feat(bpdm): added test and auth permissions to upload partner end point

eclipse-tractusx · Jun 17, 2024 · f6b62cc · f6b62cc
1 parent afc50ea
commit f6b62cc
Show file tree

Hide file tree

Showing 11 changed files with 55 additions and 5 deletions.
diff --git a/bpdm-common-test/src/main/resources/keycloak/CX-Central.json b/bpdm-common-test/src/main/resources/keycloak/CX-Central.json
@@ -378,6 +378,14 @@
         "clientRole" : true,
         "containerId" : "0562ecfa-f17b-4d32-86cc-061f7da34b6b",
         "attributes" : { }
+      }, {
+        "id" : "e3ca0b50-95c7-43d5-baf6-359d87fc272a",
+        "name" : "upload_input_partner",
+        "description" : "Upload access to business partner input data",
+        "composite" : false,
+        "clientRole" : true,
+        "containerId" : "0562ecfa-f17b-4d32-86cc-061f7da34b6b",
+        "attributes" : {}
       } ],
       "account-console" : [ ],
       "EDC-GATE-OUTPUT-CONSUMER" : [ ],
@@ -551,7 +559,7 @@
         "attributes" : { },
         "realmRoles" : [ ],
         "clientRoles" : {
-          "BPDM-GATE" : [ "write_sharing_state", "read_output_partner", "read_input_changelog", "read_stats", "read_output_changelog", "write_input_partner", "read_sharing_state", "read_input_partner" ]
+          "BPDM-GATE" : [ "write_sharing_state", "read_output_partner", "read_input_changelog", "read_stats", "read_output_changelog", "write_input_partner", "read_sharing_state", "read_input_partner", "upload_input_partner" ]
         },
         "subGroups" : [ ]
       }, {
@@ -571,7 +579,7 @@
         "attributes" : { },
         "realmRoles" : [ ],
         "clientRoles" : {
-          "BPDM-GATE" : [ "write_sharing_state", "read_input_changelog", "read_stats", "write_input_partner", "read_sharing_state", "read_input_partner" ]
+          "BPDM-GATE" : [ "write_sharing_state", "read_input_changelog", "read_stats", "write_input_partner", "read_sharing_state", "read_input_partner", "upload_input_partner" ]
         },
         "subGroups" : [ ]
       }, {

diff --git a/...-gate/src/main/kotlin/org/eclipse/tractusx/bpdm/gate/config/PermissionConfigProperties.kt b/...-gate/src/main/kotlin/org/eclipse/tractusx/bpdm/gate/config/PermissionConfigProperties.kt
@@ -32,7 +32,8 @@ data class PermissionConfigProperties(
     val readOutputChangelog: String = "read_output_changelog",
     val readSharingState: String = "read_sharing_state",
     val writeSharingState: String = "write_sharing_state",
-    val readStats: String = "read_stats"
+    val readStats: String = "read_stats",
+    val uploadInputPartner: String = "upload_input_partner"
 ) {
     companion object {
         const val PREFIX = "bpdm.security.permissions"
@@ -49,5 +50,6 @@ data class PermissionConfigProperties(
         const val READ_SHARING_STATE = "@$BEAN_QUALIFIER.getReadSharingState()"
         const val WRITE_SHARING_STATE = "@$BEAN_QUALIFIER.getWriteSharingState()"
         const val READ_STATS = "@$BEAN_QUALIFIER.getReadStats()"
+        const val UPLOAD_INPUT_PARTNER = "@$BEAN_QUALIFIER.getUploadInputPartner()"
     }
 }
diff --git a/...gate/src/main/kotlin/org/eclipse/tractusx/bpdm/gate/controller/PartnerUploadController.kt b/...gate/src/main/kotlin/org/eclipse/tractusx/bpdm/gate/controller/PartnerUploadController.kt
@@ -39,7 +39,7 @@ class PartnerUploadController(
     val partnerUploadService: PartnerUploadService
 ) : GatePartnerUploadApi {
 
-    @PreAuthorize("hasAuthority(${PermissionConfigProperties.WRITE_INPUT_PARTNER})")
+    @PreAuthorize("hasAuthority(${PermissionConfigProperties.UPLOAD_INPUT_PARTNER})")
     override fun uploadPartnerCsvFile(
         file: MultipartFile
     ): ResponseEntity<Collection<BusinessPartnerInputDto>> {

diff --git a/bpdm-gate/src/main/resources/application.yml b/bpdm-gate/src/main/resources/application.yml
@@ -123,6 +123,8 @@ bpdm:
       writeSharingState: write_sharing_state
       # Name of the permission to read business partner statistics
       read_stats: read_stats
+      # Name of the permission to upload business partner entries for business partner input data
+      uploadInputPartner: upload_input_partner
   datasource:
     # Host name of the used datasource
     host: localhost

diff --git a/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthAdminIT.kt b/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthAdminIT.kt
@@ -61,6 +61,9 @@ class AuthAdminIT @Autowired constructor(
             getStage = AuthExpectationType.Authorized,
             getAddressType = AuthExpectationType.Authorized,
             getConfidenceCriteria = AuthExpectationType.Authorized
+        ),
+        uploadPartner = UploadPartnerAuthExpections(
+            postInput = AuthExpectationType.Authorized
         )
     )
 ) {

diff --git a/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthInputConsumerIT.kt b/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthInputConsumerIT.kt
@@ -61,6 +61,9 @@ class AuthInputConsumerIT @Autowired constructor(
             getStage = AuthExpectationType.Authorized,
             getAddressType = AuthExpectationType.Authorized,
             getConfidenceCriteria = AuthExpectationType.Authorized
+        ),
+        uploadPartner = UploadPartnerAuthExpections(
+            postInput = AuthExpectationType.Forbidden
         )
     )
 ) {

diff --git a/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthInputManagerIT.kt b/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthInputManagerIT.kt
@@ -61,6 +61,9 @@ class AuthInputManagerIT @Autowired constructor(
             getStage = AuthExpectationType.Authorized,
             getAddressType = AuthExpectationType.Authorized,
             getConfidenceCriteria = AuthExpectationType.Authorized
+        ),
+        uploadPartner = UploadPartnerAuthExpections(
+            postInput = AuthExpectationType.Authorized
         )
     )
 ) {

diff --git a/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthOutputConsumerIT.kt b/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthOutputConsumerIT.kt
@@ -61,6 +61,9 @@ class AuthOutputConsumerIT @Autowired constructor(
             getStage = AuthExpectationType.Authorized,
             getAddressType = AuthExpectationType.Authorized,
             getConfidenceCriteria = AuthExpectationType.Authorized
+        ),
+        uploadPartner = UploadPartnerAuthExpections(
+            postInput = AuthExpectationType.Forbidden
         )
     )
 ) {

diff --git a/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthTestBase.kt b/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/AuthTestBase.kt
@@ -28,6 +28,9 @@ import org.eclipse.tractusx.bpdm.gate.api.model.request.PostSharingStateReadyReq
 import org.eclipse.tractusx.bpdm.test.util.AuthAssertionHelper
 import org.eclipse.tractusx.bpdm.test.util.AuthExpectationType
 import org.junit.jupiter.api.Test
+import org.springframework.mock.web.MockMultipartFile
+import java.nio.file.Files
+import java.nio.file.Paths
 
 abstract class AuthTestBase(
     private val gateClient: GateClient,
@@ -91,13 +94,21 @@ abstract class AuthTestBase(
         authAssertions.assert(authExpectations.stats.getConfidenceCriteria) { gateClient.stats.getConfidenceCriteriaStats() }
     }
 
+    @Test
+    fun `POST Partner Input`() {
+        val bytes = Files.readAllBytes(Paths.get("src/test/resources/testData/valid_partner_data.csv"))
+        val uploadedFile = MockMultipartFile("valid_partner_data.csv", "valid_partner_data.csv", "text/csv", bytes)
+        authAssertions.assert(authExpectations.uploadPartner.postInput) { gateClient.partnerUpload.uploadPartnerCsvFile(uploadedFile) }
+    }
+
 }
 
 data class GateAuthExpectations(
     val businessPartner: BusinessPartnerAuthExpectations,
     val changelog: ChangelogAuthExpectations,
     val sharingState: SharingStateAuthExpectations,
-    val stats: StatsAuthExpectations
+    val stats: StatsAuthExpectations,
+    val uploadPartner: UploadPartnerAuthExpections
 )
 
 data class BusinessPartnerAuthExpectations(
@@ -123,3 +134,6 @@ data class StatsAuthExpectations(
     val getConfidenceCriteria: AuthExpectationType
 )
 
+data class UploadPartnerAuthExpections(
+    val postInput: AuthExpectationType
+)
diff --git a/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/NoAuthIT.kt b/bpdm-gate/src/test/kotlin/org/eclipse/tractusx/bpdm/gate/auth/NoAuthIT.kt
@@ -59,6 +59,9 @@ class NoAuthIT @Autowired constructor(
             getStage = AuthExpectationType.Unauthorized,
             getAddressType = AuthExpectationType.Unauthorized,
             getConfidenceCriteria = AuthExpectationType.Unauthorized
+        ),
+        uploadPartner = UploadPartnerAuthExpections(
+            postInput = AuthExpectationType.Unauthorized
         )
     )
 )

diff --git a/charts/bpdm/templates/keycloakRealm.tpl b/charts/bpdm/templates/keycloakRealm.tpl
@@ -385,6 +385,13 @@ roles:
         clientRole: true
         containerId: 0562ecfa-f17b-4d32-86cc-061f7da34b6b
         attributes: {}
+      - id: e3ca0b50-95c7-43d5-baf6-359d87fc272a
+        name: upload_input_partner
+        description: Upload access to business partner input data
+        composite: false
+        clientRole: true
+        containerId: 0562ecfa-f17b-4d32-86cc-061f7da34b6b
+        attributes: {}
     account-console: []
     EDC-GATE-OUTPUT-CONSUMER: []
     broker:
@@ -549,6 +556,7 @@ groups:
                 - write_input_partner
                 - read_sharing_state
                 - read_input_partner
+                - upload_input_partner
             subGroups: []
           - id: d0cbde40-4896-4484-bff4-8666d2ad1a14
             name: Input Consumer
@@ -575,6 +583,7 @@ groups:
                 - write_input_partner
                 - read_sharing_state
                 - read_input_partner
+                - upload_input_partner
             subGroups: []
           - id: a66cad54-3ff3-4673-88ea-304892073e13
             name: Output Consumer