Merge pull request #2611 from constantine2nd/develop

Get Current User Version 6.0.0 - add on_behalf_of object

Author: simonredfern

obp-api/src/main/scala/code/api/util/ApiSession.scala

@@ -30,6 +30,7 @@ case class CallContext(
                         dauthResponseHeader: Option[String] = None,
                         spelling: Option[String] = None,
                         user: Box[User] = Empty,
+                        onBehalfOfUser: Option[User] = None,
                         consenter: Box[User] = Empty,
                         consumer: Box[Consumer] = Empty,
                         ipAddress: String = "",

obp-api/src/main/scala/code/api/util/ConsentUtil.scala

@@ -431,6 +431,10 @@ object Consent extends MdcLoggable {
 
     def applyConsentRules(consent: ConsentJWT): Future[(Box[User], Option[CallContext])] = {
       val cc = callContext
+      if(consent.createdByUserId.nonEmpty) {
+        val onBehalfOfUser = Users.users.vend.getUserByUserId(consent.createdByUserId)
+        cc.copy(onBehalfOfUser = onBehalfOfUser.toOption)
+      }
       // 1. Get or Create a User
       getOrCreateUser(consent.sub, consent.iss, Some(consent.jti), None, None) map {
         case (Full(user), newUser) =>

obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala

@@ -5,12 +5,18 @@ import code.api.util.APIUtil._
 import code.api.util.ApiTag._
 import code.api.util.ErrorMessages.{$UserNotLoggedIn, InvalidJsonFormat, UnknownError, _}
 import code.api.util.FutureUtil.EndpointContext
+import code.api.util.NewStyle
+import code.api.util.NewStyle.HttpCode
 import code.bankconnectors.LocalMappedConnectorInternal
 import code.bankconnectors.LocalMappedConnectorInternal._
+import code.entitlement.Entitlement
+import code.views.Views
 import com.github.dwickern.macros.NameOf.nameOf
 import com.openbankproject.commons.model._
 import com.openbankproject.commons.util.{ApiVersion, ScannedApiVersion}
+import net.liftweb.common.Full
 import net.liftweb.http.rest.RestHelper
+import com.openbankproject.commons.ExecutionContext.Implicits.global
 
 import scala.collection.immutable.{List, Nil}
 import scala.collection.mutable.ArrayBuffer
@@ -31,6 +37,46 @@ trait APIMethods600 {
     val apiRelations = ArrayBuffer[ApiRelation]()
     val codeContext = CodeContext(staticResourceDocs, apiRelations)
 
+
+    staticResourceDocs += ResourceDoc(
+      getCurrentUser,
+      implementedInApiVersion,
+      nameOf(getCurrentUser), // TODO can we get this string from the val two lines above?
+      "GET",
+      "/users/current",
+      "Get User (Current)",
+      s"""Get the logged in user
+         |
+         |${userAuthenticationMessage(true)}
+      """.stripMargin,
+      EmptyBody,
+      userJsonV300,
+      List(UserNotLoggedIn, UnknownError),
+      List(apiTagUser))
+
+    lazy val getCurrentUser: OBPEndpoint = {
+      case "users" :: "current" :: Nil JsonGet _ => {
+        cc => {
+          implicit val ec = EndpointContext(Some(cc))
+          for {
+            (Full(u), callContext) <- authenticatedAccess(cc)
+            entitlements <- NewStyle.function.getEntitlementsByUserId(u.userId, callContext)
+          } yield {
+            val permissions: Option[Permission] = Views.views.vend.getPermissionForUser(u).toOption
+            val currentUser = UserV600(u, entitlements, permissions)
+            val onBehalfOfUser = if(cc.onBehalfOfUser.isDefined) {
+              val entitlements = Entitlement.entitlement.vend.getEntitlementsByUserId(cc.onBehalfOfUser.get.userId).headOption.toList.flatten
+              val permissions: Option[Permission] = Views.views.vend.getPermissionForUser(cc.onBehalfOfUser.get).toOption
+              Some(UserV600(cc.onBehalfOfUser.get, entitlements, permissions))
+            } else {
+              None
+            }
+            (JSONFactory600.createUserInfoJSON(currentUser, onBehalfOfUser), HttpCode.`200`(callContext))
+          }
+        }
+      }
+    }
+
     staticResourceDocs += ResourceDoc(
       createTransactionRequestCardano,
       implementedInApiVersion,

obp-api/src/main/scala/code/api/v6_0_0/JSONFactory6.0.0.scala

@@ -26,7 +26,11 @@
   */
 package code.api.v6_0_0
 
+import code.api.util.APIUtil.stringOrNull
 import code.api.util._
+import code.api.v2_0_0.{EntitlementJSONs, JSONFactory200}
+import code.api.v3_0_0.{UserJsonV300, ViewJSON300, ViewsJSON300}
+import code.entitlement.Entitlement
 import code.util.Helper.MdcLoggable
 import com.openbankproject.commons.model._
 
@@ -59,6 +63,41 @@ case class TransactionRequestBodyCardanoJsonV600(
   metadata: Option[Map[String, CardanoMetadataStringJsonV600]] = None
 ) extends TransactionRequestCommonBodyJSON
 
+case class UserJsonV600(
+                         user_id: String,
+                         email : String,
+                         provider_id: String,
+                         provider : String,
+                         username : String,
+                         entitlements : EntitlementJSONs,
+                         views: Option[ViewsJSON300],
+                         on_behalf_of: Option[UserJsonV300]
+                       )
+
+case class UserV600(user: User, entitlements: List[Entitlement], views: Option[Permission])
+case class UsersJsonV600(current_user: UserV600, on_behalf_of_user: UserV600)
+
 object JSONFactory600 extends CustomJsonFormats with MdcLoggable{
-  
+  def createUserInfoJSON(current_user: UserV600, onBehalfOfUser: Option[UserV600]): UserJsonV600 = {
+    UserJsonV600(
+      user_id = current_user.user.userId,
+      email = current_user.user.emailAddress,
+      username = stringOrNull(current_user.user.name),
+      provider_id = current_user.user.idGivenByProvider,
+      provider = stringOrNull(current_user.user.provider),
+      entitlements = JSONFactory200.createEntitlementJSONs(current_user.entitlements),
+      views = current_user.views.map(y => ViewsJSON300(y.views.map((v => ViewJSON300(v.bankId.value, v.accountId.value, v.viewId.value))))),
+      on_behalf_of = onBehalfOfUser.map { obu =>
+        UserJsonV300(
+          user_id = obu.user.userId,
+          email = obu.user.emailAddress,
+          username = stringOrNull(obu.user.name),
+          provider_id = obu.user.idGivenByProvider,
+          provider = stringOrNull(obu.user.provider),
+          entitlements = JSONFactory200.createEntitlementJSONs(obu.entitlements),
+          views = obu.views.map(y => ViewsJSON300(y.views.map((v => ViewJSON300(v.bankId.value, v.accountId.value, v.viewId.value)))))
+        )
+      }
+    )
+  }
 }