Skip to content

Commit

Permalink
Merge pull request #2417 from constantine2nd/develop
Browse files Browse the repository at this point in the history
Few tweaks
  • Loading branch information
simonredfern authored Aug 21, 2024
2 parents e40b427 + 24837ec commit 5179e48
Show file tree
Hide file tree
Showing 14 changed files with 95 additions and 31 deletions.
3 changes: 2 additions & 1 deletion obp-api/src/main/scala/bootstrap/liftweb/Boot.scala
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,8 @@ class Boot extends MdcLoggable {
SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID, SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID,
SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID,
SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID,
SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID
SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID,
SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID
)
for {
systemView <- viewSetUKOpenBanking
Expand Down
2 changes: 1 addition & 1 deletion obp-api/src/main/scala/code/api/OAuth2.scala
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ object OAuth2Login extends RestHelper with MdcLoggable {
hydraAdmin.createOAuth2Client(oAuth2Client)
} else if(!CertificateUtil.comparePemX509Certificates(certInConsumer, cert)) {
// Cannot mat.ch the value from PSD2-CERT header and the database value Consumer.clientCertificate
logger.debug("Cert in Consumer: " + certInConsumer)
logger.debug(s"Cert in Consumer with the name ***${foundConsumer.name}*** : " + certInConsumer)
logger.debug("Cert in Request: " + cert)
logger.debug(s"Token: $value")
logger.debug(s"Client ID: ${introspectOAuth2Token.getClientId}")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -188,7 +188,9 @@ As a last option, an ASPSP might in addition accept a command with access rights
callContext.flatMap(_.consumer).map(_.consumerId.get),
Some(validUntil),
callContext
)
) map {
i => connectorEmptyResponse(i, callContext)
}
_ <- Future(Consents.consentProvider.vend.setJsonWebToken(createdConsent.consentId, consentJWT)) map {
i => connectorEmptyResponse(i, callContext)
}
Expand Down Expand Up @@ -570,7 +572,7 @@ Reads account data from a given card account addressed by "account-id".
_ <- passesPsd2Aisp(callContext)
(bankAccount: BankAccount, callContext) <- NewStyle.function.getBankAccountByAccountId(accountId, callContext)
(bank, callContext) <- NewStyle.function.getBank(bankAccount.bankId, callContext)
viewId = ViewId(SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID)
viewId = ViewId(SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID)
bankIdAccountId = BankIdAccountId(bankAccount.bankId, bankAccount.accountId)
view <- NewStyle.function.checkAccountAccessAndGetView(viewId, bankIdAccountId, Full(u), callContext)
params <- Future { createQueriesByHttpParams(callContext.get.requestHeaders)} map {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -568,15 +568,12 @@ Check the transaction status of a payment initiation.""",
}
(toAccount, callContext) <- NewStyle.function.getToBankAccountByIban(toAccountIban, callContext)

viewId = ViewId(SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID)
viewId = ViewId(SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID)
bankIdAccountId = BankIdAccountId(fromAccount.bankId, fromAccount.accountId)
view <- NewStyle.function.checkAccountAccessAndGetView(viewId, bankIdAccountId, Full(u), callContext)

_ <- if (view.canAddTransactionRequestToAnyAccount)
Future.successful(Full(Unit))
else
NewStyle.function.hasEntitlement(fromAccount.bankId.value, u.userId, ApiRole.canCreateAnyTransactionRequest, callContext, InsufficientAuthorisationToCreateTransactionRequest)

_ <- Helper.booleanToFuture(InsufficientAuthorisationToCreateTransactionRequest, cc = callContext) {
view.canAddTransactionRequestToAnyAccount
}
// Prevent default value for transaction request type (at least).
_ <- Helper.booleanToFuture(s"From Account Currency is ${fromAccount.currency}, but Requested Transaction Currency is: ${transDetailsJson.instructedAmount.currency}", cc = callContext) {
transDetailsJson.instructedAmount.currency == fromAccount.currency
Expand Down
7 changes: 5 additions & 2 deletions obp-api/src/main/scala/code/api/constant/constant.scala
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ object Constant extends MdcLoggable {
final val SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID = "ReadAccountsBerlinGroup"
final val SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID = "ReadBalancesBerlinGroup"
final val SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID = "ReadTransactionsBerlinGroup"
final val SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID = "InitiatePaymentsBerlinGroup"

//This is used for the canRevokeAccessToViews_ and canGrantAccessToViews_ fields of SYSTEM_OWNER_VIEW_ID or SYSTEM_STANDARD_VIEW_ID.
final val DEFAULT_CAN_GRANT_AND_REVOKE_ACCESS_TO_VIEWS =
Expand All @@ -78,7 +79,8 @@ object Constant extends MdcLoggable {
SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID::
SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID :: Nil
SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID ::
SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID :: Nil

//We allow CBS side to generate views by getBankAccountsForUser.viewsToGenerate filed.
// viewsToGenerate can be any views, and OBP will check the following list, to make sure only allowed views are generated
Expand All @@ -92,7 +94,8 @@ object Constant extends MdcLoggable {
SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID::
SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID :: Nil
SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID ::
SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID :: Nil

//These are the default incoming and outgoing account ids. we will create both during the boot.scala.
final val INCOMING_SETTLEMENT_ACCOUNT_ID = "OBP-INCOMING-SETTLEMENT-ACCOUNT"
Expand Down
14 changes: 9 additions & 5 deletions obp-api/src/main/scala/code/api/util/ConsentUtil.scala
Original file line number Diff line number Diff line change
Expand Up @@ -669,7 +669,7 @@ object Consent extends MdcLoggable {
consentId: String,
consumerId: Option[String],
validUntil: Option[Date],
callContext: Option[CallContext]): Future[String] = {
callContext: Option[CallContext]): Future[Box[String]] = {

val currentTimeInSeconds = System.currentTimeMillis / 1000
val validUntilTimeInSeconds = validUntil match {
Expand Down Expand Up @@ -731,10 +731,14 @@ object Consent extends MdcLoggable {
views = views,
access = Some(consent.access)
)
implicit val formats = CustomJsonFormats.formats
val jwtPayloadAsJson = compactRender(Extraction.decompose(json))
val jwtClaims: JWTClaimsSet = JWTClaimsSet.parse(jwtPayloadAsJson)
CertificateUtil.jwtWithHmacProtection(jwtClaims, secret)
if(views.isEmpty) {
Empty
} else {
implicit val formats = CustomJsonFormats.formats
val jwtPayloadAsJson = compactRender(Extraction.decompose(json))
val jwtClaims: JWTClaimsSet = JWTClaimsSet.parse(jwtPayloadAsJson)
Full(CertificateUtil.jwtWithHmacProtection(jwtClaims, secret))
}
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -309,8 +309,8 @@ case class AccountsBalancesJsonV400(accounts:List[AccountBalanceJsonV400])
case class BalanceJsonV400(`type`: String, currency: String, amount: String)

case class AccountBalanceJsonV400(
account_id: String,
bank_id: String,
account_id: String,
account_routings: List[AccountRouting],
label: String,
balances: List[BalanceJsonV400]
Expand Down
2 changes: 2 additions & 0 deletions obp-api/src/main/scala/code/api/v5_0_0/APIMethods500.scala
Original file line number Diff line number Diff line change
Expand Up @@ -945,6 +945,8 @@ trait APIMethods500 {
//Here are all the VRP consent request
(bankId, accountId, viewId, counterpartyId) <- if (isVRPConsentRequest) {
val postConsentRequestJsonV510 = json.parse(createdConsentRequest.payload).extract[code.api.v5_1_0.PostVRPConsentRequestJsonV510]

// TODO Add routing scheme as well. In case IBAN is provided this will not work.
val fromBankIdAccountId = BankIdAccountId(BankId(postConsentRequestJsonV510.from_account.bank_routing.address), AccountId(postConsentRequestJsonV510.from_account.account_routing.address))

val vrpViewId = s"_VRP-${UUID.randomUUID.toString}".dropRight(5)// to make sure the length of the viewId is 36.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1111,6 +1111,7 @@ def restoreSomeSessions(): Unit = {
}

def isObpProvider(user: AuthUser) = {
// TODO Consider does http://host should match https://host in development mode
user.getProvider() == Constant.localIdentityProvider
}

Expand Down
25 changes: 21 additions & 4 deletions obp-api/src/main/scala/code/sandbox/OBPDataImport.scala
Original file line number Diff line number Diff line change
Expand Up @@ -411,10 +411,27 @@ trait OBPDataImport extends MdcLoggable {
val readAccountsBerlinGroupView = Views.views.vend.getOrCreateSystemView(SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID).asInstanceOf[Box[ViewType]]
val readBalancesBerlinGroupView = Views.views.vend.getOrCreateSystemView(SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID).asInstanceOf[Box[ViewType]]
val readTransactionsBerlinGroupView = Views.views.vend.getOrCreateSystemView(SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID).asInstanceOf[Box[ViewType]]



List(accountFirehose, ownerView, accountantsView, auditorsView, publicView, readAccountsBasicView, readAccountsDetailView, readBalancesView, readTransactionsBasicView, readTransactionsDebitsView, readTransactionsDetailView, readAccountsBerlinGroupView, readBalancesBerlinGroupView, readTransactionsBerlinGroupView).flatten
val initiatePaymentsBerlinGroupView = Views.views.vend.getOrCreateSystemView(SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID).asInstanceOf[Box[ViewType]]



List(
accountFirehose,
ownerView,
accountantsView,
auditorsView,
publicView,
readAccountsBasicView,
readAccountsDetailView,
readBalancesView,
readTransactionsBasicView,
readTransactionsDebitsView,
readTransactionsDetailView,
readAccountsBerlinGroupView,
readBalancesBerlinGroupView,
readTransactionsBerlinGroupView,
initiatePaymentsBerlinGroupView
).flatten

}

Expand Down
43 changes: 39 additions & 4 deletions obp-api/src/main/scala/code/views/MapperViews.scala
Original file line number Diff line number Diff line change
Expand Up @@ -903,9 +903,12 @@ object MapperViews extends Views with MdcLoggable {
.canSeeOtherBankRoutingAddress_(true)
.canSeeOtherAccountRoutingScheme_(true)
.canSeeOtherAccountRoutingAddress_(true)

// TODO Allow use only for certain cases
.canAddTransactionRequestToOwnAccount_(true) //added following two for payments
.canAddTransactionRequestToAnyAccount_(true)
.canAddTransactionRequestToBeneficiary_(true)

.canSeeAvailableViewsForBankAccount_(false)
.canSeeTransactionRequests_(false)
.canSeeTransactionRequestTypes_(false)
Expand All @@ -921,7 +924,7 @@ object MapperViews extends Views with MdcLoggable {

viewId match {
case SYSTEM_OWNER_VIEW_ID | SYSTEM_STANDARD_VIEW_ID =>
entity
entity // Make additional setup to the existing view
.canSeeAvailableViewsForBankAccount_(true)
.canSeeTransactionRequests_(true)
.canSeeTransactionRequestTypes_(true)
Expand All @@ -931,21 +934,53 @@ object MapperViews extends Views with MdcLoggable {
.canGrantAccessToViews_(DEFAULT_CAN_GRANT_AND_REVOKE_ACCESS_TO_VIEWS.mkString(","))
.canRevokeAccessToViews_(DEFAULT_CAN_GRANT_AND_REVOKE_ACCESS_TO_VIEWS.mkString(","))
case SYSTEM_STAGE_ONE_VIEW_ID =>
entity
entity // Make additional setup to the existing view
.canSeeTransactionDescription_(false)
.canAddTransactionRequestToAnyAccount_(false)
.canAddTransactionRequestToBeneficiary_(false)
case SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID =>
entity
entity // Make additional setup to the existing view
.canRevokeAccessToCustomViews_(true)
.canGrantAccessToCustomViews_(true)
.canCreateCustomView_(true)
.canDeleteCustomView_(true)
.canUpdateCustomView_(true)
.canGetCustomView_(true)
case SYSTEM_FIREHOSE_VIEW_ID =>
entity
entity // Make additional setup to the existing view
.isFirehose_(true)
case SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID |
SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID =>
create // A new one
.isSystem_(true)
.isFirehose_(false)
.name_(StringHelpers.capify(viewId))
.view_id(viewId)
.description_(viewId)
case SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID =>
create // A new one
.isSystem_(true)
.isFirehose_(false)
.name_(StringHelpers.capify(viewId))
.view_id(viewId)
.description_(viewId)
.canSeeTransactionThisBankAccount_(true)
.canSeeTransactionOtherBankAccount_(true)
.canSeeTransactionAmount_(true)
.canSeeTransactionCurrency_(true)
.canSeeTransactionBalance_(true)
.canSeeTransactionStartDate_(true)
.canSeeTransactionFinishDate_(true)
.canSeeTransactionDescription_(true)
case SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID =>
create // A new one
.isSystem_(true)
.isFirehose_(false)
.name_(StringHelpers.capify(viewId))
.view_id(viewId)
.description_(viewId)
.canAddTransactionRequestToAnyAccount_(true)
.canAddTransactionRequestToBeneficiary_(true)
case _ =>
entity
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
package code.api.berlin.group.v1_3

import code.api.Constant
import code.api.Constant.SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID
import code.api.Constant.{SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID, SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID}
import code.api.berlin.group.v1_3.JSONFactory_BERLIN_GROUP_1_3._
import code.api.builder.AccountInformationServiceAISApi.APIMethods_AccountInformationServiceAISApi
import code.api.util.APIUtil
Expand Down Expand Up @@ -212,7 +212,7 @@ class AccountInformationServiceAISApiTest extends BerlinGroupServerSetupV1_3 wit
testAccountId.value,
resourceUser1.userId,
user1,
PostViewJsonV400(view_id = SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID, is_system = true)
PostViewJsonV400(view_id = SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID, is_system = true)
)

val requestGet = (V1_3_BG / "card-accounts" / testAccountId.value / "transactions").GET <@ (user1)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ trait BerlinGroupServerSetupV1_3 extends ServerSetupWithTestData {
Views.views.vend.getOrCreateSystemView(SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID)
Views.views.vend.getOrCreateSystemView(Constant.SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID)
Views.views.vend.getOrCreateSystemView(Constant.SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID)
Views.views.vend.getOrCreateSystemView(Constant.SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID)
}

def grantUserAccessToViewViaEndpoint(bankId: String,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ package code.api.berlin.group.v1_3

import code.api.BerlinGroup.ScaStatus
import code.api.Constant
import code.api.Constant.SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID
import code.api.Constant.{SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID, SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID}
import code.api.berlin.group.v1_3.JSONFactory_BERLIN_GROUP_1_3.{CancellationJsonV13, InitiatePaymentResponseJson, StartPaymentAuthorisationJson}
import code.api.berlin.group.v1_3.model.{PsuData, ScaStatusResponse, UpdatePsuAuthenticationResponse}
import code.api.berlin.group.v1_3.JSONFactory_BERLIN_GROUP_1_3.{CancellationJsonV13, ErrorMessagesBG, InitiatePaymentResponseJson, StartPaymentAuthorisationJson}
Expand Down Expand Up @@ -206,7 +206,8 @@ class PaymentInitiationServicePISApiTest extends BerlinGroupServerSetupV1_3 with
}

private def grantAccountAccess(acountRoutingIbanFrom: BankAccountRouting) = {
Views.views.vend.systemView(ViewId(SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID)).flatMap(view =>
org.scalameta.logger.elem(Views.views.vend.systemView(ViewId(SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID)))
Views.views.vend.systemView(ViewId(SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID)).flatMap(view =>
// Grant account access
Views.views.vend.grantAccessToSystemView(acountRoutingIbanFrom.bankId,
acountRoutingIbanFrom.accountId,
Expand Down

0 comments on commit 5179e48

Please sign in to comment.