Populate 'postedByAad' in Add/SaveNote

hmcts · Mar 1, 2024 · dd242b0 · dd242b0
1 parent e5427bf
commit dd242b0
Show file tree

Hide file tree

Showing 55 changed files with 438 additions and 129 deletions.
diff --git a/...ava/uk/gov/hmcts/opal/authentication/controller/AuthenticationInternalUserController.java b/...ava/uk/gov/hmcts/opal/authentication/controller/AuthenticationInternalUserController.java
@@ -51,11 +51,12 @@ public SecurityToken handleOauthCode(@RequestParam("code") String code) {
         String accessToken = authenticationService.handleOauthCode(code);
         var securityTokenBuilder = SecurityToken.builder()
             .accessToken(accessToken);
-        Optional<String> emailAddressOptional = Optional.ofNullable(accessTokenService.extractUserEmail(accessToken));
+        Optional<String> preferredUsernameOptional = Optional.ofNullable(
+            accessTokenService.extractPreferredUsername(accessToken));
 
-        if (emailAddressOptional.isPresent()) {
-            Optional<UserState> userStateOptional = authorisationService.getAuthorisation(emailAddressOptional.get());
-            securityTokenBuilder.userState(userStateOptional.orElse(null));
+        if (preferredUsernameOptional.isPresent()) {
+            UserState userStateOptional = authorisationService.getAuthorisation(preferredUsernameOptional.get());
+            securityTokenBuilder.userState(userStateOptional);
         }
         return securityTokenBuilder.build();
     }

diff --git a/src/main/java/uk/gov/hmcts/opal/authentication/service/AccessTokenService.java b/src/main/java/uk/gov/hmcts/opal/authentication/service/AccessTokenService.java
@@ -1,6 +1,7 @@
 package uk.gov.hmcts.opal.authentication.service;
 
 import com.nimbusds.jwt.JWT;
+import com.nimbusds.jwt.JWTClaimsSet;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
@@ -19,6 +20,14 @@
 @RequiredArgsConstructor
 public class AccessTokenService {
 
+    public static final String AUTH_HEADER = "authorization";
+    public static final String PREFERRED_USERNAME_KEY = "preferred_username";
+    public static final String NAME_KEY = "name";
+    public static final String SCP_KEY = "scp";
+    public static final String UNIQUE_NAME_KEY = "unique_name";
+    public static final String UPN_NAME_KEY = "upn";
+    public static final String BEARER_PREFIX = "Bearer ";
+
     private final InternalAuthConfigurationProperties configuration;
     private final AzureTokenClient azureTokenClient;
     private final TokenValidator tokenValidator;
@@ -48,13 +57,37 @@ public AccessTokenResponse getAccessToken(String userName, String password) {
         );
     }
 
-    public String extractUserEmail(String authorizationHeader) {
+    public String extractPreferredUsername(String accessToken) {
+        return extractClaim(accessToken, PREFERRED_USERNAME_KEY);
+    }
+
+    public String extractName(String accessToken) {
+        return extractClaim(accessToken, NAME_KEY);
+    }
+
+    public String extractScp(String accessToken) {
+        return extractClaim(accessToken, SCP_KEY);
+    }
+
+    public String extractUniqueName(String accessToken) {
+        return extractClaim(accessToken, UNIQUE_NAME_KEY);
+    }
+
+    public String extractUpn(String accessToken) {
+        return extractClaim(accessToken, UPN_NAME_KEY);
+    }
+
+    public String extractClaim(String accessToken, String claimKey) {
+        return extractClaims(accessToken).getClaim(claimKey).toString();
+    }
+
+    public JWTClaimsSet extractClaims(String accessToken) {
         try {
-            String token = extractToken(authorizationHeader);
+            String token = extractToken(accessToken);
             JWT parsedJwt = tokenValidator.parse(token);
-            return parsedJwt.getJWTClaimsSet().getClaim("preferred_username").toString();
+            return parsedJwt.getJWTClaimsSet();
         } catch (ParseException e) {
-            log.error("Unable to parse token: " + e.getMessage());
+            log.error(":extractClaim: Unable to extract claims from JWT Token: {}", e.getMessage());
             throw new OpalApiException(AuthenticationError.FAILED_TO_PARSE_ACCESS_TOKEN, e);
         }
     }
@@ -66,4 +99,3 @@ public String extractToken(String accessToken) {
         return accessToken;
     }
 }
-
diff --git a/src/main/java/uk/gov/hmcts/opal/authorisation/model/Permission.java b/src/main/java/uk/gov/hmcts/opal/authorisation/model/Permission.java
@@ -9,7 +9,7 @@
 public class Permission {
 
     @NonNull
-    Integer permissionId;
+    Long permissionId;
 
     @NonNull
     String permissionName;

diff --git a/src/main/java/uk/gov/hmcts/opal/authorisation/model/UserState.java b/src/main/java/uk/gov/hmcts/opal/authorisation/model/UserState.java
@@ -5,6 +5,7 @@
 import lombok.NonNull;
 import lombok.Value;
 
+import java.util.Optional;
 import java.util.Set;
 
 @Value
@@ -20,4 +21,11 @@ public class UserState {
     @EqualsAndHashCode.Exclude
     Set<Role> roles;
 
+    public Optional<Role> getFirstRole() {
+        return roles.stream().findFirst();
+    }
+
+    public Optional<String> getFirstRoleBusinessUserId() {
+        return getFirstRole().map(Role::getBusinessUserId);
+    }
 }
diff --git a/src/main/java/uk/gov/hmcts/opal/authorisation/service/AuthorisationService.java b/src/main/java/uk/gov/hmcts/opal/authorisation/service/AuthorisationService.java
@@ -4,20 +4,16 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 import uk.gov.hmcts.opal.authorisation.model.UserState;
-
-import java.util.Optional;
+import uk.gov.hmcts.opal.service.opal.UserService;
 
 @Slf4j
 @Service
 @RequiredArgsConstructor
 public class AuthorisationService {
 
+    private final UserService userService;
 
-    public Optional<UserState> getAuthorisation(String emailAddress) {
-        //TODO: populate user state from the database.
-        return Optional.of(UserState.builder()
-                               .userId(emailAddress)
-                               .userName("some name")
-                               .build());
+    public UserState getAuthorisation(String username) {
+        return userService.getUserStateByUsername(username);
     }
 }
diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/AccountTransferController.java b/src/main/java/uk/gov/hmcts/opal/controllers/AccountTransferController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/ApplicationFunctionController.java b/src/main/java/uk/gov/hmcts/opal/controllers/ApplicationFunctionController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/BusinessUnitController.java b/src/main/java/uk/gov/hmcts/opal/controllers/BusinessUnitController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/BusinessUnitUserController.java b/src/main/java/uk/gov/hmcts/opal/controllers/BusinessUnitUserController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/CommittalWarrantProgressController.java b/src/main/java/uk/gov/hmcts/opal/controllers/CommittalWarrantProgressController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/CourtController.java b/src/main/java/uk/gov/hmcts/opal/controllers/CourtController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/DebtorDetailController.java b/src/main/java/uk/gov/hmcts/opal/controllers/DebtorDetailController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/DefendantAccountController.java b/src/main/java/uk/gov/hmcts/opal/controllers/DefendantAccountController.java
@@ -5,7 +5,6 @@
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -16,6 +15,8 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
+import uk.gov.hmcts.opal.authentication.service.AccessTokenService;
+import uk.gov.hmcts.opal.authorisation.model.UserState;
 import uk.gov.hmcts.opal.dto.AccountDetailsDto;
 import uk.gov.hmcts.opal.dto.AccountEnquiryDto;
 import uk.gov.hmcts.opal.dto.search.AccountSearchDto;
@@ -26,11 +27,14 @@
 import uk.gov.hmcts.opal.entity.DefendantAccountEntity;
 import uk.gov.hmcts.opal.service.DefendantAccountServiceInterface;
 import uk.gov.hmcts.opal.service.NoteServiceInterface;
+import uk.gov.hmcts.opal.service.opal.UserService;
 
 import java.time.LocalDateTime;
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildCreatedResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.extractPreferredUsername;
 
 @RestController
 @RequestMapping("/api/defendant-account")
@@ -44,12 +48,19 @@ public class DefendantAccountController {
 
     private final NoteServiceInterface noteService;
 
+    private final AccessTokenService tokenService;
+
+    private final UserService userService;
+
     public DefendantAccountController(
         @Qualifier("defendantAccountServiceProxy") DefendantAccountServiceInterface defendantAccountService,
-        @Qualifier("noteServiceProxy") NoteServiceInterface noteService) {
+        @Qualifier("noteServiceProxy") NoteServiceInterface noteService, AccessTokenService tokenService,
+        UserService userService) {
 
         this.defendantAccountService = defendantAccountService;
         this.noteService = noteService;
+        this.tokenService = tokenService;
+        this.userService = userService;
     }
 
     @GetMapping
@@ -65,11 +76,7 @@ public ResponseEntity<DefendantAccountEntity> getDefendantAccount(
 
         DefendantAccountEntity response = defendantAccountService.getDefendantAccount(request);
 
-        if (response == null) {
-            return ResponseEntity.noContent().build();
-        }
-
-        return ResponseEntity.ok(response);
+        return buildResponse(response);
     }
 
     @PutMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
@@ -79,7 +86,7 @@ public ResponseEntity<DefendantAccountEntity> putDefendantAccount(
 
         DefendantAccountEntity response = defendantAccountService.putDefendantAccount(defendantAccountEntity);
 
-        return ResponseEntity.ok(response);
+        return buildResponse(response);
     }
 
     @GetMapping(value = "/{defendantAccountId}")
@@ -88,11 +95,7 @@ public ResponseEntity<AccountDetailsDto> getAccountDetailsByAccountSummary(@Path
 
         AccountDetailsDto response = defendantAccountService.getAccountDetailsByDefendantAccountId(defendantAccountId);
 
-        if (response == null) {
-            return ResponseEntity.noContent().build();
-        }
-
-        return ResponseEntity.ok(response);
+        return buildResponse(response);
     }
 
     @PostMapping(value = "/search", consumes = MediaType.APPLICATION_JSON_VALUE)
@@ -103,11 +106,7 @@ public ResponseEntity<AccountSearchResultsDto> postDefendantAccountSearch(
 
         AccountSearchResultsDto response = defendantAccountService.searchDefendantAccounts(accountSearchDto);
 
-        if (response == null) {
-            return ResponseEntity.noContent().build();
-        }
-
-        return ResponseEntity.ok(response);
+        return buildResponse(response);
     }
 
     @PostMapping(value = "/addNote", consumes = MediaType.APPLICATION_JSON_VALUE)
@@ -116,22 +115,25 @@ public ResponseEntity<NoteDto> addNote(
         @RequestBody AddNoteDto addNote, HttpServletRequest request) {
         log.info(":POST:addNote: {}", addNote.toPrettyJson());
 
+        String preferredUsername = extractPreferredUsername(request, tokenService);
+        UserState userState = userService.getUserStateByUsername(preferredUsername);
+
         NoteDto noteDto = NoteDto.builder()
             .associatedRecordId(addNote.getAssociatedRecordId())
             .noteText(addNote.getNoteText())
             .associatedRecordType(NOTE_ASSOC_REC_TYPE)
             .noteType("AA") // TODO - This will probably need to part of the AddNoteDto in future
-            .postedBy(request.getRemoteUser())
+            .postedBy(userState.getFirstRoleBusinessUserId().orElse(preferredUsername)) // TODO - not always 'first'?
+            .postedByAAD(userState.getUserId())
             .postedDate(LocalDateTime.now())
             .build();
 
         NoteDto response = noteService.saveNote(noteDto);
 
-        if (response == null) {
-            return ResponseEntity.noContent().build();
-        }
+        log.info(":POST:addNote: response: {}", response);
+
+        return buildCreatedResponse(response);
 
-        return new ResponseEntity<>(response, HttpStatus.CREATED);
     }
 
     @GetMapping(value = "/notes/{defendantId}")

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/DefendantTransactionController.java b/src/main/java/uk/gov/hmcts/opal/controllers/DefendantTransactionController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/DocumentController.java b/src/main/java/uk/gov/hmcts/opal/controllers/DocumentController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/DocumentInstanceController.java b/src/main/java/uk/gov/hmcts/opal/controllers/DocumentInstanceController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/EnforcementController.java b/src/main/java/uk/gov/hmcts/opal/controllers/EnforcementController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/EnforcerController.java b/src/main/java/uk/gov/hmcts/opal/controllers/EnforcerController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/LocalJusticeAreaController.java b/src/main/java/uk/gov/hmcts/opal/controllers/LocalJusticeAreaController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController

diff --git a/src/main/java/uk/gov/hmcts/opal/controllers/MisDebtorController.java b/src/main/java/uk/gov/hmcts/opal/controllers/MisDebtorController.java
@@ -18,7 +18,7 @@
 
 import java.util.List;
 
-import static uk.gov.hmcts.opal.util.ResponseUtil.buildResponse;
+import static uk.gov.hmcts.opal.util.HttpUtil.buildResponse;
 
 
 @RestController