manage a Supervision (#3697)

projects/manage-supervision-and-delius/build.gradle.kts

@@ -6,6 +6,7 @@ dependencies {
     implementation(project(":libs:audit"))
     implementation(project(":libs:commons"))
     implementation(project(":libs:oauth-server"))
+    implementation(project(":libs:limited-access"))
     implementation(project(":libs:document-management"))
     implementation("org.springframework.boot:spring-boot-starter-actuator")
     implementation("org.springframework.boot:spring-boot-starter-data-jpa")

projects/manage-supervision-and-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/api/controller/UserController.kt → projects/manage-supervision-and-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/api/controller/CaseloadController.kt

@@ -11,7 +11,7 @@ import uk.gov.justice.digital.hmpps.service.UserService
 @Tag(name = "Caseload Info")
 @RequestMapping("/caseload")
 @PreAuthorize("hasRole('PROBATION_API__MANAGE_A_SUPERVISION__CASE_DETAIL')")
-class UserController(private val userService: UserService) {
+class CaseloadController(private val userService: UserService) {
 
     @GetMapping("/user/{username}")
     @Operation(summary = "Gets caseloads for the user")

projects/manage-supervision-and-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/api/controller/UserAccessController.kt

@@ -0,0 +1,17 @@
+package uk.gov.justice.digital.hmpps.api.controller
+
+import io.swagger.v3.oas.annotations.tags.Tag
+import org.springframework.security.access.prepost.PreAuthorize
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.PathVariable
+import org.springframework.web.bind.annotation.RestController
+import uk.gov.justice.digital.hmpps.service.UserAccessService
+
+@RestController
+@Tag(name = "User access")
+@PreAuthorize("hasRole('PROBATION_API__MANAGE_A_SUPERVISION__CASE_DETAIL')")
+class UserAccessController(private val userAccessService: UserAccessService) {
+    @GetMapping("/user/{username}/access/{crn}")
+    fun checkAccess(@PathVariable username: String, @PathVariable crn: String) =
+        userAccessService.caseAccessFor(username, crn)
+}

projects/manage-supervision-and-delius/src/test/kotlin/uk/gov/justice/digital/hmpps/api/controller/UserControllerTest.kt → projects/manage-supervision-and-delius/src/test/kotlin/uk/gov/justice/digital/hmpps/api/controller/CaseloadControllerTest.kt

@@ -18,13 +18,13 @@ import uk.gov.justice.digital.hmpps.service.toStaffCase
 import uk.gov.justice.digital.hmpps.service.toTeamCase
 
 @ExtendWith(MockitoExtension::class)
-internal class UserControllerTest {
+internal class CaseloadControllerTest {
 
     @Mock
     lateinit var userService: UserService
 
     @InjectMocks
-    lateinit var controller: UserController
+    lateinit var controller: CaseloadController
 
     @Test
     fun `calls get user case load function `() {

projects/manage-supervision-and-delius/src/test/kotlin/uk/gov/justice/digital/hmpps/api/controller/UserAccessControllerTest.kt

@@ -0,0 +1,37 @@
+package uk.gov.justice.digital.hmpps.api.controller
+
+import org.hamcrest.CoreMatchers.equalTo
+import org.hamcrest.MatcherAssert.assertThat
+import org.junit.jupiter.api.Test
+import org.junit.jupiter.api.extension.ExtendWith
+import org.mockito.InjectMocks
+import org.mockito.Mock
+import org.mockito.junit.jupiter.MockitoExtension
+import org.mockito.kotlin.whenever
+import uk.gov.justice.digital.hmpps.service.CaseAccess
+import uk.gov.justice.digital.hmpps.service.UserAccessService
+
+@ExtendWith(MockitoExtension::class)
+internal class UserControllerTest {
+    @Mock
+    lateinit var userAccessService: UserAccessService
+
+    @InjectMocks
+    lateinit var userAccessController: UserAccessController
+
+    @Test
+    fun `check user access`() {
+        val caseAccess = CaseAccess(
+            crn = "crn",
+            userRestricted = false,
+            userExcluded = true,
+            exclusionMessage = "testing",
+        )
+
+        whenever(userAccessService.caseAccessFor("username", "crn")).thenReturn(caseAccess)
+
+        val response = userAccessController.checkAccess("username", "crn")
+
+        assertThat(response, equalTo(caseAccess))
+    }
+}