Search in sources :

Example 1 with IntygUser

use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.

the class TakServiceImplTest method createUser.

private IntygUser createUser(String roleName, Privilege p, Map<String, Feature> features, String origin) {
    IntygUser user = new IntygUser(HSAID_OK);
    HashMap<String, Privilege> pMap = new HashMap<>();
    pMap.put(p.getName(), p);
    user.setAuthorities(pMap);
    user.setOrigin(origin);
    user.setFeatures(features);
    HashMap<String, Role> rMap = new HashMap<>();
    Role role = new Role();
    role.setName(roleName);
    rMap.put(roleName, role);
    user.setRoles(rMap);
    return user;
}
Also used : Role(se.inera.intyg.infra.security.common.model.Role) HashMap(java.util.HashMap) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Privilege(se.inera.intyg.infra.security.common.model.Privilege) IntygUser(se.inera.intyg.infra.security.common.model.IntygUser)

Example 2 with IntygUser

use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.

the class CreateDraftCertificateResponderImpl method createDraftCertificate.

@Override
public CreateDraftCertificateResponseType createDraftCertificate(String logicalAddress, CreateDraftCertificateType parameters) {
    Utlatande utkastsParams = parameters.getUtlatande();
    // Redo this: Build a full Vårdgivare -> Vårdenhet -> Mottagning tree and then check.
    String invokingUserHsaId = utkastsParams.getSkapadAv().getPersonalId().getExtension();
    String invokingUnitHsaId = utkastsParams.getSkapadAv().getEnhet().getEnhetsId().getExtension();
    IntygUser user;
    try {
        user = webcertUserDetailsService.loadUserByHsaId(invokingUserHsaId);
    } catch (Exception e) {
        return createMIUErrorResponse(utkastsParams);
    }
    // Validate draft parameters
    ResultValidator resultsValidator = validator.validate(utkastsParams);
    if (resultsValidator.hasErrors()) {
        return createValidationErrorResponse(resultsValidator);
    }
    ResultValidator appErrorsValidator = validator.validateApplicationErrors(utkastsParams, user);
    if (appErrorsValidator.hasErrors()) {
        return createApplicationErrorResponse(appErrorsValidator);
    }
    LOG.debug("Creating draft for invoker '{}' on unit '{}'", invokingUserHsaId, invokingUnitHsaId);
    // Check if the invoking health personal has MIU rights on care unit
    if (!checkMIU(user, invokingUnitHsaId)) {
        return createMIUErrorResponse(utkastsParams);
    }
    user.changeValdVardenhet(invokingUnitHsaId);
    String intygsTyp = utkastsParams.getTypAvUtlatande().getCode().toLowerCase();
    Personnummer personnummer = Personnummer.createPersonnummer(utkastsParams.getPatient().getPersonId().getExtension()).orElseThrow(() -> new WebCertServiceException(WebCertServiceErrorCodeEnum.PU_PROBLEM, "Failed to create valid personnummer for createDraft reques"));
    final SekretessStatus sekretessStatus = patientDetailsResolver.getSekretessStatus(personnummer);
    if (AuthoritiesHelperUtil.mayNotCreateUtkastForSekretessMarkerad(sekretessStatus, user, intygsTyp)) {
        return createErrorResponse("Intygstypen " + intygsTyp + " kan inte utfärdas för patienter med sekretessmarkering", ErrorIdType.APPLICATION_ERROR);
    }
    Map<String, Map<String, Boolean>> intygstypToBoolean = utkastService.checkIfPersonHasExistingIntyg(personnummer, user);
    String uniqueErrorString = AuthoritiesHelperUtil.validateMustBeUnique(user, intygsTyp, intygstypToBoolean);
    if (!uniqueErrorString.isEmpty()) {
        return createErrorResponse(uniqueErrorString, ErrorIdType.APPLICATION_ERROR);
    }
    if (authoritiesValidator.given(user, intygsTyp).features(AuthoritiesConstants.FEATURE_TAK_KONTROLL).isVerified()) {
        // Check if invoking health care unit has required TAK
        SchemaVersion schemaVersion = integreradeEnheterRegistry.getSchemaVersion(invokingUnitHsaId, intygsTyp).orElse(SchemaVersion.VERSION_1);
        TakResult takResult = takService.verifyTakningForCareUnit(invokingUnitHsaId, intygsTyp, schemaVersion, user);
        if (!takResult.isValid()) {
            String error = Joiner.on("; ").join(takResult.getErrorMessages());
            return createErrorResponse(error, ErrorIdType.APPLICATION_ERROR);
        }
    }
    // Create the draft
    Utkast utkast = createNewDraft(utkastsParams, user);
    return createSuccessResponse(utkast.getIntygsId());
}
Also used : SekretessStatus(se.inera.intyg.webcert.common.model.SekretessStatus) SchemaVersion(se.inera.intyg.common.support.modules.support.api.notification.SchemaVersion) TakResult(se.inera.intyg.webcert.integration.tak.model.TakResult) IntygUser(se.inera.intyg.infra.security.common.model.IntygUser) WebCertServiceException(se.inera.intyg.webcert.common.service.exception.WebCertServiceException) WebCertServiceException(se.inera.intyg.webcert.common.service.exception.WebCertServiceException) Personnummer(se.inera.intyg.schemas.contract.Personnummer) Utlatande(se.riv.clinicalprocess.healthcond.certificate.createdraftcertificateresponder.v1.Utlatande) ResultValidator(se.inera.intyg.webcert.web.integration.validators.ResultValidator) Utkast(se.inera.intyg.webcert.persistence.utkast.model.Utkast) Map(java.util.Map)

Example 3 with IntygUser

use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.

the class CreateDraftCertificateResponderImpl method createDraftCertificate.

@Override
public CreateDraftCertificateResponseType createDraftCertificate(String logicalAddress, CreateDraftCertificateType parameters) {
    Intyg utkastsParams = parameters.getIntyg();
    String invokingUserHsaId = utkastsParams.getSkapadAv().getPersonalId().getExtension();
    String invokingUnitHsaId = utkastsParams.getSkapadAv().getEnhet().getEnhetsId().getExtension();
    IntygUser user;
    try {
        user = webcertUserDetailsService.loadUserByHsaId(invokingUserHsaId);
    } catch (Exception e) {
        return createMIUErrorResponse(utkastsParams);
    }
    // Validate draft parameters
    ResultValidator resultsValidator = validator.validate(utkastsParams);
    if (resultsValidator.hasErrors()) {
        return createValidationErrorResponse(resultsValidator);
    }
    ResultValidator appErrorsValidator = validator.validateApplicationErrors(utkastsParams, user);
    if (appErrorsValidator.hasErrors()) {
        return createApplicationErrorResponse(appErrorsValidator);
    }
    LOG.debug("Creating draft for invoker '{}' on unit '{}'", utkastsParams.getSkapadAv().getPersonalId().getExtension(), invokingUnitHsaId);
    // Check if the invoking health personal has MIU rights on care unit
    if (!HoSPersonHelper.findVardenhetEllerMottagning(user, invokingUnitHsaId).isPresent()) {
        return createMIUErrorResponse(utkastsParams);
    }
    user.changeValdVardenhet(invokingUnitHsaId);
    String intygsTyp = moduleRegistry.getModuleIdFromExternalId(utkastsParams.getTypAvIntyg().getCode());
    Personnummer personnummer = Personnummer.createPersonnummer(utkastsParams.getPatient().getPersonId().getExtension()).orElseThrow(() -> new WebCertServiceException(WebCertServiceErrorCodeEnum.PU_PROBLEM, "Failed to create valid personnummer for createDraft request"));
    SekretessStatus sekretessStatus = patientDetailsResolver.getSekretessStatus(personnummer);
    if (AuthoritiesHelperUtil.mayNotCreateUtkastForSekretessMarkerad(sekretessStatus, user, intygsTyp)) {
        return createErrorResponse("Intygstypen " + intygsTyp.toUpperCase() + " kan inte utfärdas för patienter med sekretessmarkering", ErrorIdType.APPLICATION_ERROR);
    }
    Map<String, Map<String, Boolean>> intygstypToBoolean = utkastService.checkIfPersonHasExistingIntyg(personnummer, user);
    String uniqueErrorString = AuthoritiesHelperUtil.validateMustBeUnique(user, intygsTyp, intygstypToBoolean);
    if (!uniqueErrorString.isEmpty()) {
        return createErrorResponse(uniqueErrorString, ErrorIdType.APPLICATION_ERROR);
    }
    if (authoritiesValidator.given(user, intygsTyp).features(AuthoritiesConstants.FEATURE_TAK_KONTROLL).isVerified()) {
        // Check if invoking health care unit has required TAK
        TakResult takResult = takService.verifyTakningForCareUnit(invokingUnitHsaId, intygsTyp, SchemaVersion.VERSION_3, user);
        if (!takResult.isValid()) {
            String error = Joiner.on("; ").join(takResult.getErrorMessages());
            return createErrorResponse(error, ErrorIdType.APPLICATION_ERROR);
        }
    }
    // Create the draft
    Utkast utkast = createNewDraft(utkastsParams, user);
    return createSuccessResponse(utkast.getIntygsId(), invokingUnitHsaId);
}
Also used : Personnummer(se.inera.intyg.schemas.contract.Personnummer) SekretessStatus(se.inera.intyg.webcert.common.model.SekretessStatus) Intyg(se.riv.clinicalprocess.healthcond.certificate.createdraftcertificateresponder.v3.Intyg) ResultValidator(se.inera.intyg.webcert.web.integration.validators.ResultValidator) Utkast(se.inera.intyg.webcert.persistence.utkast.model.Utkast) TakResult(se.inera.intyg.webcert.integration.tak.model.TakResult) Map(java.util.Map) IntygUser(se.inera.intyg.infra.security.common.model.IntygUser) WebCertServiceException(se.inera.intyg.webcert.common.service.exception.WebCertServiceException) WebCertServiceException(se.inera.intyg.webcert.common.service.exception.WebCertServiceException)

Example 4 with IntygUser

use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.

the class CommonFakeAuthenticationProvider method selectVardenhetFromFakeCredentials.

private void selectVardenhetFromFakeCredentials(Authentication token, Object details) {
    if (details instanceof IntygUser) {
        IntygUser user = (IntygUser) details;
        FakeCredentials fakeCredentials = (FakeCredentials) token.getCredentials();
        if (!Strings.isNullOrEmpty(fakeCredentials.getEnhetId())) {
            setVardenhetById(fakeCredentials.getEnhetId(), user);
            setVardgivareByVardenhetId(fakeCredentials.getEnhetId(), user);
        }
    }
}
Also used : FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials) IntygUser(se.inera.intyg.infra.security.common.model.IntygUser)

Example 5 with IntygUser

use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.

the class CommonFakeAuthenticationProvider method applyAuthenticationMethod.

private void applyAuthenticationMethod(Authentication token, Object details) {
    if (details instanceof IntygUser) {
        if (token.getCredentials() != null && ((FakeCredentials) token.getCredentials()).getOrigin() != null) {
            String authenticationMethod = ((FakeCredentials) token.getCredentials()).getAuthenticationMethod();
            try {
                if (authenticationMethod != null && !authenticationMethod.isEmpty()) {
                    IntygUser user = (IntygUser) details;
                    AuthenticationMethod newAuthMethod = AuthenticationMethod.valueOf(authenticationMethod);
                    user.setAuthenticationMethod(newAuthMethod);
                }
            } catch (IllegalArgumentException e) {
                String allowedTypes = Arrays.asList(AuthenticationMethod.values()).stream().map(val -> val.name()).collect(Collectors.joining(", "));
                throw new AuthoritiesException("Could not set authenticationMethod '" + authenticationMethod + "'. Unknown, allowed types are " + allowedTypes);
            }
        }
    }
}
Also used : FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials) AuthenticationMethod(se.inera.intyg.infra.security.common.model.AuthenticationMethod) AuthoritiesException(se.inera.intyg.infra.security.authorities.AuthoritiesException) IntygUser(se.inera.intyg.infra.security.common.model.IntygUser)

Aggregations

IntygUser (se.inera.intyg.infra.security.common.model.IntygUser)9 FakeCredentials (se.inera.intyg.webcert.web.auth.fake.FakeCredentials)4 WebCertServiceException (se.inera.intyg.webcert.common.service.exception.WebCertServiceException)3 Map (java.util.Map)2 AuthoritiesException (se.inera.intyg.infra.security.authorities.AuthoritiesException)2 Personnummer (se.inera.intyg.schemas.contract.Personnummer)2 SekretessStatus (se.inera.intyg.webcert.common.model.SekretessStatus)2 TakResult (se.inera.intyg.webcert.integration.tak.model.TakResult)2 Utkast (se.inera.intyg.webcert.persistence.utkast.model.Utkast)2 ResultValidator (se.inera.intyg.webcert.web.integration.validators.ResultValidator)2 WebCertUser (se.inera.intyg.webcert.web.service.user.dto.WebCertUser)2 HashMap (java.util.HashMap)1 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)1 SchemaVersion (se.inera.intyg.common.support.modules.support.api.notification.SchemaVersion)1 AuthoritiesValidator (se.inera.intyg.infra.security.authorities.validation.AuthoritiesValidator)1 AuthenticationMethod (se.inera.intyg.infra.security.common.model.AuthenticationMethod)1 Privilege (se.inera.intyg.infra.security.common.model.Privilege)1 Role (se.inera.intyg.infra.security.common.model.Role)1 Utlatande (se.riv.clinicalprocess.healthcond.certificate.createdraftcertificateresponder.v1.Utlatande)1 Intyg (se.riv.clinicalprocess.healthcond.certificate.createdraftcertificateresponder.v3.Intyg)1