Skip to content

Commit

Permalink
MOSIP-38450: Removed SBI id belongs to the user for Partner Admin (#1088
Browse files Browse the repository at this point in the history
)

Signed-off-by: Swetha K <[email protected]>
Co-authored-by: Swetha K <[email protected]>
  • Loading branch information
SwethaKrish4 and Swetha K authored Jan 13, 2025
1 parent a94b42e commit 8938473
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 28 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -525,7 +525,7 @@ public ResponseWrapperV2<Boolean> approveOrRejectMappingDeviceToSbi(String devic
}
}
// validate sbi and device mapping
partnerHelper.validateSbiDeviceMapping(partnerId, sbiId, deviceId);
partnerHelper.validateSbiDeviceMapping(partnerId, sbiId, deviceId, false);

DeviceDetailSBI deviceDetailSBI = deviceDetailSbiRepository.findByDeviceProviderIdAndSbiIdAndDeviceDetailId(partnerId, sbiId, deviceId);
if (Objects.isNull(deviceDetailSBI)) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -880,9 +880,14 @@ private void addInactiveMappingDeviceToSbi(String sbiId, String deviceId, String
throw new PartnerServiceException(ErrorCode.SBI_DEVICE_MAPPING_ALREADY_EXIST.getErrorCode(),
ErrorCode.SBI_DEVICE_MAPPING_ALREADY_EXIST.getErrorMessage());
}
boolean isAdmin = partnerHelper.isPartnerAdmin(authUserDetails().getAuthorities().toString());

// validate sbi and device mapping
partnerHelper.validateSbiDeviceMapping(partnerId, sbiId, deviceId);
if (isAdmin) {
partnerHelper.validateSbiDeviceMapping(partnerId, sbiId, deviceId, true);
} else {
partnerHelper.validateSbiDeviceMapping(partnerId, sbiId, deviceId, false);
}

DeviceDetailSBI entity = new DeviceDetailSBI();

Expand Down Expand Up @@ -921,38 +926,39 @@ private void deleteDeviceDetail(String deviceDetailId) {
public ResponseWrapperV2<List<DeviceDto>> getAllDevicesForSbi(String sbiId) {
ResponseWrapperV2<List<DeviceDto>> responseWrapper = new ResponseWrapperV2<>();
try {
String userId = getUserId();
List<Partner> partnerList = partnerRepository.findByUserId(userId);

if (partnerList.isEmpty()) {
LOGGER.info("sessionId", "idType", "id", "User id does not exist.");
throw new PartnerServiceException(ErrorCode.USER_ID_NOT_EXISTS.getErrorCode(),
ErrorCode.USER_ID_NOT_EXISTS.getErrorMessage());
}

Optional<SecureBiometricInterface> secureBiometricInterface = sbiRepository.findById(sbiId);

if (secureBiometricInterface.isEmpty()) {
LOGGER.info("sessionId", "idType", "id", "Sbi is not associated with partner Id.");
throw new PartnerServiceException(ErrorCode.SBI_NOT_EXISTS.getErrorCode(),
ErrorCode.SBI_NOT_EXISTS.getErrorMessage());
}

SecureBiometricInterface sbi = secureBiometricInterface.get();
// check if partnerId is associated with user
boolean partnerIdExists = false;
for (Partner partner : partnerList) {
if (partner.getId().equals(sbi.getProviderId())) {
partnerHelper.validatePartnerId(partner, userId);
validateDevicePartnerType(partner, userId);
partnerIdExists = true;
break;
boolean isAdmin = partnerHelper.isPartnerAdmin(authUserDetails().getAuthorities().toString());
if (!isAdmin) {
String userId = getUserId();
List<Partner> partnerList = partnerRepository.findByUserId(userId);

if (partnerList.isEmpty()) {
LOGGER.info("sessionId", "idType", "id", "User id does not exist.");
throw new PartnerServiceException(ErrorCode.USER_ID_NOT_EXISTS.getErrorCode(),
ErrorCode.USER_ID_NOT_EXISTS.getErrorMessage());
}

// check if partnerId is associated with user
boolean partnerIdExists = false;
for (Partner partner : partnerList) {
if (partner.getId().equals(sbi.getProviderId())) {
partnerHelper.validatePartnerId(partner, userId);
validateDevicePartnerType(partner, userId);
partnerIdExists = true;
break;
}
}
if (!partnerIdExists) {
LOGGER.info("sessionId", "idType", "id", "Partner id is not associated with user.");
throw new PartnerServiceException(ErrorCode.SBI_NOT_ASSOCIATED_WITH_USER.getErrorCode(),
ErrorCode.SBI_NOT_ASSOCIATED_WITH_USER.getErrorMessage());
}
}
if (!partnerIdExists) {
LOGGER.info("sessionId", "idType", "id", "Partner id is not associated with user.");
throw new PartnerServiceException(ErrorCode.SBI_NOT_ASSOCIATED_WITH_USER.getErrorCode(),
ErrorCode.SBI_NOT_ASSOCIATED_WITH_USER.getErrorMessage());
}
// fetch devices list
List<DeviceDetailSBI> deviceDetailSBIList = deviceDetailSbiRepository.findByDeviceProviderIdAndSbiId(sbi.getProviderId(), sbiId);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -172,13 +172,13 @@ public class PartnerHelper {
@Autowired
private Environment environment;

public void validateSbiDeviceMapping(String partnerId, String sbiId, String deviceDetailId) {
public void validateSbiDeviceMapping(String partnerId, String sbiId, String deviceDetailId, boolean skipSbiIdBelongsToUser) {
Optional<SecureBiometricInterface> secureBiometricInterface = secureBiometricInterfaceRepository.findById(sbiId);
if (secureBiometricInterface.isEmpty()) {
LOGGER.info("sessionId", "idType", "id", "Sbi does not exists.");
throw new PartnerServiceException(ErrorCode.SBI_NOT_EXISTS.getErrorCode(),
ErrorCode.SBI_NOT_EXISTS.getErrorMessage());
} else if (!secureBiometricInterface.get().getProviderId().equals(partnerId)) {
} else if (!skipSbiIdBelongsToUser && !secureBiometricInterface.get().getProviderId().equals(partnerId)) {
LOGGER.info("sessionId", "idType", "id", "Sbi is not associated with partner Id.");
throw new PartnerServiceException(ErrorCode.SBI_NOT_ASSOCIATED_WITH_PARTNER_ID.getErrorCode(),
ErrorCode.SBI_NOT_ASSOCIATED_WITH_PARTNER_ID.getErrorMessage());
Expand Down

0 comments on commit 8938473

Please sign in to comment.