Merge remote-tracking branch 'Simon/develop' into develop

Author: hongwei1

obp-api/src/main/scala/bootstrap/liftweb/Boot.scala

@@ -293,7 +293,8 @@ class Boot extends MdcLoggable {
             SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID, SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID,
             SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID,
             SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID,
-            SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID
+            SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID,
+            SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID
           )
           for {
             systemView <- viewSetUKOpenBanking

obp-api/src/main/scala/code/api/OAuth2.scala

@@ -165,7 +165,7 @@ object OAuth2Login extends RestHelper with MdcLoggable {
             hydraAdmin.createOAuth2Client(oAuth2Client)
           } else if(!CertificateUtil.comparePemX509Certificates(certInConsumer, cert)) { 
             // Cannot mat.ch the value from PSD2-CERT header and the database value Consumer.clientCertificate
-            logger.debug("Cert in Consumer: " + certInConsumer)
+            logger.debug(s"Cert in Consumer with the name ***${foundConsumer.name}*** : " + certInConsumer)
             logger.debug("Cert in Request: " + cert)
             logger.debug(s"Token: $value")
             logger.debug(s"Client ID: ${introspectOAuth2Token.getClientId}")

obp-api/src/main/scala/code/api/berlin/group/v1_3/AccountInformationServiceAISApi.scala

@@ -188,7 +188,9 @@ As a last option, an ASPSP might in addition accept a command with access rights
                callContext.flatMap(_.consumer).map(_.consumerId.get),
                Some(validUntil),
                callContext
-             )
+             ) map {
+               i => connectorEmptyResponse(i, callContext)
+             }
              _ <- Future(Consents.consentProvider.vend.setJsonWebToken(createdConsent.consentId, consentJWT)) map {
                i => connectorEmptyResponse(i, callContext)
              }
@@ -570,7 +572,7 @@ Reads account data from a given card account addressed by "account-id".
              _ <- passesPsd2Aisp(callContext)
              (bankAccount: BankAccount, callContext) <- NewStyle.function.getBankAccountByAccountId(accountId, callContext)
              (bank, callContext) <- NewStyle.function.getBank(bankAccount.bankId, callContext)
-             viewId = ViewId(SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID)
+             viewId = ViewId(SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID)
              bankIdAccountId = BankIdAccountId(bankAccount.bankId, bankAccount.accountId)
              view <- NewStyle.function.checkAccountAccessAndGetView(viewId, bankIdAccountId, Full(u), callContext)
              params <- Future { createQueriesByHttpParams(callContext.get.requestHeaders)} map {

obp-api/src/main/scala/code/api/berlin/group/v1_3/PaymentInitiationServicePISApi.scala

@@ -581,15 +581,12 @@ Check the transaction status of a payment initiation.""",
       }
       (toAccount, callContext) <- NewStyle.function.getToBankAccountByIban(toAccountIban, callContext)
 
-      viewId = ViewId(SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID)
+      viewId = ViewId(SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID)
       bankIdAccountId = BankIdAccountId(fromAccount.bankId, fromAccount.accountId)
       view <- NewStyle.function.checkAccountAccessAndGetView(viewId, bankIdAccountId, Full(u), callContext)
-
-      _ <- if (view.canAddTransactionRequestToAnyAccount)
-        Future.successful(Full(Unit))
-      else
-        NewStyle.function.hasEntitlement(fromAccount.bankId.value, u.userId, ApiRole.canCreateAnyTransactionRequest, callContext, InsufficientAuthorisationToCreateTransactionRequest)
-
+      _ <- Helper.booleanToFuture(InsufficientAuthorisationToCreateTransactionRequest, cc = callContext) {
+        view.canAddTransactionRequestToAnyAccount
+      }
       // Prevent default value for transaction request type (at least).
       _ <- Helper.booleanToFuture(s"From Account Currency is ${fromAccount.currency}, but Requested Transaction Currency is: ${sepaCreditTransfersBerlinGroupV13.instructedAmount.currency}", cc = callContext) {
         sepaCreditTransfersBerlinGroupV13.instructedAmount.currency == fromAccount.currency

obp-api/src/main/scala/code/api/constant/constant.scala

@@ -60,6 +60,7 @@ object Constant extends MdcLoggable {
   final val SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID = "ReadAccountsBerlinGroup"
   final val SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID = "ReadBalancesBerlinGroup"
   final val SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID = "ReadTransactionsBerlinGroup"
+  final val SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID = "InitiatePaymentsBerlinGroup"
 
   //This is used for the canRevokeAccessToViews_ and canGrantAccessToViews_ fields of SYSTEM_OWNER_VIEW_ID or SYSTEM_STANDARD_VIEW_ID.
   final val DEFAULT_CAN_GRANT_AND_REVOKE_ACCESS_TO_VIEWS = 
@@ -78,7 +79,8 @@ object Constant extends MdcLoggable {
     SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID::
     SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
     SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
-    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID :: Nil
+    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID :: 
+      SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID :: Nil
 
   //We allow CBS side to generate views by getBankAccountsForUser.viewsToGenerate filed.
   // viewsToGenerate can be any views, and OBP will check the following list, to make sure only allowed views are generated
@@ -92,7 +94,8 @@ object Constant extends MdcLoggable {
     SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID::
     SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
     SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
-    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID :: Nil
+    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID ::
+      SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID :: Nil
 
   //These are the default incoming and outgoing account ids. we will create both during the boot.scala.
   final val INCOMING_SETTLEMENT_ACCOUNT_ID = "OBP-INCOMING-SETTLEMENT-ACCOUNT"    

obp-api/src/main/scala/code/api/util/ConsentUtil.scala

@@ -669,7 +669,7 @@ object Consent extends MdcLoggable {
                                   consentId: String,
                                   consumerId: Option[String],
                                   validUntil: Option[Date], 
-                                  callContext: Option[CallContext]): Future[String] = {
+                                  callContext: Option[CallContext]): Future[Box[String]] = {
 
     val currentTimeInSeconds = System.currentTimeMillis / 1000
     val validUntilTimeInSeconds = validUntil match {
@@ -731,10 +731,14 @@ object Consent extends MdcLoggable {
         views = views,
         access = Some(consent.access)
       )
-      implicit val formats = CustomJsonFormats.formats
-      val jwtPayloadAsJson = compactRender(Extraction.decompose(json))
-      val jwtClaims: JWTClaimsSet = JWTClaimsSet.parse(jwtPayloadAsJson)
-      CertificateUtil.jwtWithHmacProtection(jwtClaims, secret)
+      if(views.isEmpty) {
+        Empty
+      } else {
+        implicit val formats = CustomJsonFormats.formats
+        val jwtPayloadAsJson = compactRender(Extraction.decompose(json))
+        val jwtClaims: JWTClaimsSet = JWTClaimsSet.parse(jwtPayloadAsJson)
+        Full(CertificateUtil.jwtWithHmacProtection(jwtClaims, secret))
+      }
     }
   }
 

obp-api/src/main/scala/code/api/v4_0_0/JSONFactory4.0.0.scala

@@ -309,8 +309,8 @@ case class AccountsBalancesJsonV400(accounts:List[AccountBalanceJsonV400])
 case class BalanceJsonV400(`type`: String, currency: String, amount: String)
 
 case class AccountBalanceJsonV400(
-                                   account_id: String,
                                    bank_id: String,
+                                   account_id: String,
                                    account_routings: List[AccountRouting],
                                    label: String,
                                    balances: List[BalanceJsonV400]

obp-api/src/main/scala/code/api/v5_0_0/APIMethods500.scala

@@ -945,6 +945,8 @@ trait APIMethods500 {
             //Here are all the VRP consent request
             (bankId, accountId, viewId, counterpartyId) <- if (isVRPConsentRequest) {
               val postConsentRequestJsonV510 = json.parse(createdConsentRequest.payload).extract[code.api.v5_1_0.PostVRPConsentRequestJsonV510]
+              
+              // TODO Add routing scheme as well. In case IBAN is provided this will not work.
               val fromBankIdAccountId = BankIdAccountId(BankId(postConsentRequestJsonV510.from_account.bank_routing.address), AccountId(postConsentRequestJsonV510.from_account.account_routing.address))
 
               val vrpViewId = s"_VRP-${UUID.randomUUID.toString}".dropRight(5)// to make sure the length of the viewId is 36.

obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala

@@ -1111,6 +1111,7 @@ def restoreSomeSessions(): Unit = {
     }
 
     def isObpProvider(user: AuthUser) = {
+      // TODO Consider does http://host should match https://host in development mode
       user.getProvider() == Constant.localIdentityProvider
     }
 

obp-api/src/main/scala/code/sandbox/OBPDataImport.scala

@@ -411,10 +411,27 @@ trait OBPDataImport extends MdcLoggable {
     val readAccountsBerlinGroupView = Views.views.vend.getOrCreateSystemView(SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID).asInstanceOf[Box[ViewType]]
     val readBalancesBerlinGroupView = Views.views.vend.getOrCreateSystemView(SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID).asInstanceOf[Box[ViewType]]
     val readTransactionsBerlinGroupView = Views.views.vend.getOrCreateSystemView(SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID).asInstanceOf[Box[ViewType]]
-
-
-
-    List(accountFirehose, ownerView, accountantsView, auditorsView, publicView, readAccountsBasicView, readAccountsDetailView, readBalancesView, readTransactionsBasicView, readTransactionsDebitsView, readTransactionsDetailView, readAccountsBerlinGroupView, readBalancesBerlinGroupView, readTransactionsBerlinGroupView).flatten
+    val initiatePaymentsBerlinGroupView = Views.views.vend.getOrCreateSystemView(SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID).asInstanceOf[Box[ViewType]]
+
+
+
+    List(
+      accountFirehose, 
+      ownerView, 
+      accountantsView, 
+      auditorsView, 
+      publicView, 
+      readAccountsBasicView, 
+      readAccountsDetailView, 
+      readBalancesView, 
+      readTransactionsBasicView, 
+      readTransactionsDebitsView, 
+      readTransactionsDetailView, 
+      readAccountsBerlinGroupView, 
+      readBalancesBerlinGroupView, 
+      readTransactionsBerlinGroupView, 
+      initiatePaymentsBerlinGroupView
+    ).flatten
 
   }
 

obp-api/src/main/scala/code/views/MapperViews.scala

@@ -898,9 +898,12 @@ object MapperViews extends Views with MdcLoggable {
       .canSeeOtherBankRoutingAddress_(true)
       .canSeeOtherAccountRoutingScheme_(true)
       .canSeeOtherAccountRoutingAddress_(true)
+      
+      // TODO  Allow use only for certain cases
       .canAddTransactionRequestToOwnAccount_(true) //added following two for payments
       .canAddTransactionRequestToAnyAccount_(true)
       .canAddTransactionRequestToBeneficiary_(true)
+      
       .canSeeAvailableViewsForBankAccount_(false)
       .canSeeTransactionRequests_(false)
       .canSeeTransactionRequestTypes_(false)
@@ -916,7 +919,7 @@ object MapperViews extends Views with MdcLoggable {
 
     viewId match {
       case SYSTEM_OWNER_VIEW_ID | SYSTEM_STANDARD_VIEW_ID =>
-        entity
+        entity // Make additional setup to the existing view
           .canSeeAvailableViewsForBankAccount_(true)
           .canSeeTransactionRequests_(true)
           .canSeeTransactionRequestTypes_(true)
@@ -926,21 +929,53 @@ object MapperViews extends Views with MdcLoggable {
           .canGrantAccessToViews_(DEFAULT_CAN_GRANT_AND_REVOKE_ACCESS_TO_VIEWS.mkString(","))
           .canRevokeAccessToViews_(DEFAULT_CAN_GRANT_AND_REVOKE_ACCESS_TO_VIEWS.mkString(","))
       case SYSTEM_STAGE_ONE_VIEW_ID =>
-        entity
+        entity // Make additional setup to the existing view
           .canSeeTransactionDescription_(false)
           .canAddTransactionRequestToAnyAccount_(false)
           .canAddTransactionRequestToBeneficiary_(false)
       case SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID =>
-        entity
+        entity // Make additional setup to the existing view
           .canRevokeAccessToCustomViews_(true)
           .canGrantAccessToCustomViews_(true)
           .canCreateCustomView_(true)
           .canDeleteCustomView_(true)
           .canUpdateCustomView_(true)
           .canGetCustomView_(true)
       case SYSTEM_FIREHOSE_VIEW_ID =>
-        entity
+        entity // Make additional setup to the existing view
           .isFirehose_(true)
+      case SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID | 
+           SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID =>
+        create // A new one
+          .isSystem_(true)
+          .isFirehose_(false)
+          .name_(StringHelpers.capify(viewId))
+          .view_id(viewId)
+          .description_(viewId)
+      case SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID =>
+        create // A new one
+          .isSystem_(true)
+          .isFirehose_(false)
+          .name_(StringHelpers.capify(viewId))
+          .view_id(viewId)
+          .description_(viewId)
+          .canSeeTransactionThisBankAccount_(true)
+          .canSeeTransactionOtherBankAccount_(true)
+          .canSeeTransactionAmount_(true)
+          .canSeeTransactionCurrency_(true)
+          .canSeeTransactionBalance_(true)
+          .canSeeTransactionStartDate_(true)
+          .canSeeTransactionFinishDate_(true)
+          .canSeeTransactionDescription_(true)
+      case SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID =>
+        create // A new one
+          .isSystem_(true)
+          .isFirehose_(false)
+          .name_(StringHelpers.capify(viewId))
+          .view_id(viewId)
+          .description_(viewId)
+          .canAddTransactionRequestToAnyAccount_(true)
+          .canAddTransactionRequestToBeneficiary_(true)
       case _ =>
         entity
     }

obp-api/src/test/scala/code/api/berlin/group/v1_3/AccountInformationServiceAISApiTest.scala

@@ -1,7 +1,7 @@
 package code.api.berlin.group.v1_3
 
 import code.api.Constant
-import code.api.Constant.SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID
+import code.api.Constant.{SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID, SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID}
 import code.api.berlin.group.v1_3.JSONFactory_BERLIN_GROUP_1_3._
 import code.api.builder.AccountInformationServiceAISApi.APIMethods_AccountInformationServiceAISApi
 import code.api.util.APIUtil
@@ -212,7 +212,7 @@ class AccountInformationServiceAISApiTest extends BerlinGroupServerSetupV1_3 wit
         testAccountId.value,
         resourceUser1.userId,
         user1,
-        PostViewJsonV400(view_id = SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID, is_system = true)
+        PostViewJsonV400(view_id = SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID, is_system = true)
       )
 
       val requestGet = (V1_3_BG / "card-accounts" / testAccountId.value / "transactions").GET <@ (user1)

obp-api/src/test/scala/code/api/berlin/group/v1_3/BerlinGroupServerSetupV1_3.scala

@@ -23,6 +23,7 @@ trait BerlinGroupServerSetupV1_3 extends ServerSetupWithTestData {
     Views.views.vend.getOrCreateSystemView(SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID)
     Views.views.vend.getOrCreateSystemView(Constant.SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID)
     Views.views.vend.getOrCreateSystemView(Constant.SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID)
+    Views.views.vend.getOrCreateSystemView(Constant.SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID)
   }
 
   def grantUserAccessToViewViaEndpoint(bankId: String,

obp-api/src/test/scala/code/api/berlin/group/v1_3/PaymentInitiationServicePISApiTest.scala

@@ -2,7 +2,7 @@ package code.api.berlin.group.v1_3
 
 import code.api.BerlinGroup.ScaStatus
 import code.api.Constant
-import code.api.Constant.SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID
+import code.api.Constant.{SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID, SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID}
 import code.api.berlin.group.v1_3.JSONFactory_BERLIN_GROUP_1_3.{CancellationJsonV13, InitiatePaymentResponseJson, StartPaymentAuthorisationJson}
 import code.api.berlin.group.v1_3.model.{PsuData, ScaStatusResponse, UpdatePsuAuthenticationResponse}
 import code.api.berlin.group.v1_3.JSONFactory_BERLIN_GROUP_1_3.{CancellationJsonV13, ErrorMessagesBG, InitiatePaymentResponseJson, StartPaymentAuthorisationJson}
@@ -206,7 +206,8 @@ class PaymentInitiationServicePISApiTest extends BerlinGroupServerSetupV1_3 with
   }
 
   private def grantAccountAccess(acountRoutingIbanFrom: BankAccountRouting) = {
-    Views.views.vend.systemView(ViewId(SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID)).flatMap(view =>
+    org.scalameta.logger.elem(Views.views.vend.systemView(ViewId(SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID)))
+    Views.views.vend.systemView(ViewId(SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID)).flatMap(view =>
       // Grant account access
       Views.views.vend.grantAccessToSystemView(acountRoutingIbanFrom.bankId,
         acountRoutingIbanFrom.accountId,