Merge pull request #114 from Onlineberatung/develop

[pull] develop from Onlineberatung:develop

pom.xml

@@ -491,6 +491,12 @@
               <modelPackage>
                 ${project.groupId}.${project.artifactId}.tenantservice.generated.web.model
               </modelPackage>
+              <typeMappings>
+                <typeMapping>OffsetDateTime=LocalDateTime</typeMapping>
+              </typeMappings>
+              <importMappings>
+                <importMapping>java.time.OffsetDateTime=java.time.LocalDateTime</importMapping>
+              </importMappings>
             </configuration>
           </execution>
           <execution>

src/main/java/de/caritas/cob/agencyservice/api/authorization/Authority.java

@@ -1,24 +1,35 @@
 package de.caritas.cob.agencyservice.api.authorization;
 
+import com.google.common.collect.Lists;
+import java.util.List;
 import java.util.stream.Stream;
+import lombok.Getter;
 
 /**
  * 
  * Definition of all authorities and of the role-authority-mapping.
  *
  */
+@Getter
 public enum Authority {
 
-  AGENCY_ADMIN("agency-admin", "AUTHORIZATION_AGENCY_ADMIN"),
-  TENANT_ADMIN("tenant-admin", "AUTHORIZATION_TENANT_ADMIN"),
-  RESTRICTED_AGENCY_ADMIN("restricted-agency-admin", "AUTHORIZATION_RESTRICTED_AGENCY_ADMIN");
+  AGENCY_ADMIN("agency-admin", AuthorityValue.AGENCY_ADMIN, AuthorityValue.SEARCH_AGENCIES),
+  TENANT_ADMIN("tenant-admin", AuthorityValue.TENANT_ADMIN),
+  RESTRICTED_AGENCY_ADMIN("restricted-agency-admin", AuthorityValue.RESTRICTED_AGENCY_ADMIN, AuthorityValue.SEARCH_AGENCIES),
+
+  RESTRICTED_CONSULTANT_ADMIN("restricted-consultant-admin", AuthorityValue.SEARCH_AGENCIES);
 
   private final String roleName;
-  private final String authorityName;
+  private final List<String> authorities;
 
   Authority(final String roleName, final String authorityName) {
     this.roleName = roleName;
-    this.authorityName = authorityName;
+    this.authorities = Lists.newArrayList(authorityName);
+  }
+
+  Authority(final String roleName, final String... authorities) {
+    this.roleName = roleName;
+    this.authorities = Lists.newArrayList(authorities);
   }
 
   /**
@@ -34,12 +45,18 @@ public static Authority fromRoleName(String roleName) {
         .orElse(null);
   }
 
-  public String getAuthority() {
-    return this.authorityName;
-  }
 
-  public String getRoleName() {
-    return this.roleName;
+  public static class AuthorityValue {
+
+    private AuthorityValue() {}
+
+    public static final String PREFIX = "AUTHORIZATION_";
+    public static final String AGENCY_ADMIN = PREFIX + "AGENCY_ADMIN";
+    public static final String SEARCH_AGENCIES = PREFIX + "SEARCH_AGENCIES";
+    public static final String TENANT_ADMIN = PREFIX + "TENANT_ADMIN";
+    public static final String RESTRICTED_AGENCY_ADMIN = PREFIX + "RESTRICTED_AGENCY_ADMIN";
+
   }
 
+
 }

src/main/java/de/caritas/cob/agencyservice/api/authorization/RoleAuthorizationAuthorityMapper.java

@@ -30,7 +30,8 @@ public Set<GrantedAuthority> mapAuthorities(Set<String> roleNames) {
     return roleNames.stream()
         .map(Authority::fromRoleName)
         .filter(Objects::nonNull)
-        .map(Authority::getAuthority)
+        .map(Authority::getAuthorities)
+        .flatMap(Collection::parallelStream)
         .map(SimpleGrantedAuthority::new)
         .collect(Collectors.toSet());
   }

src/main/java/de/caritas/cob/agencyservice/config/SecurityConfig.java

@@ -1,9 +1,6 @@
 package de.caritas.cob.agencyservice.config;
 
-import static de.caritas.cob.agencyservice.api.authorization.Authority.AGENCY_ADMIN;
-import static de.caritas.cob.agencyservice.api.authorization.Authority.RESTRICTED_AGENCY_ADMIN;
-import static de.caritas.cob.agencyservice.api.authorization.Authority.TENANT_ADMIN;
-
+import de.caritas.cob.agencyservice.api.authorization.Authority.AuthorityValue;
 import de.caritas.cob.agencyservice.config.security.AuthorisationService;
 import de.caritas.cob.agencyservice.config.security.JwtAuthConverter;
 import de.caritas.cob.agencyservice.config.security.JwtAuthConverterProperties;
@@ -16,6 +13,7 @@
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.core.env.Environment;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -84,11 +82,13 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         .requestMatchers("/agencies/**").permitAll()
         .requestMatchers(WHITE_LIST).permitAll()
         .requestMatchers("/agencies").permitAll()
+        .requestMatchers(HttpMethod.GET, "/agencyadmin/agencies")
+        .hasAuthority(AuthorityValue.SEARCH_AGENCIES)
         .requestMatchers("/agencyadmin/agencies/tenant/*")
-        .access("hasAuthority('" + AGENCY_ADMIN.getAuthority()
-            + "') and hasAuthority('" + TENANT_ADMIN.getAuthority() + "')")
+        .access("hasAuthority('" + AuthorityValue.AGENCY_ADMIN
+            + "') and hasAuthority('" + AuthorityValue.TENANT_ADMIN + "')")
         .requestMatchers("/agencyadmin", "/agencyadmin/", "/agencyadmin/**")
-        .hasAnyAuthority(AGENCY_ADMIN.getAuthority(), RESTRICTED_AGENCY_ADMIN.getAuthority())
+        .hasAnyAuthority(AuthorityValue.AGENCY_ADMIN, AuthorityValue.RESTRICTED_AGENCY_ADMIN)
         .anyRequest().denyAll();
 
 

src/main/resources/db/changelog/agencyservice-dev-master.xml

@@ -23,4 +23,5 @@
 	<include file="db/changelog/changeset/0014_drop_diocese/0014_changeSet.xml"/>
 	-->
 	<include file="db/changelog/changeset/0015_change_consultingtype_column_type/0015_changeSet.xml"/>
+	<include file="db/changelog/changeset/0016_add_data_protection_attributes/0016_changeSet.xml"/>
 </databaseChangeLog>

src/main/resources/db/changelog/agencyservice-local-master.xml

@@ -22,4 +22,5 @@
   <!-- uncomment it once confirmed diocese has been migrated correctly to tenant by migration tool
   <include file="db/changelog/changeset/0014_drop_diocese/0014_changeSet.xml"/>-->
   <include file="db/changelog/changeset/0015_change_consultingtype_column_type/0015_changeSet.xml"/>
+  <include file="db/changelog/changeset/0016_add_data_protection_attributes/0016_changeSet.xml"/>
 </databaseChangeLog>

src/main/resources/db/changelog/agencyservice-prod-master.xml

@@ -19,4 +19,5 @@
 	<!-- uncomment it once confirmed diocese has been migrated correctly to tenant by migration tool
 	<include file="db/changelog/changeset/0014_drop_diocese/0014_changeSet.xml"/>-->
 	<include file="db/changelog/changeset/0015_change_consultingtype_column_type/0015_changeSet.xml"/>
+	<include file="db/changelog/changeset/0016_add_data_protection_attributes/0016_changeSet.xml"/>
 </databaseChangeLog>

src/main/resources/db/changelog/agencyservice-staging-master.xml

@@ -19,4 +19,5 @@
 	<!-- uncomment it once confirmed diocese has been migrated correctly to tenant by migration tool
 	<include file="db/changelog/changeset/0014_drop_diocese/0014_changeSet.xml"/>-->
 	<include file="db/changelog/changeset/0015_change_consultingtype_column_type/0015_changeSet.xml"/>
+	<include file="db/changelog/changeset/0016_add_data_protection_attributes/0016_changeSet.xml"/>
 </databaseChangeLog>

src/main/resources/db/changelog/changeset/0016_add_data_protection_attributes/addDataProtectionAttributes-rollback.sql

@@ -1,2 +1,11 @@
 ALTER TABLE `agencyservice`.`agency`
-DROP COLUMN data_protection_officer_contact longtext;
+DROP COLUMN data_protection_responsible_entity;
+
+ALTER TABLE `agencyservice`.`agency`
+DROP COLUMN data_protection_officer_contact;
+
+ALTER TABLE `agencyservice`.`agency`
+DROP COLUMN data_protection_alternative_contact;
+
+ALTER TABLE `agencyservice`.`agency`
+DROP COLUMN data_protection_agency_contact;

src/main/resources/db/changelog/changeset/0016_add_data_protection_attributes/addDataProtectionAttributes.sql

@@ -2,10 +2,10 @@ ALTER TABLE `agencyservice`.`agency`
 ADD COLUMN data_protection_responsible_entity varchar(100) NULL AFTER `counselling_relations`;
 
 ALTER TABLE `agencyservice`.`agency`
-ADD COLUMN data_protection_responsible_contact longtext NULL AFTER `data_protection_responsible_entity`;
+ADD COLUMN data_protection_alternative_contact longtext NULL AFTER `data_protection_responsible_entity`;
 
 ALTER TABLE `agencyservice`.`agency`
-ADD COLUMN data_protection_officer_contact longtext NULL AFTER `data_protection_responsible_contact`;
+ADD COLUMN data_protection_officer_contact longtext NULL AFTER `data_protection_alternative_contact`;
 
 ALTER TABLE `agencyservice`.`agency`
-ADD COLUMN data_protection_agency_contact longtext NULL AFTER `data_protection_officer_contact`;
+ADD COLUMN data_protection_agency_contact longtext NULL AFTER `data_protection_officer_contact`;

src/test/java/de/caritas/cob/agencyservice/api/authorization/AuthorityTest.java

@@ -2,40 +2,40 @@
 
 import static de.caritas.cob.agencyservice.api.authorization.Authority.AGENCY_ADMIN;
 import static de.caritas.cob.agencyservice.api.authorization.Authority.fromRoleName;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.is;
-import static org.hamcrest.Matchers.nullValue;
+import static org.assertj.core.api.Assertions.assertThat;
 
+import de.caritas.cob.agencyservice.api.authorization.Authority.AuthorityValue;
+import java.util.List;
 import org.junit.Test;
 
 public class AuthorityTest {
 
   @Test
   public void getAuthority_Should_returnExpectedAuthority_When_authorityIsAgencyAdmin() {
-    String authority = AGENCY_ADMIN.getAuthority();
+    List<String> authorities = AGENCY_ADMIN.getAuthorities();
 
-    assertThat(authority, is("AUTHORIZATION_AGENCY_ADMIN"));
+    assertThat(authorities).containsOnly(AuthorityValue.AGENCY_ADMIN, AuthorityValue.SEARCH_AGENCIES);
   }
 
   @Test
   public void fromRoleName_Should_returnNull_When_roleNameIsNull() {
     Authority authority = fromRoleName(null);
 
-    assertThat(authority, nullValue());
+    assertThat(authority).isNull();
   }
 
   @Test
   public void fromRoleName_Should_returnNull_When_roleNameDoesNotExist() {
     Authority authority = fromRoleName("not existing");
 
-    assertThat(authority, nullValue());
+    assertThat(authority).isNull();
   }
 
   @Test
   public void fromRoleName_Should_returnAgencyAdmin_When_roleNameIsAgencyAdmin() {
     Authority authority = fromRoleName("agency-admin");
 
-    assertThat(authority, is(AGENCY_ADMIN));
+    assertThat(authority.getAuthorities()).containsOnly(AuthorityValue.AGENCY_ADMIN, AuthorityValue.SEARCH_AGENCIES);
   }
 
 }

src/test/java/de/caritas/cob/agencyservice/api/authorization/RoleAuthorizationAuthorityMapperTest.java

@@ -2,10 +2,8 @@
 
 import static de.caritas.cob.agencyservice.api.authorization.Authority.AGENCY_ADMIN;
 import static java.util.Collections.emptyList;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.hasSize;
-import static org.hamcrest.Matchers.is;
-
+import static org.assertj.core.api.Assertions.assertThat;
+import de.caritas.cob.agencyservice.api.authorization.Authority.AuthorityValue;
 import java.util.Collection;
 import java.util.List;
 import java.util.stream.Collectors;
@@ -28,8 +26,10 @@ public void mapAuthorities_Should_returnGrantedAgencyAdminAuthority_When_authori
     Collection<? extends GrantedAuthority> mappedAuthorities = this.roleAuthorizationAuthorityMapper
         .mapAuthorities(grantedAuthorities);
 
-    assertThat(mappedAuthorities, hasSize(1));
-    assertThat(mappedAuthorities.iterator().next().getAuthority(), is(AGENCY_ADMIN.getAuthority()));
+    assertThat(mappedAuthorities).hasSize(2);
+    List<String> authorities = mappedAuthorities.stream()
+        .map(grantedAuthority -> grantedAuthority.getAuthority()).toList();
+    assertThat(authorities).containsAll(AGENCY_ADMIN.getAuthorities());
   }
 
   @Test
@@ -41,16 +41,32 @@ public void mapAuthorities_Should_returnGrantedAgencyAdminAuthority_When_authori
     Collection<? extends GrantedAuthority> mappedAuthorities = this.roleAuthorizationAuthorityMapper
         .mapAuthorities(grantedAuthorities);
 
-    assertThat(mappedAuthorities, hasSize(1));
-    assertThat(mappedAuthorities.iterator().next().getAuthority(), is(AGENCY_ADMIN.getAuthority()));
+    assertThat(mappedAuthorities).hasSize(2);
+    List<String> authorities = mappedAuthorities.stream()
+        .map(grantedAuthority -> grantedAuthority.getAuthority()).toList();
+    assertThat(authorities).containsAll(AGENCY_ADMIN.getAuthorities());
+
+  }
+
+  @Test
+  public void mapAuthorities_Should_returnGrantedAgencySearchAuthority_When_authoritiesRestrictedConsultantAdmin() {
+    List<GrantedAuthority> grantedAuthorities = Stream.of("a", "v", "restricted-consultant-admin", "c")
+        .map(SimpleGrantedAuthority::new)
+        .collect(Collectors.toList());
+
+    Collection<? extends GrantedAuthority> mappedAuthorities = this.roleAuthorizationAuthorityMapper
+        .mapAuthorities(grantedAuthorities);
+
+    assertThat(mappedAuthorities).hasSize(1);
+    assertThat(mappedAuthorities.iterator().next().getAuthority()).isEqualTo(AuthorityValue.SEARCH_AGENCIES);
   }
 
   @Test
   public void mapAuthorities_Should_returnEmptyCollection_When_authorityIsEmpty() {
     Collection<? extends GrantedAuthority> mappedAuthorities = this.roleAuthorizationAuthorityMapper
         .mapAuthorities(emptyList());
 
-    assertThat(mappedAuthorities, hasSize(0));
+    assertThat(mappedAuthorities).isEmpty();
   }
 
   @Test
@@ -62,7 +78,7 @@ public void mapAuthorities_Should_returnEmptyCollection_When_authoritiesAreNotPr
     Collection<? extends GrantedAuthority> mappedAuthorities = this.roleAuthorizationAuthorityMapper
         .mapAuthorities(grantedAuthorities);
 
-    assertThat(mappedAuthorities, hasSize(0));
+    assertThat(mappedAuthorities).isEmpty();
   }
 
 }

src/test/java/de/caritas/cob/agencyservice/api/service/CentralDataProtectionTemplateServiceTest.java

@@ -70,6 +70,39 @@ void renderDataProtectionPrivacy_shouldProperlyRenderPrivacy_When_PlaceholdersAr
         "Privacy template with placeholders: Data protection officer contact name: Max Mustermann, Data protection responsible contact name: Max Mustermann,");
   }
 
+  @Test
+  void renderDataProtectionPrivacy_shouldReturnPrivacyAsItIs_When_PlaceholdersAreNotIncludedInPrivacy() {
+
+    // given
+    when(tenantService.getRestrictedTenantDataByTenantId(anyLong())).thenReturn(
+        new RestrictedTenantDTO()
+            .content(
+                new Content().dataProtectionContactTemplate(getDataProtectionContactTemplate())
+                    .privacy(
+                        "Privacy template without placeholders")));
+    DataProtectionContactDTO dataProtectionContactDTO = new DataProtectionContactDTO()
+        .nameAndLegalForm("Max Mustermann");
+
+    Agency agency = Agency.builder()
+        .id(1000L)
+        .tenantId(1L)
+        .consultingTypeId(1)
+        .name("agencyName")
+        .dataProtectionResponsibleEntity(DataProtectionResponsibleEntity.DATA_PROTECTION_OFFICER)
+        .dataProtectionOfficerContactData(JsonConverter.convertToJson(dataProtectionContactDTO))
+        .dataProtectionAgencyResponsibleContactData(JsonConverter.convertToJson(dataProtectionContactDTO))
+        .build();
+
+    // when
+    var renderedPrivacy = centralDataProtectionTemplateService.renderPrivacyTemplateWithRenderedPlaceholderValues(
+        agency);
+
+    // then
+    assertThat(
+        renderedPrivacy).isEqualTo(
+        "Privacy template without placeholders");
+  }
+
   @Test
   void renderDataProtectionTemplatePlaceholders_shouldProperlyRenderPlaceholders_If_SomeVariableDataIsMissing() {