From edc27ea20c68ca1ae77231b971390fd6bc136cef Mon Sep 17 00:00:00 2001 From: jonkjetiloye <40996230+jonkjetiloye@users.noreply.github.com> Date: Tue, 17 Dec 2024 15:52:36 +0100 Subject: [PATCH] Fix IsAccessListModeApplicable Check (#173) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Fix IsAccessListModeApplicable Check #172 Fixed so IsAccessListModeApplicable use the users delegable right model and not the input model for the check Related Work Items: #17 * Added automated Bruno tests for AccessList: DelegationCheck and Delegation * Added test data for TT02 * Deleted duplicate test --------- Co-authored-by: Jon Kjetil Øye Co-authored-by: howieandersen --- .../Services/SingleRightsService.cs | 5 +- ...tDelegationCheck_Dagl_OrgPartialAccess.bru | 59 +++++++++++++ ...stDelegation_Dagl_OrgPartialAccessRead.bru | 85 +++++++++++++++++++ ...sstyrer cannot see offered delegations.bru | 2 +- ...styrer cannot see received delegations.bru | 2 +- .../o2o cannot delegate to itself.bru | 2 +- .../o2o delegate org2org (again).bru | 2 +- .../RightsInternal/o2o delegate org2org.bru | 2 +- ...o2o org attempts to delegate to itself.bru | 2 +- .../o2o org2org delegation successful.bru | 2 +- ...g org no longer has delegation (again).bru | 2 +- ...receiving org no longer has delegation.bru | 2 +- ...eiving org revokes delegation from org.bru | 2 +- ... sending org revokes delegation to org.bru | 2 +- .../o2p delegate org2person (again).bru | 2 +- .../o2p delegate org2person.bru | 2 +- .../o2p org2person delegation successful.bru | 2 +- ...iving person has no delegation (again).bru | 2 +- ...eiving person no longer has delegation.bru | 2 +- ...ing person revokes delegation from org.bru | 2 +- ...nding org revokes delegation to person.bru | 2 +- .../p2o delegate person2org (again).bru | 2 +- .../p2o delegate person2org.bru | 2 +- .../p2o person2org delegation successful.bru | 2 +- ...g org no longer has delegation (again).bru | 2 +- ...receiving org no longer has delegation.bru | 2 +- ...ing org revokes delegation from person.bru | 2 +- ...nding person revokes delegation to org.bru | 2 +- ...o testdata cleanup (revoke delegation).bru | 2 +- .../p2p delegate person2person (again).bru | 2 +- .../p2p delegate person2person.bru | 2 +- .../p2p delegation successful.bru | 2 +- ...iving person has no delegation (again).bru | 2 +- ...eiving person no longer has delegation.bru | 2 +- ...2p receiving person revokes delegation.bru | 2 +- ...the offering person revokes delegation.bru | 2 +- .../tilg app testdata cleanup.bru | 2 +- ...elegate altinn app they have access to.bru | 2 +- ... delegate resource they have access to.bru | 2 +- ...delegate app they don't have access to.bru | 2 +- .../tilg resource testdata cleanup.bru | 2 +- ...uccessfully delegated app and resource.bru | 2 +- .../Testdata/accesslist-delegation/at22.json | 30 +++++++ .../Testdata/accesslist-delegation/tt02.json | 30 +++++++ 44 files changed, 246 insertions(+), 41 deletions(-) create mode 100644 src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/accesslist-resource/AccessListDelegationCheck_Dagl_OrgPartialAccess.bru create mode 100644 src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/accesslist-resource/AccessListDelegation_Dagl_OrgPartialAccessRead.bru create mode 100644 src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Testdata/accesslist-delegation/at22.json create mode 100644 src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Testdata/accesslist-delegation/tt02.json diff --git a/src/apps/Altinn.AccessManagement/src/Altinn.AccessManagement.Core/Services/SingleRightsService.cs b/src/apps/Altinn.AccessManagement/src/Altinn.AccessManagement.Core/Services/SingleRightsService.cs index e456f09a..82294aea 100644 --- a/src/apps/Altinn.AccessManagement/src/Altinn.AccessManagement.Core/Services/SingleRightsService.cs +++ b/src/apps/Altinn.AccessManagement/src/Altinn.AccessManagement.Core/Services/SingleRightsService.cs @@ -160,11 +160,12 @@ public async Task DelegateRights(int authenticatedUserId List rightsUserCantDelegate = new List(); foreach (Right rightToDelegate in delegation.Rights) { - if (usersDelegableRights.Contains(rightToDelegate)) + Right delegableRight = usersDelegableRights.Find(r => r.RightKey == rightToDelegate.RightKey); + if (delegableRight != null) { // If delegable and serviceResource.AccessListMode is enabled, call accessListAuthorizationClient AccessListAuthorizationResult accessListAuthorizationResult = AccessListAuthorizationResult.NotApplicable; - if (DelegationHelper.IsAccessListModeEnabledAndApplicable(rightToDelegate, resource, fromParty)) + if (DelegationHelper.IsAccessListModeEnabledAndApplicable(delegableRight, resource, fromParty)) { AccessListAuthorizationRequest accessListAuthorizationRequest = new AccessListAuthorizationRequest { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/accesslist-resource/AccessListDelegationCheck_Dagl_OrgPartialAccess.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/accesslist-resource/AccessListDelegationCheck_Dagl_OrgPartialAccess.bru new file mode 100644 index 00000000..8c90cbf6 --- /dev/null +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/accesslist-resource/AccessListDelegationCheck_Dagl_OrgPartialAccess.bru @@ -0,0 +1,59 @@ +meta { + name: AccessListDelegationCheck_Dagl_OrgPartialAccess + type: http + seq: 1 +} + +post { + url: {{baseUrl}}/accessmanagement/api/v1/internal/{{party}}/rights/delegation/delegationcheck + body: json + auth: inherit +} + +body:json { + { + "resource": [ + { + "id": "urn:altinn:resource", + "value": "{{resource}}" + } + ] + } +} + +script:pre-request { + const testdata = require(`./Testdata/accesslist-delegation/${bru.getEnvVar("tokenEnv")}.json`); + const sharedtestdata = require(`./Testdata/sharedtestdata.json`); + bru.setVar("party", testdata.OrdentligUlasteligStruts.partyid); + bru.setVar("resource", testdata.resource); + + var getTokenParameters = { + auth_tokenType: sharedtestdata.authTokenType.personal, + auth_userId: testdata.OrdentligUlasteligStruts.dagl.userid, + auth_partyId: testdata.OrdentligUlasteligStruts.dagl.partyid, + auth_ssn: testdata.OrdentligUlasteligStruts.dagl.pid + } + + const token = await testTokenGenerator.getToken(getTokenParameters); + bru.setVar("bearerToken", token); +} + +tests { + // Should be the same as the .bru request file. Used as prefix in test name which also shows in test result in pipeline. + const requestName = "AccessListDelegationCheck_Dagl_OrgPartialAccess"; + const body = res.getBody(); + + test(requestName + "|HttpStatus.OK", function() { + expect(res.status).to.equal(200); + }); + + test(requestName + "|Read_IsDelegable", function() { + const right = body.find(right => right.rightKey === "devtest_gar_bruno_accesslist_actionfilter:read"); + assert.equal(right.status, "Delegable", `Expected read to be: Delegable`); + }); + + test(requestName + "|Write_IsNotDelegable", function() { + const right = body.find(right => right.rightKey === "devtest_gar_bruno_accesslist_actionfilter:write"); + assert.equal(right.status, "NotDelegable", `Expected write to be; NotDelegable`); + }); +} diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/accesslist-resource/AccessListDelegation_Dagl_OrgPartialAccessRead.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/accesslist-resource/AccessListDelegation_Dagl_OrgPartialAccessRead.bru new file mode 100644 index 00000000..0412b73e --- /dev/null +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/accesslist-resource/AccessListDelegation_Dagl_OrgPartialAccessRead.bru @@ -0,0 +1,85 @@ +meta { + name: AccessListDelegation_Dagl_OrgPartialAccessRead + type: http + seq: 2 +} + +post { + url: {{baseUrl}}/accessmanagement/api/v1/internal/{{party}}/rights/delegation/offered + body: json + auth: inherit +} + +body:json { + { + "to": [ + { + "id": "urn:altinn:person:identifier-no", + "value": "{{toSsn}}" + }, + { + "id": "urn:altinn:person:lastname", + "value": "{{toLastName}}" + } + ], + "rights": [ + { + "resource": [ + { + "id": "urn:altinn:resource", + "value": "{{resource}}" + } + ], + "action": "read" + }, + { + "resource": [ + { + "id": "urn:altinn:resource", + "value": "{{resource}}" + } + ], + "action": "write" + } + ] + } +} + +script:pre-request { + const testdata = require(`./Testdata/accesslist-delegation/${bru.getEnvVar("tokenEnv")}.json`); + const sharedtestdata = require(`./Testdata/sharedtestdata.json`); + bru.setVar("party", testdata.SvenskGeniærklertTiger.partyid); + bru.setVar("resource", testdata.resource); + bru.setVar("toSsn", testdata.SvenskGeniærklertTiger.dagl.pid); + bru.setVar("toLastName", "KRYDDERMÅL"); + + var getTokenParameters = { + auth_tokenType: sharedtestdata.authTokenType.personal, + auth_userId: testdata.SvenskGeniærklertTiger.dagl.userid, + auth_partyId: testdata.SvenskGeniærklertTiger.dagl.partyid, + auth_ssn: testdata.SvenskGeniærklertTiger.dagl.pid + } + + const token = await testTokenGenerator.getToken(getTokenParameters); + bru.setVar("bearerToken", token); +} + +tests { + // Should be the same as the .bru request file. Used as prefix in test name which also shows in test result in pipeline. + const requestName = "AccessListDelegation_Dagl_OrgPartialAccess"; + const body = res.getBody(); + + test(requestName + "|HttpStatus.OK", function() { + expect(res.status).to.equal(200); + }); + + test(requestName + "|Read_IsDelegable", function() { + const right = body.rightDelegationResults.find(right => right.rightKey === "devtest_gar_bruno_accesslist_actionfilter:read"); + assert.equal(right.status, "Delegated", `Expected read to be: Delegated`); + }); + + test(requestName + "|Write_IsNotDelegable", function() { + const right = body.rightDelegationResults.find(right => right.rightKey === "devtest_gar_bruno_accesslist_actionfilter:write"); + assert.equal(right.status, "NotDelegated", `Expected read to be: NotDelegated`); + }); +} diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/non-tilgangsstyrer cannot see offered delegations.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/non-tilgangsstyrer cannot see offered delegations.bru index 287dbc58..1b7c8453 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/non-tilgangsstyrer cannot see offered delegations.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/non-tilgangsstyrer cannot see offered delegations.bru @@ -1,7 +1,7 @@ meta { name: non-tilgangsstyrer cannot see offered delegations type: http - seq: 41 + seq: 42 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/non-tilgangsstyrer cannot see received delegations.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/non-tilgangsstyrer cannot see received delegations.bru index 744e8b71..0b91e223 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/non-tilgangsstyrer cannot see received delegations.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/non-tilgangsstyrer cannot see received delegations.bru @@ -1,7 +1,7 @@ meta { name: non-tilgangsstyrer cannot see received delegations type: http - seq: 42 + seq: 43 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o cannot delegate to itself.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o cannot delegate to itself.bru index f7aabdd9..7fa6e2cf 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o cannot delegate to itself.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o cannot delegate to itself.bru @@ -1,7 +1,7 @@ meta { name: o2o cannot delegate to itself type: http - seq: 36 + seq: 37 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o delegate org2org (again).bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o delegate org2org (again).bru index f26d71cb..9f8a35d8 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o delegate org2org (again).bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o delegate org2org (again).bru @@ -1,7 +1,7 @@ meta { name: o2o delegate org2org (again) type: http - seq: 25 + seq: 26 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o delegate org2org.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o delegate org2org.bru index a9b1a3a4..0a537a7c 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o delegate org2org.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o delegate org2org.bru @@ -1,7 +1,7 @@ meta { name: o2o delegate org2org type: http - seq: 21 + seq: 22 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o org attempts to delegate to itself.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o org attempts to delegate to itself.bru index 85f9faff..31670f5a 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o org attempts to delegate to itself.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o org attempts to delegate to itself.bru @@ -1,7 +1,7 @@ meta { name: o2o org attempts to delegate to itself type: http - seq: 35 + seq: 36 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o org2org delegation successful.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o org2org delegation successful.bru index 9b369de5..08b20948 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o org2org delegation successful.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o org2org delegation successful.bru @@ -1,7 +1,7 @@ meta { name: o2o org2org delegation successful type: http - seq: 22 + seq: 23 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org no longer has delegation (again).bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org no longer has delegation (again).bru index b05e7d21..976731c6 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org no longer has delegation (again).bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org no longer has delegation (again).bru @@ -1,7 +1,7 @@ meta { name: o2o receiving org no longer has delegation (again) type: http - seq: 27 + seq: 28 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org no longer has delegation.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org no longer has delegation.bru index cc07c80f..f9bb7223 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org no longer has delegation.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org no longer has delegation.bru @@ -1,7 +1,7 @@ meta { name: o2o receiving org no longer has delegation type: http - seq: 24 + seq: 25 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org revokes delegation from org.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org revokes delegation from org.bru index d357595e..1ea6dbb4 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org revokes delegation from org.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o receiving org revokes delegation from org.bru @@ -1,7 +1,7 @@ meta { name: o2o receiving org revokes delegation from org type: http - seq: 23 + seq: 24 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o sending org revokes delegation to org.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o sending org revokes delegation to org.bru index 57292d14..08a71a73 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o sending org revokes delegation to org.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2o sending org revokes delegation to org.bru @@ -1,7 +1,7 @@ meta { name: o2o sending org revokes delegation to org type: http - seq: 26 + seq: 27 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p delegate org2person (again).bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p delegate org2person (again).bru index 9474f376..3ff561c8 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p delegate org2person (again).bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p delegate org2person (again).bru @@ -1,7 +1,7 @@ meta { name: o2p delegate org2person (again) type: http - seq: 18 + seq: 19 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p delegate org2person.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p delegate org2person.bru index bb2ad0a1..b871d2f1 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p delegate org2person.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p delegate org2person.bru @@ -1,7 +1,7 @@ meta { name: o2p delegate org2person type: http - seq: 14 + seq: 15 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p org2person delegation successful.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p org2person delegation successful.bru index b4e5c4ff..020e0b0a 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p org2person delegation successful.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p org2person delegation successful.bru @@ -1,7 +1,7 @@ meta { name: o2p org2person delegation successful type: http - seq: 15 + seq: 16 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person has no delegation (again).bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person has no delegation (again).bru index c6bd9665..3aee7db9 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person has no delegation (again).bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person has no delegation (again).bru @@ -1,7 +1,7 @@ meta { name: o2p receiving person has no delegation (again) type: http - seq: 20 + seq: 21 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person no longer has delegation.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person no longer has delegation.bru index ccce97d7..c86a0359 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person no longer has delegation.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person no longer has delegation.bru @@ -1,7 +1,7 @@ meta { name: o2p receiving person no longer has delegation type: http - seq: 17 + seq: 18 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person revokes delegation from org.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person revokes delegation from org.bru index 15982be0..83fe6a6f 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person revokes delegation from org.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p receiving person revokes delegation from org.bru @@ -1,7 +1,7 @@ meta { name: o2p receiving person revokes delegation from org type: http - seq: 16 + seq: 17 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p sending org revokes delegation to person.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p sending org revokes delegation to person.bru index 4d823b73..67e1c6f3 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p sending org revokes delegation to person.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/o2p sending org revokes delegation to person.bru @@ -1,7 +1,7 @@ meta { name: o2p sending org revokes delegation to person type: http - seq: 19 + seq: 20 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o delegate person2org (again).bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o delegate person2org (again).bru index 7c1a24e9..2561c4f7 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o delegate person2org (again).bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o delegate person2org (again).bru @@ -1,7 +1,7 @@ meta { name: p2o delegate person2org (again) type: http - seq: 32 + seq: 33 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o delegate person2org.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o delegate person2org.bru index c5e4f6e0..e8806382 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o delegate person2org.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o delegate person2org.bru @@ -1,7 +1,7 @@ meta { name: p2o delegate person2org type: http - seq: 28 + seq: 29 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o person2org delegation successful.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o person2org delegation successful.bru index e95bde67..09d43015 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o person2org delegation successful.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o person2org delegation successful.bru @@ -1,7 +1,7 @@ meta { name: p2o person2org delegation successful type: http - seq: 29 + seq: 30 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org no longer has delegation (again).bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org no longer has delegation (again).bru index 1cbf0a53..d3cab054 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org no longer has delegation (again).bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org no longer has delegation (again).bru @@ -1,7 +1,7 @@ meta { name: p2o receiving org no longer has delegation (again) type: http - seq: 34 + seq: 35 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org no longer has delegation.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org no longer has delegation.bru index 8f0edd2d..7217936c 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org no longer has delegation.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org no longer has delegation.bru @@ -1,7 +1,7 @@ meta { name: p2o receiving org no longer has delegation type: http - seq: 31 + seq: 32 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org revokes delegation from person.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org revokes delegation from person.bru index 05b9f660..7ed9bdb2 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org revokes delegation from person.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o receiving org revokes delegation from person.bru @@ -1,7 +1,7 @@ meta { name: p2o receiving org revokes delegation from person type: http - seq: 30 + seq: 31 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o sending person revokes delegation to org.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o sending person revokes delegation to org.bru index 2c2b2ce5..af2d5f45 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o sending person revokes delegation to org.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o sending person revokes delegation to org.bru @@ -1,7 +1,7 @@ meta { name: p2o sending person revokes delegation to org type: http - seq: 33 + seq: 34 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o testdata cleanup (revoke delegation).bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o testdata cleanup (revoke delegation).bru index a08799ad..43b6fd50 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o testdata cleanup (revoke delegation).bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2o testdata cleanup (revoke delegation).bru @@ -1,7 +1,7 @@ meta { name: p2o testdata cleanup (revoke delegation) type: http - seq: 4 + seq: 5 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegate person2person (again).bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegate person2person (again).bru index 21e62609..0da5a95a 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegate person2person (again).bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegate person2person (again).bru @@ -1,7 +1,7 @@ meta { name: p2p delegate person2person (again) type: http - seq: 11 + seq: 12 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegate person2person.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegate person2person.bru index c0930c28..482017b0 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegate person2person.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegate person2person.bru @@ -1,7 +1,7 @@ meta { name: p2p delegate person2person type: http - seq: 7 + seq: 8 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegation successful.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegation successful.bru index 14c95b01..ea9697d7 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegation successful.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p delegation successful.bru @@ -1,7 +1,7 @@ meta { name: p2p delegation successful type: http - seq: 8 + seq: 9 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person has no delegation (again).bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person has no delegation (again).bru index 41f0fd09..82b97107 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person has no delegation (again).bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person has no delegation (again).bru @@ -1,7 +1,7 @@ meta { name: p2p receiving person has no delegation (again) type: http - seq: 13 + seq: 14 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person no longer has delegation.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person no longer has delegation.bru index 8336f7e8..cc3f5e1a 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person no longer has delegation.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person no longer has delegation.bru @@ -1,7 +1,7 @@ meta { name: p2p receiving person no longer has delegation type: http - seq: 10 + seq: 11 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person revokes delegation.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person revokes delegation.bru index 242be0bc..dd4a65e1 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person revokes delegation.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p receiving person revokes delegation.bru @@ -1,7 +1,7 @@ meta { name: p2p receiving person revokes delegation type: http - seq: 9 + seq: 10 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p the offering person revokes delegation.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p the offering person revokes delegation.bru index 988fc9b1..98717c04 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p the offering person revokes delegation.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/p2p the offering person revokes delegation.bru @@ -1,7 +1,7 @@ meta { name: p2p the offering person revokes delegation type: http - seq: 12 + seq: 13 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg app testdata cleanup.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg app testdata cleanup.bru index e303d299..965a1e7a 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg app testdata cleanup.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg app testdata cleanup.bru @@ -1,7 +1,7 @@ meta { name: tilg app testdata cleanup type: http - seq: 5 + seq: 6 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg can delegate altinn app they have access to.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg can delegate altinn app they have access to.bru index c53fc807..be4f2957 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg can delegate altinn app they have access to.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg can delegate altinn app they have access to.bru @@ -1,7 +1,7 @@ meta { name: tilg can delegate altinn app they have access to type: http - seq: 37 + seq: 38 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg can delegate resource they have access to.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg can delegate resource they have access to.bru index 325fefa3..33cf45c5 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg can delegate resource they have access to.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg can delegate resource they have access to.bru @@ -1,7 +1,7 @@ meta { name: tilg can delegate resource they have access to type: http - seq: 38 + seq: 39 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg cannot delegate app they don't have access to.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg cannot delegate app they don't have access to.bru index 5afa2f38..17eaa821 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg cannot delegate app they don't have access to.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg cannot delegate app they don't have access to.bru @@ -1,7 +1,7 @@ meta { name: tilg cannot delegate app they don't have access to type: http - seq: 39 + seq: 40 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg resource testdata cleanup.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg resource testdata cleanup.bru index 0c74a85b..7ef4cb23 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg resource testdata cleanup.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg resource testdata cleanup.bru @@ -1,7 +1,7 @@ meta { name: tilg resource testdata cleanup type: http - seq: 6 + seq: 7 } post { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg successfully delegated app and resource.bru b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg successfully delegated app and resource.bru index 4abc7d86..7acd25b3 100644 --- a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg successfully delegated app and resource.bru +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Automatic Test Collection/RightsInternal/tilg successfully delegated app and resource.bru @@ -1,7 +1,7 @@ meta { name: tilg successfully delegated app and resource type: http - seq: 40 + seq: 41 } get { diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Testdata/accesslist-delegation/at22.json b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Testdata/accesslist-delegation/at22.json new file mode 100644 index 00000000..c744d803 --- /dev/null +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Testdata/accesslist-delegation/at22.json @@ -0,0 +1,30 @@ +{ + "env": "at22", + "resource": "devtest_gar_bruno_accesslist_actionfilter", + "OrdentligUlasteligStruts": { + "orgno": "313776735", + "name": "ORDENTLIG ULASTELIG STRUTS LTD", + "partyid": 51655628, + "partyuuid": "5d99cf7c-2cce-42f7-a07b-516e52ece2e9", + "dagl": { + "pid": "12819498464", + "name": "KRAMPE VEIK", + "userid": 20012620, + "partyid": 50656486, + "partyuuid": "a30eea39-348b-444b-9342-8172f756a6f8" + } + }, + "SvenskGeniærklertTiger": { + "orgno": "313149293", + "name": "SVENSK GENIÆRKLERT TIGER AS", + "partyid": 51612302, + "partyuuid": "5d99cf7c-2cce-42f7-a07b-516e52ece2e9", + "dagl": { + "pid": "06886897918", + "name": "SYMPATISK KRYDDERMÅL", + "userid": 20012987, + "partyid": 50620007, + "partyuuid": "387734c6-6687-4493-8f72-e9dcc284242c" + } + } +} diff --git a/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Testdata/accesslist-delegation/tt02.json b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Testdata/accesslist-delegation/tt02.json new file mode 100644 index 00000000..b16245ba --- /dev/null +++ b/src/apps/Altinn.AccessManagement/test/Bruno/Altinn.AccessManagement/Testdata/accesslist-delegation/tt02.json @@ -0,0 +1,30 @@ +{ + "env": "tt02", + "resource": "devtest_gar_bruno_accesslist_actionfilter", + "OrdentligUlasteligStruts": { + "orgno": "313776735", + "name": "ORDENTLIG ULASTELIG STRUTS LTD", + "partyid": 51868999, + "partyuuid": "e5c0efcd-d806-48de-8476-9feb6a710d4c", + "dagl": { + "pid": "12819498464", + "name": "KRAMPE VEIK", + "userid": 1290037, + "partyid": 50669264, + "partyuuid": "39210c03-09df-4b8c-92a4-b0763e132ba6" + } + }, + "SvenskGeniærklertTiger": { + "orgno": "313149293", + "name": "SVENSK GENIÆRKLERT TIGER AS", + "partyid": 51825667, + "partyuuid": "02064b01-61f4-4504-b476-41d8f6aff823", + "dagl": { + "pid": "06886897918", + "name": "SYMPATISK KRYDDERMÅL", + "userid": 1429145, + "partyid": 50603108, + "partyuuid": "387734c6-6687-4493-8f72-e9dcc284242c" + } + } +}