diff --git a/src/main/java/de/caritas/cob/userservice/api/AccountManager.java b/src/main/java/de/caritas/cob/userservice/api/AccountManager.java index 2d48fd9b7..e3a5e0280 100644 --- a/src/main/java/de/caritas/cob/userservice/api/AccountManager.java +++ b/src/main/java/de/caritas/cob/userservice/api/AccountManager.java @@ -79,6 +79,7 @@ public Optional> findConsultantByUsername(String username) { public Map findConsultantsByInfix( String infix, + boolean shouldFilterByAgencies, Collection agenciesToFilterConsultants, int pageNumber, int pageSize, @@ -88,7 +89,7 @@ public Map findConsultantsByInfix( var direction = isAscending ? Direction.ASC : Direction.DESC; var pageRequest = PageRequest.of(pageNumber, pageSize, direction, fieldName); Page consultantPage; - if (agenciesToFilterConsultants.isEmpty()) { + if (!shouldFilterByAgencies) { consultantPage = consultantRepository.findAllByInfix(infix, pageRequest); } else { consultantPage = diff --git a/src/main/java/de/caritas/cob/userservice/api/adapters/web/controller/UserController.java b/src/main/java/de/caritas/cob/userservice/api/adapters/web/controller/UserController.java index d3f47196f..96c32ea90 100644 --- a/src/main/java/de/caritas/cob/userservice/api/adapters/web/controller/UserController.java +++ b/src/main/java/de/caritas/cob/userservice/api/adapters/web/controller/UserController.java @@ -12,9 +12,11 @@ import de.caritas.cob.userservice.api.actions.user.DeactivateKeycloakUserActionCommand; import de.caritas.cob.userservice.api.adapters.rocketchat.RocketChatCredentials; import de.caritas.cob.userservice.api.adapters.web.dto.AbsenceDTO; +import de.caritas.cob.userservice.api.adapters.web.dto.AgencyAdminResponseDTO; import de.caritas.cob.userservice.api.adapters.web.dto.ChatDTO; import de.caritas.cob.userservice.api.adapters.web.dto.ChatInfoResponseDTO; import de.caritas.cob.userservice.api.adapters.web.dto.ChatMembersResponseDTO; +import de.caritas.cob.userservice.api.adapters.web.dto.ConsultantAdminResponseDTO; import de.caritas.cob.userservice.api.adapters.web.dto.ConsultantResponseDTO; import de.caritas.cob.userservice.api.adapters.web.dto.ConsultantSearchResultDTO; import de.caritas.cob.userservice.api.adapters.web.dto.ConsultantSessionDTO; @@ -108,6 +110,7 @@ import java.util.List; import java.util.Optional; import java.util.UUID; +import java.util.stream.Collectors; import javax.validation.Valid; import javax.validation.constraints.NotNull; import javax.ws.rs.InternalServerErrorException; @@ -813,6 +816,7 @@ public ResponseEntity searchConsultants( var resultMap = accountManager.findConsultantsByInfix( decodedInfix, + authenticatedUser.hasRestrictedAgencyPriviliges(), getAgenciesToFilterConsultants(), page - 1, perPage, @@ -822,9 +826,28 @@ public ResponseEntity searchConsultants( var result = consultantDtoMapper.consultantSearchResultOf(resultMap, query, page, perPage, field, order); + if (authenticatedUser.hasRestrictedAgencyPriviliges()) { + if (result.getEmbedded() != null) { + result.getEmbedded().stream() + .forEach( + response -> + removeAgenciesWithoutAccessRight(response, getAgenciesToFilterConsultants())); + } + } + return ResponseEntity.ok(result); } + private void removeAgenciesWithoutAccessRight( + ConsultantAdminResponseDTO response, Collection agenciesToFilterConsultants) { + List agencies = response.getEmbedded().getAgencies(); + List filteredAgencies = + agencies.stream() + .filter(agency -> agenciesToFilterConsultants.contains(agency.getId())) + .collect(Collectors.toList()); + response.getEmbedded().setAgencies(filteredAgencies); + } + private Collection getAgenciesToFilterConsultants() { Collection agenciesToFilterConsultants = Lists.newArrayList(); if (authenticatedUser.hasRestrictedAgencyPriviliges()) { diff --git a/src/main/java/de/caritas/cob/userservice/api/port/in/AccountManaging.java b/src/main/java/de/caritas/cob/userservice/api/port/in/AccountManaging.java index fc47e2baf..869e7aaab 100644 --- a/src/main/java/de/caritas/cob/userservice/api/port/in/AccountManaging.java +++ b/src/main/java/de/caritas/cob/userservice/api/port/in/AccountManaging.java @@ -19,6 +19,7 @@ public interface AccountManaging { Map findConsultantsByInfix( String infix, + boolean shouldFilterByAgencies, Collection agenciesToFilterConsultants, int pageNumber, int pageSize, diff --git a/src/test/java/de/caritas/cob/userservice/api/AccountManagerTest.java b/src/test/java/de/caritas/cob/userservice/api/AccountManagerTest.java index 41625a453..aacf9cc2a 100644 --- a/src/test/java/de/caritas/cob/userservice/api/AccountManagerTest.java +++ b/src/test/java/de/caritas/cob/userservice/api/AccountManagerTest.java @@ -38,7 +38,8 @@ void findConsultantsByInfix_Should_NotFilterByAgenciesIfAgencyListIsEmpty() { .thenReturn(page); // when - accountManager.findConsultantsByInfix("infix", Lists.newArrayList(), 1, 10, "email", true); + accountManager.findConsultantsByInfix( + "infix", false, Lists.newArrayList(), 1, 10, "email", true); // then Mockito.verify(consultantRepository) @@ -54,7 +55,8 @@ void findConsultantsByInfix_Should_FilterByAgenciesIfAgencyListIsNotEmpty() { .thenReturn(page); // when - accountManager.findConsultantsByInfix("infix", Lists.newArrayList(1L), 1, 10, "email", true); + accountManager.findConsultantsByInfix( + "infix", true, Lists.newArrayList(1L), 1, 10, "email", true); // then Mockito.verify(consultantRepository)