use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.
the class TakServiceImplTest method createUser.
private IntygUser createUser(String roleName, Privilege p, Map<String, Feature> features, String origin) {
IntygUser user = new IntygUser(HSAID_OK);
HashMap<String, Privilege> pMap = new HashMap<>();
pMap.put(p.getName(), p);
user.setAuthorities(pMap);
user.setOrigin(origin);
user.setFeatures(features);
HashMap<String, Role> rMap = new HashMap<>();
Role role = new Role();
role.setName(roleName);
rMap.put(roleName, role);
user.setRoles(rMap);
return user;
}
use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.
the class CreateDraftCertificateResponderImpl method createDraftCertificate.
@Override
public CreateDraftCertificateResponseType createDraftCertificate(String logicalAddress, CreateDraftCertificateType parameters) {
Utlatande utkastsParams = parameters.getUtlatande();
// Redo this: Build a full Vårdgivare -> Vårdenhet -> Mottagning tree and then check.
String invokingUserHsaId = utkastsParams.getSkapadAv().getPersonalId().getExtension();
String invokingUnitHsaId = utkastsParams.getSkapadAv().getEnhet().getEnhetsId().getExtension();
IntygUser user;
try {
user = webcertUserDetailsService.loadUserByHsaId(invokingUserHsaId);
} catch (Exception e) {
return createMIUErrorResponse(utkastsParams);
}
// Validate draft parameters
ResultValidator resultsValidator = validator.validate(utkastsParams);
if (resultsValidator.hasErrors()) {
return createValidationErrorResponse(resultsValidator);
}
ResultValidator appErrorsValidator = validator.validateApplicationErrors(utkastsParams, user);
if (appErrorsValidator.hasErrors()) {
return createApplicationErrorResponse(appErrorsValidator);
}
LOG.debug("Creating draft for invoker '{}' on unit '{}'", invokingUserHsaId, invokingUnitHsaId);
// Check if the invoking health personal has MIU rights on care unit
if (!checkMIU(user, invokingUnitHsaId)) {
return createMIUErrorResponse(utkastsParams);
}
user.changeValdVardenhet(invokingUnitHsaId);
String intygsTyp = utkastsParams.getTypAvUtlatande().getCode().toLowerCase();
Personnummer personnummer = Personnummer.createPersonnummer(utkastsParams.getPatient().getPersonId().getExtension()).orElseThrow(() -> new WebCertServiceException(WebCertServiceErrorCodeEnum.PU_PROBLEM, "Failed to create valid personnummer for createDraft reques"));
final SekretessStatus sekretessStatus = patientDetailsResolver.getSekretessStatus(personnummer);
if (AuthoritiesHelperUtil.mayNotCreateUtkastForSekretessMarkerad(sekretessStatus, user, intygsTyp)) {
return createErrorResponse("Intygstypen " + intygsTyp + " kan inte utfärdas för patienter med sekretessmarkering", ErrorIdType.APPLICATION_ERROR);
}
Map<String, Map<String, Boolean>> intygstypToBoolean = utkastService.checkIfPersonHasExistingIntyg(personnummer, user);
String uniqueErrorString = AuthoritiesHelperUtil.validateMustBeUnique(user, intygsTyp, intygstypToBoolean);
if (!uniqueErrorString.isEmpty()) {
return createErrorResponse(uniqueErrorString, ErrorIdType.APPLICATION_ERROR);
}
if (authoritiesValidator.given(user, intygsTyp).features(AuthoritiesConstants.FEATURE_TAK_KONTROLL).isVerified()) {
// Check if invoking health care unit has required TAK
SchemaVersion schemaVersion = integreradeEnheterRegistry.getSchemaVersion(invokingUnitHsaId, intygsTyp).orElse(SchemaVersion.VERSION_1);
TakResult takResult = takService.verifyTakningForCareUnit(invokingUnitHsaId, intygsTyp, schemaVersion, user);
if (!takResult.isValid()) {
String error = Joiner.on("; ").join(takResult.getErrorMessages());
return createErrorResponse(error, ErrorIdType.APPLICATION_ERROR);
}
}
// Create the draft
Utkast utkast = createNewDraft(utkastsParams, user);
return createSuccessResponse(utkast.getIntygsId());
}
use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.
the class CreateDraftCertificateResponderImpl method createDraftCertificate.
@Override
public CreateDraftCertificateResponseType createDraftCertificate(String logicalAddress, CreateDraftCertificateType parameters) {
Intyg utkastsParams = parameters.getIntyg();
String invokingUserHsaId = utkastsParams.getSkapadAv().getPersonalId().getExtension();
String invokingUnitHsaId = utkastsParams.getSkapadAv().getEnhet().getEnhetsId().getExtension();
IntygUser user;
try {
user = webcertUserDetailsService.loadUserByHsaId(invokingUserHsaId);
} catch (Exception e) {
return createMIUErrorResponse(utkastsParams);
}
// Validate draft parameters
ResultValidator resultsValidator = validator.validate(utkastsParams);
if (resultsValidator.hasErrors()) {
return createValidationErrorResponse(resultsValidator);
}
ResultValidator appErrorsValidator = validator.validateApplicationErrors(utkastsParams, user);
if (appErrorsValidator.hasErrors()) {
return createApplicationErrorResponse(appErrorsValidator);
}
LOG.debug("Creating draft for invoker '{}' on unit '{}'", utkastsParams.getSkapadAv().getPersonalId().getExtension(), invokingUnitHsaId);
// Check if the invoking health personal has MIU rights on care unit
if (!HoSPersonHelper.findVardenhetEllerMottagning(user, invokingUnitHsaId).isPresent()) {
return createMIUErrorResponse(utkastsParams);
}
user.changeValdVardenhet(invokingUnitHsaId);
String intygsTyp = moduleRegistry.getModuleIdFromExternalId(utkastsParams.getTypAvIntyg().getCode());
Personnummer personnummer = Personnummer.createPersonnummer(utkastsParams.getPatient().getPersonId().getExtension()).orElseThrow(() -> new WebCertServiceException(WebCertServiceErrorCodeEnum.PU_PROBLEM, "Failed to create valid personnummer for createDraft request"));
SekretessStatus sekretessStatus = patientDetailsResolver.getSekretessStatus(personnummer);
if (AuthoritiesHelperUtil.mayNotCreateUtkastForSekretessMarkerad(sekretessStatus, user, intygsTyp)) {
return createErrorResponse("Intygstypen " + intygsTyp.toUpperCase() + " kan inte utfärdas för patienter med sekretessmarkering", ErrorIdType.APPLICATION_ERROR);
}
Map<String, Map<String, Boolean>> intygstypToBoolean = utkastService.checkIfPersonHasExistingIntyg(personnummer, user);
String uniqueErrorString = AuthoritiesHelperUtil.validateMustBeUnique(user, intygsTyp, intygstypToBoolean);
if (!uniqueErrorString.isEmpty()) {
return createErrorResponse(uniqueErrorString, ErrorIdType.APPLICATION_ERROR);
}
if (authoritiesValidator.given(user, intygsTyp).features(AuthoritiesConstants.FEATURE_TAK_KONTROLL).isVerified()) {
// Check if invoking health care unit has required TAK
TakResult takResult = takService.verifyTakningForCareUnit(invokingUnitHsaId, intygsTyp, SchemaVersion.VERSION_3, user);
if (!takResult.isValid()) {
String error = Joiner.on("; ").join(takResult.getErrorMessages());
return createErrorResponse(error, ErrorIdType.APPLICATION_ERROR);
}
}
// Create the draft
Utkast utkast = createNewDraft(utkastsParams, user);
return createSuccessResponse(utkast.getIntygsId(), invokingUnitHsaId);
}
use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.
the class CommonFakeAuthenticationProvider method selectVardenhetFromFakeCredentials.
private void selectVardenhetFromFakeCredentials(Authentication token, Object details) {
if (details instanceof IntygUser) {
IntygUser user = (IntygUser) details;
FakeCredentials fakeCredentials = (FakeCredentials) token.getCredentials();
if (!Strings.isNullOrEmpty(fakeCredentials.getEnhetId())) {
setVardenhetById(fakeCredentials.getEnhetId(), user);
setVardgivareByVardenhetId(fakeCredentials.getEnhetId(), user);
}
}
}
use of se.inera.intyg.infra.security.common.model.IntygUser in project webcert by sklintyg.
the class CommonFakeAuthenticationProvider method applyAuthenticationMethod.
private void applyAuthenticationMethod(Authentication token, Object details) {
if (details instanceof IntygUser) {
if (token.getCredentials() != null && ((FakeCredentials) token.getCredentials()).getOrigin() != null) {
String authenticationMethod = ((FakeCredentials) token.getCredentials()).getAuthenticationMethod();
try {
if (authenticationMethod != null && !authenticationMethod.isEmpty()) {
IntygUser user = (IntygUser) details;
AuthenticationMethod newAuthMethod = AuthenticationMethod.valueOf(authenticationMethod);
user.setAuthenticationMethod(newAuthMethod);
}
} catch (IllegalArgumentException e) {
String allowedTypes = Arrays.asList(AuthenticationMethod.values()).stream().map(val -> val.name()).collect(Collectors.joining(", "));
throw new AuthoritiesException("Could not set authenticationMethod '" + authenticationMethod + "'. Unknown, allowed types are " + allowedTypes);
}
}
}
}
Aggregations