(#26) Check bankkom-membership at /auth/check

.gitignore

@@ -37,3 +37,4 @@ out/
 .vscode/
 
 application.properties
+**/.DS_Store

README.md

@@ -12,6 +12,7 @@
 - auth0.domain=
 - azure.storage.container-name=
 - azure.storage.connection-string=
+- environment = dev | prod
 
 ## Current endpoints
 **Header required for all requests**

src/main/kotlin/com/example/autobank/controller/AuthenticationController.kt

@@ -22,14 +22,9 @@ class AuthenticationController {
 
     @GetMapping("/check")
     fun checkUser(): ResponseEntity<AuthenticatedUserResponse> {
-        val sub: String
-        try {
-            sub = authenticationService.getUserSub();
-        } catch (e: Exception) {
-            return ResponseEntity.badRequest().build();
-        }
+
         return try {
-            ResponseEntity.ok(onlineUserService.checkStoredUserBySub(sub))
+            ResponseEntity.ok(onlineUserService.checkUser())
         } catch (e: Exception) {
             ResponseEntity.badRequest().build();
         }

src/main/kotlin/com/example/autobank/service/AuthenticationService.kt

@@ -2,6 +2,7 @@ package com.example.autobank.service
 
 import com.example.autobank.data.authentication.Auth0User
 import org.springframework.beans.factory.annotation.Value
+import org.springframework.core.ParameterizedTypeReference
 import org.springframework.http.HttpEntity
 import org.springframework.http.HttpHeaders
 import org.springframework.http.HttpMethod
@@ -18,9 +19,19 @@ class AuthenticationService {
 
     private val restTemplate = RestTemplate()
 
+    private val fetchProfileUrl = "https://old.online.ntnu.no/api/v1/profile/"
+
+    private val fetchUserCommitteesUrl = "https://old.online.ntnu.no/api/v1/group/online-groups/?members__user="
+
+    private val adminCommitteeNameLong = "Applikasjonskomiteen" // Temporarily appkom
+
     @Value("\${auth0.domain}")
     private val domain: String = ""
 
+
+    @Value("\${environment}")
+    private val environment: String = ""
+
     fun getAuth0User(token: String): Auth0User {
         return Auth0User("sub", "email", "name")
     }
@@ -63,4 +74,61 @@ class AuthenticationService {
         )
     }
 
-}
+    private fun fetchOnlineuserId(): Int {
+        val headers = HttpHeaders().apply {
+            set("Authorization", "Bearer ${getAccessToken()}")
+        }
+        val entity = HttpEntity<Void>(headers)
+        val response: ResponseEntity<Map<String, Any>> = restTemplate.exchange(
+            fetchProfileUrl,
+            HttpMethod.GET,
+            entity,
+        )
+
+        if (response.statusCode.isError || response.body == null) {
+
+            throw Exception("Error fetching user id")
+        }
+
+        return response.body?.get("id").toString().toInt()
+    }
+
+    private fun fetchUserCommittees(userid: Int): List<String> {
+
+        val headers = HttpHeaders()
+        val entity = HttpEntity<Void>(headers)
+        val response: ResponseEntity<UserCommitteeResponse> = restTemplate.exchange(
+            fetchUserCommitteesUrl + userid,
+            HttpMethod.GET,
+            entity,
+            object : ParameterizedTypeReference<UserCommitteeResponse>() {}
+        )
+
+        if (response.statusCode.isError || response.body == null) {
+            throw Exception("Error fetching user committees")
+        }
+
+        return response.body?.results?.map { it.name_long } ?: listOf()
+    }
+
+    fun checkBankomMembership(): Boolean {
+        if (environment != "prod") {
+            return true
+        }
+
+        val userId = fetchOnlineuserId()
+        val userCommittees = fetchUserCommittees(userId)
+        return userCommittees.contains(adminCommitteeNameLong)
+    }
+
+    data class Result(
+        val name_long: String = ""
+    )
+
+    data class UserCommitteeResponse(
+        val results: List<Result> = listOf()
+    )
+
+}
+
+

src/main/kotlin/com/example/autobank/service/OnlineUserService.kt

@@ -10,25 +10,27 @@ import org.springframework.stereotype.Service
 
 @Service
 class OnlineUserService(
-    val repository: OnlineUserRepository,
-    @Autowired val onlineUserRepository: OnlineUserRepository
 ) {
 
     @Autowired
     lateinit var authenticationService: AuthenticationService
 
+    @Autowired
+    lateinit var onlineUserRepository: OnlineUserRepository
+
+
+
+
     fun getOnlineUser(): OnlineUser? {
         val sub: String = authenticationService.getUserSub()
         return onlineUserRepository.findByOnlineId(sub)
     }
 
-    fun checkStoredUserBySub(sub: String): AuthenticatedUserResponse {
-        if (sub.isEmpty()) {
-            return AuthenticatedUserResponse(success = false, false)
-        }
-        val storedUser = onlineUserRepository.findByOnlineId(sub)
+    fun checkUser(): AuthenticatedUserResponse {
+
+        val storedUser = onlineUserRepository.findByOnlineId(authenticationService.getUserSub())
         return if (storedUser != null) {
-            AuthenticatedUserResponse(success = true, false)
+            AuthenticatedUserResponse(success = true, authenticationService.checkBankomMembership())
         } else {
             return createOnlineUser()
         }
@@ -50,10 +52,11 @@ class OnlineUserService(
 
             onlineUserRepository.save(onlineUser)
 
-            return AuthenticatedUserResponse(success = true, false)
+            return AuthenticatedUserResponse(success = true, authenticationService.checkBankomMembership())
         } catch (e: Exception) {
             println(e)
             return AuthenticatedUserResponse(success = false, false)
         }
     }
+
 }