Add client IDs for selfservice user in auth credentials (FINERACT-1340)
diff --git a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/security/api/AuthenticationApiResource.java b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/security/api/AuthenticationApiResource.java
index ce4ff6e..fde2d17 100644
--- a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/security/api/AuthenticationApiResource.java
+++ b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/security/api/AuthenticationApiResource.java
@@ -41,6 +41,7 @@
import org.apache.fineract.infrastructure.security.data.AuthenticatedUserData;
import org.apache.fineract.infrastructure.security.service.SpringSecurityPlatformSecurityContext;
import org.apache.fineract.infrastructure.security.service.TwoFactorUtils;
+import org.apache.fineract.portfolio.client.service.ClientReadPlatformService;
import org.apache.fineract.useradministration.data.RoleData;
import org.apache.fineract.useradministration.domain.AppUser;
import org.apache.fineract.useradministration.domain.Role;
@@ -71,16 +72,19 @@
private final ToApiJsonSerializer<AuthenticatedUserData> apiJsonSerializerService;
private final SpringSecurityPlatformSecurityContext springSecurityPlatformSecurityContext;
private final TwoFactorUtils twoFactorUtils;
+ private final ClientReadPlatformService clientReadPlatformService;
@Autowired
public AuthenticationApiResource(
@Qualifier("customAuthenticationProvider") final DaoAuthenticationProvider customAuthenticationProvider,
final ToApiJsonSerializer<AuthenticatedUserData> apiJsonSerializerService,
- final SpringSecurityPlatformSecurityContext springSecurityPlatformSecurityContext, TwoFactorUtils twoFactorUtils) {
+ final SpringSecurityPlatformSecurityContext springSecurityPlatformSecurityContext, TwoFactorUtils twoFactorUtils,
+ ClientReadPlatformService aClientReadPlatformService) {
this.customAuthenticationProvider = customAuthenticationProvider;
this.apiJsonSerializerService = apiJsonSerializerService;
this.springSecurityPlatformSecurityContext = springSecurityPlatformSecurityContext;
this.twoFactorUtils = twoFactorUtils;
+ clientReadPlatformService = aClientReadPlatformService;
}
@POST
@@ -134,14 +138,16 @@
boolean isTwoFactorRequired = twoFactorUtils.isTwoFactorAuthEnabled()
&& !principal.hasSpecificPermissionTo(TwoFactorConstants.BYPASS_TWO_FACTOR_PERMISSION);
+ Long userId = principal.getId();
if (this.springSecurityPlatformSecurityContext.doesPasswordHasToBeRenewed(principal)) {
- authenticatedUserData = new AuthenticatedUserData(request.username, principal.getId(),
+ authenticatedUserData = new AuthenticatedUserData(request.username, userId,
new String(base64EncodedAuthenticationKey, StandardCharsets.UTF_8), isTwoFactorRequired);
} else {
authenticatedUserData = new AuthenticatedUserData(request.username, officeId, officeName, staffId, staffDisplayName,
organisationalRole, roles, permissions, principal.getId(),
- new String(base64EncodedAuthenticationKey, StandardCharsets.UTF_8), isTwoFactorRequired);
+ new String(base64EncodedAuthenticationKey, StandardCharsets.UTF_8), isTwoFactorRequired,
+ principal.isSelfServiceUser() ? clientReadPlatformService.retrieveUserClients(userId) : null);
}
}
diff --git a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/security/data/AuthenticatedUserData.java b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/security/data/AuthenticatedUserData.java
index 3df75c2..7f11bad 100644
--- a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/security/data/AuthenticatedUserData.java
+++ b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/security/data/AuthenticatedUserData.java
@@ -50,6 +50,8 @@
@SuppressWarnings("unused")
private final Collection<String> permissions;
+ private final Collection<Long> clients;
+
@SuppressWarnings("unused")
private final boolean shouldRenewPassword;
@@ -70,12 +72,13 @@
this.permissions = permissions;
this.shouldRenewPassword = false;
this.isTwoFactorAuthenticationRequired = false;
+ clients = null;
}
public AuthenticatedUserData(final String username, final Long officeId, final String officeName, final Long staffId,
final String staffDisplayName, final EnumOptionData organisationalRole, final Collection<RoleData> roles,
final Collection<String> permissions, final Long userId, final String base64EncodedAuthenticationKey,
- final boolean isTwoFactorAuthenticationRequired) {
+ final boolean isTwoFactorAuthenticationRequired, Collection<Long> aListOfClientIDs) {
this.username = username;
this.officeId = officeId;
this.officeName = officeName;
@@ -89,6 +92,7 @@
this.permissions = permissions;
this.shouldRenewPassword = false;
this.isTwoFactorAuthenticationRequired = isTwoFactorAuthenticationRequired;
+ clients = aListOfClientIDs;
}
public AuthenticatedUserData(final String username, final Long userId, final String base64EncodedAuthenticationKey,
@@ -106,5 +110,6 @@
this.permissions = null;
this.shouldRenewPassword = true;
this.isTwoFactorAuthenticationRequired = isTwoFactorAuthenticationRequired;
+ clients = null;
}
}
diff --git a/fineract-provider/src/main/java/org/apache/fineract/portfolio/client/service/ClientReadPlatformService.java b/fineract-provider/src/main/java/org/apache/fineract/portfolio/client/service/ClientReadPlatformService.java
index 5f9f37a..fc09c6b 100644
--- a/fineract-provider/src/main/java/org/apache/fineract/portfolio/client/service/ClientReadPlatformService.java
+++ b/fineract-provider/src/main/java/org/apache/fineract/portfolio/client/service/ClientReadPlatformService.java
@@ -46,6 +46,8 @@
ClientData retrieveAllNarrations(String clientNarrations);
+ Collection<Long> retrieveUserClients(Long aUserID);
+
Date retrieveClientTransferProposalDate(Long clientId);
void validateClient(Long clientId);
diff --git a/fineract-provider/src/main/java/org/apache/fineract/portfolio/client/service/ClientReadPlatformServiceImpl.java b/fineract-provider/src/main/java/org/apache/fineract/portfolio/client/service/ClientReadPlatformServiceImpl.java
index 88543e5..76490bb 100644
--- a/fineract-provider/src/main/java/org/apache/fineract/portfolio/client/service/ClientReadPlatformServiceImpl.java
+++ b/fineract-provider/src/main/java/org/apache/fineract/portfolio/client/service/ClientReadPlatformServiceImpl.java
@@ -865,4 +865,9 @@
}
}
+ @Override
+ public Collection<Long> retrieveUserClients(Long aUserID) {
+ String sql = "SELECT m.client_id FROM m_selfservice_user_client_mapping m INNER JOIN m_client c ON c.id = m.client_id WHERE m.appuser_id = ?";
+ return jdbcTemplate.queryForList(sql, Long.class, new Object[] { aUserID });
+ }
}