MOSIP-33206: Skip logged in user belongs to the partner check for PAR… (

#1036) * MOSIP-33206: Skip logged in user belongs to the partner check for PARTNER_ADMIN Signed-off-by: Swetha K <[email protected]> * MOSIP-33206: Fixed test case failures Signed-off-by: Swetha K <[email protected]> --------- Signed-off-by: Swetha K <[email protected]> Co-authored-by: Swetha K <[email protected]>
mosip · Dec 12, 2024 · ad6a827 · ad6a827
1 parent 6665b61
commit ad6a827
Show file tree

Hide file tree

Showing 6 changed files with 84 additions and 103 deletions.
diff --git a/...ice/src/main/java/io/mosip/pms/oauth/client/service/impl/ClientManagementServiceImpl.java b/...ice/src/main/java/io/mosip/pms/oauth/client/service/impl/ClientManagementServiceImpl.java
@@ -196,23 +196,27 @@ public ProcessedClientDetail processCreateOIDCClient(ClientDetailCreateRequest c
 			throw new PartnerServiceException(ErrorCode.DUPLICATE_CLIENT.getErrorCode(),
 					ErrorCode.DUPLICATE_CLIENT.getErrorMessage());
 		}
-		// Validate the logged-in user ID and fetch the list of partners associated to it
-		List<Partner> partnerList = validateUserId();
-		if (partnerList.isEmpty()) {
-			LOGGER.error("sessionId", "idType", "id", "User id does not exist.");
-			auditUtil.setAuditRequestDto(ClientServiceAuditEnum.CREATE_CLIENT_FAILURE, createRequest.getName(),
-					clientId);
-			throw new PartnerServiceException(ErrorCode.USER_ID_NOT_EXISTS.getErrorCode(),
-					ErrorCode.USER_ID_NOT_EXISTS.getErrorMessage());
-		}
-		// Check if the partner ID belongs to the user.
-		boolean isValidPartner = validatePartnerIdBelongsToUser(partnerList, createRequest.getAuthPartnerId());
-		if (!isValidPartner) {
-			LOGGER.error("sessionId", "idType", "id", "The given partner ID does not belong to the user.");
-			auditUtil.setAuditRequestDto(ClientServiceAuditEnum.CREATE_CLIENT_FAILURE, createRequest.getName(),
-					clientId);
-			throw new PartnerServiceException(ErrorCode.PARTNER_NOT_BELONGS_TO_THE_USER_CREATE_OIDC.getErrorCode(),
-					ErrorCode.PARTNER_NOT_BELONGS_TO_THE_USER_CREATE_OIDC.getErrorMessage());
+		boolean isAdmin = partnerHelper.isPartnerAdmin(authUserDetails().getAuthorities().toString());
+		// Skip the below checks if the user is logged in as a partner_admin
+		if (!isAdmin) {
+			// Validate the logged-in user ID and fetch the list of partners associated to it
+			List<Partner> partnerList = validateUserId();
+			if (partnerList.isEmpty()) {
+				LOGGER.error("sessionId", "idType", "id", "User id does not exist.");
+				auditUtil.setAuditRequestDto(ClientServiceAuditEnum.CREATE_CLIENT_FAILURE, createRequest.getName(),
+						clientId);
+				throw new PartnerServiceException(ErrorCode.USER_ID_NOT_EXISTS.getErrorCode(),
+						ErrorCode.USER_ID_NOT_EXISTS.getErrorMessage());
+			}
+			// Check if the partner ID belongs to the user.
+			boolean isValidPartner = validatePartnerIdBelongsToUser(partnerList, createRequest.getAuthPartnerId());
+			if (!isValidPartner) {
+				LOGGER.error("sessionId", "idType", "id", "The given partner ID does not belong to the user.");
+				auditUtil.setAuditRequestDto(ClientServiceAuditEnum.CREATE_CLIENT_FAILURE, createRequest.getName(),
+						clientId);
+				throw new PartnerServiceException(ErrorCode.PARTNER_NOT_BELONGS_TO_THE_USER_CREATE_OIDC.getErrorCode(),
+						ErrorCode.PARTNER_NOT_BELONGS_TO_THE_USER_CREATE_OIDC.getErrorMessage());
+			}
 		}
 		Optional<Partner> partner = partnerRepository.findById(createRequest.getAuthPartnerId());
 		if(partner.isEmpty()) {
@@ -695,6 +699,7 @@ public io.mosip.pms.oauth.client.dto.ClientDetail getClientDetails(String client
 					ErrorCode.CLIENT_NOT_EXISTS.getErrorMessage());
 		}
 		boolean isAdmin = partnerHelper.isPartnerAdmin(authUserDetails().getAuthorities().toString());
+		// Skip the below checks if the user is logged in as a partner_admin
 		if (!isAdmin) {
 			// Validate the logged-in user ID and fetch the list of partners associated to it
 			List<Partner> partnerList = validateUserId();

diff --git a/...ce/src/main/java/io/mosip/pms/partner/manager/controller/PartnerManagementController.java b/...ce/src/main/java/io/mosip/pms/partner/manager/controller/PartnerManagementController.java
@@ -456,16 +456,16 @@ public ResponseWrapperV2<PageResponseV2Dto<CaCertificateSummaryDto>> getCaCertif
 			filterDto.setCaCertificateType(caCertificateType);
 		}
 		if (certificateId != null) {
-			filterDto.setCertificateId(certificateId.toLowerCase());
+			filterDto.setCertificateId(certificateId);
 		}
 		if (partnerDomain != null) {
 			filterDto.setPartnerDomain(partnerDomain);
 		}
 		if (issuedTo != null) {
-			filterDto.setIssuedTo(issuedTo.toLowerCase());
+			filterDto.setIssuedTo(issuedTo);
 		}
 		if (issuedBy != null) {
-			filterDto.setIssuedBy(issuedBy.toLowerCase());
+			filterDto.setIssuedBy(issuedBy);
 		}
 		return partnerManagementService.getCaCertificates(sortFieldName, sortType, pageNo, pageSize, filterDto);
 	}

diff --git a/...e/src/test/java/io/mosip/pms/test/oauth/service/impl/ClientManagementServiceImplTest.java b/...e/src/test/java/io/mosip/pms/test/oauth/service/impl/ClientManagementServiceImplTest.java
@@ -1,5 +1,7 @@
 package io.mosip.pms.test.oauth.service.impl;
 
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
 import java.sql.Timestamp;
 import java.time.LocalDateTime;
 import java.time.ZoneId;
@@ -45,6 +47,8 @@
 import org.springframework.data.domain.Page;
 import org.springframework.http.MediaType;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.test.context.junit4.SpringRunner;
@@ -133,19 +137,16 @@ public void setUp() {
 	public void createClientTest() throws Exception {
 		io.mosip.kernel.openid.bridge.model.MosipUserDto mosipUserDto = getMosipUserDto();
 		AuthUserDetails authUserDetails = new AuthUserDetails(mosipUserDto, "123");
+		Collection<GrantedAuthority> newAuthorities = List.of(
+				new SimpleGrantedAuthority("PARTNER_ADMIN")
+		);
+		Method addAuthoritiesMethod = AuthUserDetails.class.getDeclaredMethod("addAuthorities", Collection.class, String.class);
+		addAuthoritiesMethod.setAccessible(true);
+		addAuthoritiesMethod.invoke(authUserDetails, newAuthorities, null);
 		SecurityContextHolder.setContext(securityContext);
 		when(authentication.getPrincipal()).thenReturn(authUserDetails);
 		when(securityContext.getAuthentication()).thenReturn(authentication);
 
-		List<Partner> partnerList = new ArrayList<>();
-		Partner partner = new Partner();
-		partner.setId("authPartnerId");
-		partner.setPartnerTypeCode("Auth_Partner");
-		partner.setPolicyGroupId("abc");
-		partner.setApprovalStatus("approved");
-		partnerList.add(partner);
-		when(partnerServiceRepository.findByUserId(anyString())).thenReturn(partnerList);
-
 		ClientDetailCreateRequest request = new ClientDetailCreateRequest();
 		request.setPublicKey(public_key);
 		request.setPolicyId("policy");
@@ -161,7 +162,7 @@ public void createClientTest() throws Exception {
 		try {
 			serviceImpl.createOIDCClient(request);
 		}catch (PartnerServiceException e) {
-			assertFalse(e.getErrorCode().equals(ErrorCode.INVALID_PARTNERID.getErrorCode()));
+			assertTrue(e.getErrorCode().equals(ErrorCode.INVALID_PARTNERID.getErrorCode()));
 		}
 	}
 
@@ -184,19 +185,16 @@ public void testCreateOIDCClient_WithEmptyPublicKey_ThrowsExceptionWithMock() th
 	public void createOIDCClient_invalidPublicKey_throwsPartnerServiceException() throws Exception {
 		io.mosip.kernel.openid.bridge.model.MosipUserDto mosipUserDto = getMosipUserDto();
 		AuthUserDetails authUserDetails = new AuthUserDetails(mosipUserDto, "123");
+		Collection<GrantedAuthority> newAuthorities = List.of(
+				new SimpleGrantedAuthority("PARTNER_ADMIN")
+		);
+		Method addAuthoritiesMethod = AuthUserDetails.class.getDeclaredMethod("addAuthorities", Collection.class, String.class);
+		addAuthoritiesMethod.setAccessible(true);
+		addAuthoritiesMethod.invoke(authUserDetails, newAuthorities, null);
 		SecurityContextHolder.setContext(securityContext);
 		when(authentication.getPrincipal()).thenReturn(authUserDetails);
 		when(securityContext.getAuthentication()).thenReturn(authentication);
 
-		List<Partner> partnerList = new ArrayList<>();
-		Partner partner = new Partner();
-		partner.setId("authPartnerId");
-		partner.setPartnerTypeCode("Auth_Partner");
-		partner.setPolicyGroupId("abc");
-		partner.setApprovalStatus("approved");
-		partnerList.add(partner);
-		when(partnerServiceRepository.findByUserId(anyString())).thenReturn(partnerList);
-
 		ClientDetailCreateRequest createRequest = new ClientDetailCreateRequest();
 		createRequest.setName("ClientName");
 		createRequest.setAuthPartnerId("AuthPartnerId");
@@ -220,19 +218,16 @@ public void createOIDCClient_invalidPublicKey_throwsPartnerServiceException() th
 	public void createOIDCClient_existingClientDetail_throwsPartnerServiceException() throws Exception {
 		io.mosip.kernel.openid.bridge.model.MosipUserDto mosipUserDto = getMosipUserDto();
 		AuthUserDetails authUserDetails = new AuthUserDetails(mosipUserDto, "123");
+		Collection<GrantedAuthority> newAuthorities = List.of(
+				new SimpleGrantedAuthority("PARTNER_ADMIN")
+		);
+		Method addAuthoritiesMethod = AuthUserDetails.class.getDeclaredMethod("addAuthorities", Collection.class, String.class);
+		addAuthoritiesMethod.setAccessible(true);
+		addAuthoritiesMethod.invoke(authUserDetails, newAuthorities, null);
 		SecurityContextHolder.setContext(securityContext);
 		when(authentication.getPrincipal()).thenReturn(authUserDetails);
 		when(securityContext.getAuthentication()).thenReturn(authentication);
 
-		List<Partner> partnerList = new ArrayList<>();
-		Partner partner = new Partner();
-		partner.setId("authPartnerId");
-		partner.setPartnerTypeCode("Auth_Partner");
-		partner.setPolicyGroupId("abc");
-		partner.setApprovalStatus("approved");
-		partnerList.add(partner);
-		when(partnerServiceRepository.findByUserId(anyString())).thenReturn(partnerList);
-
 		ClientDetailCreateRequest createRequest = new ClientDetailCreateRequest();
 		createRequest.setName("ClientName");
 		createRequest.setAuthPartnerId("AuthPartnerId");
@@ -273,19 +268,16 @@ public void createOIDCClient_existingClientDetail_throwsPartnerServiceException(
 	public void createOIDCClient_invalidPartnerId_throwsPartnerServiceException() throws Exception {
 		io.mosip.kernel.openid.bridge.model.MosipUserDto mosipUserDto = getMosipUserDto();
 		AuthUserDetails authUserDetails = new AuthUserDetails(mosipUserDto, "123");
+		Collection<GrantedAuthority> newAuthorities = List.of(
+				new SimpleGrantedAuthority("PARTNER_ADMIN")
+		);
+		Method addAuthoritiesMethod = AuthUserDetails.class.getDeclaredMethod("addAuthorities", Collection.class, String.class);
+		addAuthoritiesMethod.setAccessible(true);
+		addAuthoritiesMethod.invoke(authUserDetails, newAuthorities, null);
 		SecurityContextHolder.setContext(securityContext);
 		when(authentication.getPrincipal()).thenReturn(authUserDetails);
 		when(securityContext.getAuthentication()).thenReturn(authentication);
 
-		List<Partner> partnerList = new ArrayList<>();
-		Partner partner = new Partner();
-		partner.setId("authPartnerId");
-		partner.setPartnerTypeCode("Auth_Partner");
-		partner.setPolicyGroupId("abc");
-		partner.setApprovalStatus("approved");
-		partnerList.add(partner);
-		when(partnerServiceRepository.findByUserId(anyString())).thenReturn(partnerList);
-
 		ClientDetailCreateRequest createRequest = new ClientDetailCreateRequest();
 		createRequest.setName("ClientName");
 		createRequest.setAuthPartnerId("AuthPartnerId");
@@ -315,19 +307,16 @@ public void createOIDCClient_invalidPartnerId_throwsPartnerServiceException() th
 	public void createOIDCClient_validRequest_returnsClientDetailResponse() throws Exception {
 		io.mosip.kernel.openid.bridge.model.MosipUserDto mosipUserDto = getMosipUserDto();
 		AuthUserDetails authUserDetails = new AuthUserDetails(mosipUserDto, "123");
+		Collection<GrantedAuthority> newAuthorities = List.of(
+				new SimpleGrantedAuthority("PARTNER_ADMIN")
+		);
+		Method addAuthoritiesMethod = AuthUserDetails.class.getDeclaredMethod("addAuthorities", Collection.class, String.class);
+		addAuthoritiesMethod.setAccessible(true);
+		addAuthoritiesMethod.invoke(authUserDetails, newAuthorities, null);
 		SecurityContextHolder.setContext(securityContext);
 		when(authentication.getPrincipal()).thenReturn(authUserDetails);
 		when(securityContext.getAuthentication()).thenReturn(authentication);
 
-		List<Partner> partnerList = new ArrayList<>();
-		Partner partner = new Partner();
-		partner.setId("authPartnerId");
-		partner.setPartnerTypeCode("Auth_Partner");
-		partner.setPolicyGroupId("abc");
-		partner.setApprovalStatus("approved");
-		partnerList.add(partner);
-		when(partnerServiceRepository.findByUserId(anyString())).thenReturn(partnerList);
-
 		when(environment.getProperty("auth.url")).thenReturn("https://pms.net/partner");
 		when(clientDetailRepository.findById(anyString())).thenReturn(Optional.empty());
 		when(partnerRepository.findById(anyString())).thenReturn(Optional.of(new Partner()));
@@ -444,15 +433,19 @@ public void testUpdateOIDCClient_WithFailure() throws Exception {
 		verify(webSubPublisher).notify(any(), any(), any());
 	}
 
-	@Test(expected = Exception.class)
-	public void testGetClientDetails_Success() {
+	@Test
+	public void testGetClientDetails_Success() throws Exception {
 		io.mosip.kernel.openid.bridge.model.MosipUserDto mosipUserDto = getMosipUserDto();
 		AuthUserDetails authUserDetails = new AuthUserDetails(mosipUserDto, "123");
+		Collection<GrantedAuthority> newAuthorities = List.of(
+				new SimpleGrantedAuthority("PARTNER_ADMIN")
+		);
+		Method addAuthoritiesMethod = AuthUserDetails.class.getDeclaredMethod("addAuthorities", Collection.class, String.class);
+		addAuthoritiesMethod.setAccessible(true);
+		addAuthoritiesMethod.invoke(authUserDetails, newAuthorities, null);
 		SecurityContextHolder.setContext(securityContext);
 		when(authentication.getPrincipal()).thenReturn(authUserDetails);
 		when(securityContext.getAuthentication()).thenReturn(authentication);
-		List<Partner> parnerList = new ArrayList<>();
-		when(partnerServiceRepository.findByUserId(anyString())).thenReturn(parnerList);
 
 		PolicyGroup policyGroup = new PolicyGroup();
 		policyGroup.setCrBy("Cr By");
@@ -530,15 +523,7 @@ public void testGetClientDetails_Success() {
 	}
 
 	@Test (expected = Exception.class)
-	public void testGetClientDetails_Exception() {
-		io.mosip.kernel.openid.bridge.model.MosipUserDto mosipUserDto = getMosipUserDto();
-		AuthUserDetails authUserDetails = new AuthUserDetails(mosipUserDto, "123");
-		SecurityContextHolder.setContext(securityContext);
-		when(authentication.getPrincipal()).thenReturn(authUserDetails);
-		when(securityContext.getAuthentication()).thenReturn(authentication);
-
-		when(partnerServiceRepository.findByUserId(anyString())).thenThrow(new PartnerServiceException("An error occurred", "An error occurred"));
-
+	public void testGetClientDetails_Exception() throws Exception {
 		when(authPolicyRepository.findById(anyString()))
 				.thenThrow(new PartnerServiceException("An error occurred", "An error occurred"));
 
@@ -553,7 +538,6 @@ public void testGetClientDetails_Exception() {
 		clientDetail.setIsDeleted(false);
 		clientDetail.setLogoUri("Logo Uri");
 		clientDetail.setName("Name");
-		clientDetail.setPolicyId(null);
 		clientDetail.setPublicKey("Public Key");
 		clientDetail.setRedirectUris("Redirect Uris");
 		clientDetail.setRpId("RpId");
@@ -777,6 +761,12 @@ public void testGetPartnerCertificateWithSuccess() throws JsonProcessingExceptio
 	public void testCreateOIDCClientWithError() throws Exception {
 		io.mosip.kernel.openid.bridge.model.MosipUserDto mosipUserDto = getMosipUserDto();
 		AuthUserDetails authUserDetails = new AuthUserDetails(mosipUserDto, "123");
+		Collection<GrantedAuthority> newAuthorities = List.of(
+				new SimpleGrantedAuthority("PARTNER_ADMIN")
+		);
+		Method addAuthoritiesMethod = AuthUserDetails.class.getDeclaredMethod("addAuthorities", Collection.class, String.class);
+		addAuthoritiesMethod.setAccessible(true);
+		addAuthoritiesMethod.invoke(authUserDetails, newAuthorities, null);
 		SecurityContextHolder.setContext(securityContext);
 		when(authentication.getPrincipal()).thenReturn(authUserDetails);
 		when(securityContext.getAuthentication()).thenReturn(authentication);
@@ -797,7 +787,6 @@ public void testCreateOIDCClientWithError() throws Exception {
 		createRequest.setRedirectUris(setRedirectUris);
 		createRequest.setPublicKey(public_key);
 
-		List<Partner> partnerList = new ArrayList<>();
 		Partner partner = new Partner();
 		partner.setAdditionalInfo("Additional Info");
 		partner.setAddress("abc");
@@ -821,8 +810,6 @@ public void testCreateOIDCClientWithError() throws Exception {
 		partner.setUpdBy("Upd By");
 		partner.setUpdDtimes(mock(Timestamp.class));
 		partner.setUserId("UserId");
-		partnerList.add(partner);
-		when(partnerServiceRepository.findByUserId(anyString())).thenReturn(partnerList);
 
 		PolicyGroup policyGroup = new PolicyGroup();
 		policyGroup.setCrBy("Cr By");
@@ -1177,15 +1164,8 @@ public void testProcessCreateOIDCClient_ClientExists() throws Exception {
 		assertNotNull(result.getPolicy());
 	}
 
-	@Test(expected = PartnerServiceException.class)
+	@Test(expected = Exception.class)
 	public void testProcessCreateOIDCClient_PartnerCannotCreateOIDCClient() throws Exception {
-		io.mosip.kernel.openid.bridge.model.MosipUserDto mosipUserDto = getMosipUserDto();
-		AuthUserDetails authUserDetails = new AuthUserDetails(mosipUserDto, "123");
-		SecurityContextHolder.setContext(securityContext);
-		when(authentication.getPrincipal()).thenReturn(authUserDetails);
-		when(securityContext.getAuthentication()).thenReturn(authentication);
-
-
 		ClientDetailCreateRequest createRequest = new ClientDetailCreateRequest();
 		createRequest.setName("ClientName");
 		createRequest.setAuthPartnerId("AuthPartnerId");
@@ -1202,7 +1182,6 @@ public void testProcessCreateOIDCClient_PartnerCannotCreateOIDCClient() throws E
 		createRequest.setRedirectUris(setRedirectUris);
 		createRequest.setPublicKey(public_key);
 
-		List<Partner> partnerList = new ArrayList<>();
 		Partner partner = new Partner();
 		partner.setAdditionalInfo("Additional Info");
 		partner.setAddress("abc");
@@ -1226,8 +1205,6 @@ public void testProcessCreateOIDCClient_PartnerCannotCreateOIDCClient() throws E
 		partner.setUpdBy("Upd By");
 		partner.setUpdDtimes(mock(Timestamp.class));
 		partner.setUserId("UserId");
-		partnerList.add(partner);
-		when(partnerServiceRepository.findByUserId(anyString())).thenReturn(partnerList);
 
 		PartnerPolicyRequest partnerPolicyRequest = new PartnerPolicyRequest();
 		partnerPolicyRequest.setPartner(partner);