Skip to content

Commit

Permalink
CDPS-1054: Updated roles to be read or read/write and allowed access …
Browse files Browse the repository at this point in the history 
…to reference data to either role.
  • Loading branch information
@mtac50
mtac50 committed Nov 19, 2024
1 parent 6fa3703 commit f860fc3
Show file tree
Hide file tree
Showing 6 changed files with 19 additions and 22 deletions.
2 changes: 1 addition & 1 deletion ...tice/digital/hmpps/personintegrationapi/corepersonrecord/CorePersonRecordRoleConstants.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@ package uk.gov.justice.digital.hmpps.personintegrationapi.corepersonrecord

object CorePersonRecordRoleConstants {
const val CORE_PERSON_RECORD_READ_ROLE = "ROLE_CORE_PERSON_API__CORE_PERSON_DATA__RO"
const val CORE_PERSON_RECORD_WRITE_ROLE = "ROLE_CORE_PERSON_API__CORE_PERSON_DATA__RW"
const val CORE_PERSON_RECORD_READ_WRITE_ROLE = "ROLE_CORE_PERSON_API__CORE_PERSON_DATA__RW"
}
16 changes: 8 additions & 8 deletions ...igital/hmpps/personintegrationapi/corepersonrecord/resource/CorePersonRecordV1Resource.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ class CorePersonRecordV1Resource(
@ResponseStatus(HttpStatus.OK)
@Operation(
summary = "Performs partial updates on the core person record by prisoner number",
description = "Requires role `${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_WRITE_ROLE}`",
description = "Requires role `${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE}`",
responses = [
ApiResponse(
responseCode = "204",
Expand All @@ -64,7 +64,7 @@ class CorePersonRecordV1Resource(
),
ApiResponse(
responseCode = "403",
description = "Missing required role. Requires ${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_WRITE_ROLE}",
description = "Missing required role. Requires ${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE}",
content = [
Content(
mediaType = MediaType.APPLICATION_JSON_VALUE,
Expand All @@ -84,7 +84,7 @@ class CorePersonRecordV1Resource(
),
],
)
@PreAuthorize("hasRole('${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_WRITE_ROLE}')")
@PreAuthorize("hasRole('${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE}')")
fun patchByPrisonerNumber(
@RequestParam(required = true) @Valid @ValidPrisonerNumber prisonerNumber: String,
@RequestBody(required = true) @Valid corePersonRecordUpdateRequest: CorePersonRecordV1UpdateRequestDto,
Expand All @@ -110,7 +110,7 @@ class CorePersonRecordV1Resource(
@ResponseStatus(HttpStatus.OK)
@Operation(
summary = "Add or updates the profile image on the core person record by prisoner number",
description = "Requires role `${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_WRITE_ROLE}`",
description = "Requires role `${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE}`",
responses = [
ApiResponse(
responseCode = "200",
Expand All @@ -128,7 +128,7 @@ class CorePersonRecordV1Resource(
),
ApiResponse(
responseCode = "403",
description = "Missing required role. Requires ${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_WRITE_ROLE}.",
description = "Missing required role. Requires ${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE}.",
content = [
Content(
mediaType = MediaType.APPLICATION_JSON_VALUE,
Expand All @@ -148,7 +148,7 @@ class CorePersonRecordV1Resource(
),
],
)
@PreAuthorize("hasRole('${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_WRITE_ROLE}')")
@PreAuthorize("hasRole('${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE}')")
fun putProfileImageByPrisonerNumber(
@RequestParam(required = true) @Valid @ValidPrisonerNumber prisonerNumber: String,
@RequestPart(name = "imageFile", required = true) profileImage: MultipartFile,
Expand All @@ -170,7 +170,7 @@ class CorePersonRecordV1Resource(
summary = "Get all reference data codes for the given domain",
description = "Returns the list of reference data codes within the given domain. " +
"This endpoint only returns active reference data codes. " +
"Requires role `${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_ROLE}`",
"Requires role `${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_ROLE}` or `${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE}`",
responses = [
ApiResponse(
responseCode = "200",
Expand All @@ -189,7 +189,7 @@ class CorePersonRecordV1Resource(
),
],
)
@PreAuthorize("hasRole('${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_ROLE}')")
@PreAuthorize("hasAnyRole('${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_ROLE}', '${CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE}')")
fun getReferenceDataCodesByDomain(
@PathVariable @Schema(
description = "The reference data domain",
Expand Down
2 changes: 1 addition & 1 deletion ...egrationapi/personprotectercharacteristics/PersonProtectedCharacteristicsRoleConstants.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@ package uk.gov.justice.digital.hmpps.personintegrationapi.personprotectercharact

object PersonProtectedCharacteristicsRoleConstants {
const val PROTECTED_CHARACTERISTICS_READ_ROLE = "ROLE_CORE_PERSON_API__PROTECTED_CHARACTERISTICS_DATA__RO"
const val PROTECTED_CHARACTERISTICS_WRITE_ROLE = "ROLE_CORE_PERSON_API__PROTECTED_CHARACTERISTICS_DATA__RW"
const val PROTECTED_CHARACTERISTICS_READ_WRITE_ROLE = "ROLE_CORE_PERSON_API__PROTECTED_CHARACTERISTICS_DATA__RW"
}
13 changes: 5 additions & 8 deletions ...onapi/personprotectercharacteristics/resource/PersonProtectedCharacteristicsV1Resource.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ import io.swagger.v3.oas.annotations.media.ArraySchema
import io.swagger.v3.oas.annotations.media.Content
import io.swagger.v3.oas.annotations.media.Schema
import io.swagger.v3.oas.annotations.responses.ApiResponse
import io.swagger.v3.oas.annotations.security.SecurityRequirement
import io.swagger.v3.oas.annotations.tags.Tag
import jakarta.validation.Valid
import org.springframework.http.HttpStatus
Expand Down Expand Up @@ -43,8 +42,7 @@ class PersonProtectedCharacteristicsV1Resource {
@PutMapping("/religion")
@ResponseStatus(HttpStatus.OK)
@Operation(
description = "Requires role `${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_WRITE_ROLE}`",
security = [SecurityRequirement(name = PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_WRITE_ROLE)],
description = "Requires role `${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_WRITE_ROLE}`",
responses = [
ApiResponse(
responseCode = "200",
Expand All @@ -62,7 +60,7 @@ class PersonProtectedCharacteristicsV1Resource {
),
ApiResponse(
responseCode = "403",
description = "Missing required role. Requires ${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_WRITE_ROLE}",
description = "Missing required role. Requires ${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_WRITE_ROLE}",
content = [
Content(
mediaType = MediaType.APPLICATION_JSON_VALUE,
Expand All @@ -82,7 +80,7 @@ class PersonProtectedCharacteristicsV1Resource {
),
],
)
@PreAuthorize("hasRole('${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_WRITE_ROLE}')")
@PreAuthorize("hasRole('${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_WRITE_ROLE}')")
fun putReligionByPrisonerNumber(
@RequestParam(required = true) @Valid @ValidPrisonerNumber prisonerNumber: String,
@RequestBody(required = true) @Valid religionV1RequestDto: ReligionV1RequestDto,
Expand All @@ -101,8 +99,7 @@ class PersonProtectedCharacteristicsV1Resource {
summary = "Get all reference data codes for the given domain",
description = "Returns the list of reference data codes within the given domain. " +
"This endpoint only returns active reference data codes. " +
"Requires role `${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_ROLE}`",
security = [SecurityRequirement(name = PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_ROLE)],
"Requires role `${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_ROLE}` or `${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_WRITE_ROLE}`",
responses = [
ApiResponse(
responseCode = "200",
Expand All @@ -121,7 +118,7 @@ class PersonProtectedCharacteristicsV1Resource {
),
],
)
@PreAuthorize("hasRole('${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_ROLE}')")
@PreAuthorize("hasAnyRole('${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_ROLE}', '${PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_WRITE_ROLE}')")
fun getReferenceDataCodesByDomain(
@PathVariable @Schema(
description = "The reference data domain",
Expand Down
6 changes: 3 additions & 3 deletions ...hmpps/personintegrationapi/corepersonrecord/resource/CorePersonRecordV1ResourceIntTest.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ class CorePersonRecordV1ResourceIntTest : IntegrationTestBase() {
fun `can patch core person record by prisoner number`() {
webTestClient.patch().uri("/v1/core-person-record?prisonerNumber=$PRISONER_NUMBER")
.contentType(MediaType.APPLICATION_JSON)
.headers(setAuthorisation(roles = listOf(CorePersonRecordRoleConstants.CORE_PERSON_RECORD_WRITE_ROLE)))
.headers(setAuthorisation(roles = listOf(CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE)))
.bodyValue(VALID_PATCH_REQUEST_BODY)
.exchange()
.expectStatus().isNoContent
Expand All @@ -69,7 +69,7 @@ class CorePersonRecordV1ResourceIntTest : IntegrationTestBase() {
webTestClient.patch()
.uri("/v1/core-person-record?prisonerNumber=$PRISONER_NUMBER_NOT_FOUND")
.contentType(MediaType.APPLICATION_JSON)
.headers(setAuthorisation(roles = listOf(CorePersonRecordRoleConstants.CORE_PERSON_RECORD_WRITE_ROLE)))
.headers(setAuthorisation(roles = listOf(CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE)))
.bodyValue(VALID_PATCH_REQUEST_BODY)
.exchange()
.expectStatus().isNotFound
Expand Down Expand Up @@ -114,7 +114,7 @@ class CorePersonRecordV1ResourceIntTest : IntegrationTestBase() {
val response = webTestClient.put()
.uri("/v1/core-person-record/profile-image?prisonerNumber=$PRISONER_NUMBER")
.contentType(MediaType.MULTIPART_FORM_DATA)
.headers(setAuthorisation(roles = listOf(CorePersonRecordRoleConstants.CORE_PERSON_RECORD_WRITE_ROLE)))
.headers(setAuthorisation(roles = listOf(CorePersonRecordRoleConstants.CORE_PERSON_RECORD_READ_WRITE_ROLE)))
.body(BodyInserters.fromMultipartData(MULTIPART_BUILDER.build()))
.exchange()
.expectStatus().isOk
Expand Down
2 changes: 1 addition & 1 deletion ...ersonprotectercharacteristics/resource/PersonProtectedCharacteristicsV1ResourceIntTest.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ class PersonProtectedCharacteristicsV1ResourceIntTest : IntegrationTestBase() {
val response = webTestClient.put()
.uri("v1/person-protected-characteristics/religion?prisonerNumber=$PRISONER_NUMBER")
.contentType(MediaType.APPLICATION_JSON)
.headers(setAuthorisation(roles = listOf(PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_WRITE_ROLE)))
.headers(setAuthorisation(roles = listOf(PersonProtectedCharacteristicsRoleConstants.PROTECTED_CHARACTERISTICS_READ_WRITE_ROLE)))
.bodyValue(TEST_RELIGION_REQUEST_DTO)
.exchange()
.expectStatus().isOk
Expand Down

0 comments on commit f860fc3

Please sign in to comment.