remove PermissionDataGetADM

integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderSpec.scala

@@ -7,8 +7,10 @@ package org.knora.webapi.responders.admin
 
 import org.apache.pekko.actor.Status.Failure
 import org.apache.pekko.testkit.ImplicitSender
+import zio.Chunk
 import zio.NonEmptyChunk
 import zio.ZIO
+import zio.prelude.ForEachOps
 
 import java.util.UUID
 import scala.collection.Map
@@ -17,6 +19,7 @@ import dsp.errors.BadRequestException
 import dsp.errors.DuplicateValueException
 import dsp.errors.ForbiddenException
 import dsp.errors.NotFoundException
+import dsp.valueobjects.LanguageCode
 import org.knora.webapi._
 import org.knora.webapi.messages.OntologyConstants
 import org.knora.webapi.messages.admin.responder.permissionsmessages._
@@ -33,10 +36,19 @@ import org.knora.webapi.sharedtestdata.SharedTestDataADM.incunabulaMemberUser
 import org.knora.webapi.sharedtestdata.SharedTestDataADM.normalUser
 import org.knora.webapi.sharedtestdata.SharedTestDataADM2
 import org.knora.webapi.slice.admin.api.service.PermissionsRestService
+import org.knora.webapi.slice.admin.domain.model.Email
+import org.knora.webapi.slice.admin.domain.model.FamilyName
+import org.knora.webapi.slice.admin.domain.model.GivenName
 import org.knora.webapi.slice.admin.domain.model.GroupIri
 import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri
+import org.knora.webapi.slice.admin.domain.model.KnoraUser
+import org.knora.webapi.slice.admin.domain.model.PasswordHash
 import org.knora.webapi.slice.admin.domain.model.Permission
 import org.knora.webapi.slice.admin.domain.model.PermissionIri
+import org.knora.webapi.slice.admin.domain.model.SystemAdmin
+import org.knora.webapi.slice.admin.domain.model.UserIri
+import org.knora.webapi.slice.admin.domain.model.UserStatus
+import org.knora.webapi.slice.admin.domain.model.Username
 import org.knora.webapi.slice.admin.domain.service.KnoraGroupRepo
 import org.knora.webapi.util.ZioScalaTestUtil.assertFailsWithA
 
@@ -61,97 +73,166 @@ class PermissionsResponderSpec extends CoreSpec with ImplicitSender {
   )
 
   private val PermissionsRestService = ZIO.serviceWithZIO[PermissionsRestService]
+  private val PermissionResponder    = ZIO.serviceWithZIO[PermissionsResponder]
 
   "The PermissionsResponderADM" when {
 
     "ask about the permission profile" should {
 
+      def createDummyUser(
+        isInProject: Iterable[IRI],
+        isInGroup: Iterable[IRI],
+        systemAdmin: SystemAdmin,
+        isInProjectAdminGroup: Iterable[IRI],
+      ) = KnoraUser(
+        UserIri.unsafeFrom("http://rdfh.ch/users/dummy"),
+        Username.unsafeFrom("dummy"),
+        Email.unsafeFrom("[email protected]"),
+        FamilyName.unsafeFrom("dummy"),
+        GivenName.unsafeFrom("dummy"),
+        PasswordHash.unsafeFrom("dummy"),
+        LanguageCode.en,
+        UserStatus.Active,
+        isInProject.map(ProjectIri.unsafeFrom).toChunk,
+        isInGroup.map(GroupIri.unsafeFrom).toChunk,
+        systemAdmin,
+        isInProjectAdminGroup.map(ProjectIri.unsafeFrom).toChunk,
+      )
+
       "return the permissions profile (root user)" in {
-        appActor ! PermissionDataGetADM(
-          projectIris = SharedTestDataADM2.rootUser.projects_info.keys.toSeq,
-          groupIris = SharedTestDataADM2.rootUser.groups,
-          isInProjectAdminGroups = Seq.empty[IRI],
-          isInSystemAdminGroup = true,
-          requestingUser = KnoraSystemInstances.Users.SystemUser,
+        val actual = UnsafeZioRun.runOrThrow(
+          PermissionResponder(
+            _.getPermissionData(
+              createDummyUser(
+                SharedTestDataADM2.rootUser.projects_info.keys,
+                SharedTestDataADM2.rootUser.groups,
+                SystemAdmin.IsSystemAdmin,
+                Chunk.empty,
+              ),
+            ),
+          ),
         )
-        expectMsg(SharedTestDataADM2.rootUser.permissionData)
+
+        assert(actual == SharedTestDataADM2.rootUser.permissionData)
       }
 
       "return the permissions profile (multi group user)" in {
-        appActor ! PermissionDataGetADM(
-          projectIris = SharedTestDataADM2.multiuserUser.projects_info.keys.toSeq,
-          groupIris = SharedTestDataADM2.multiuserUser.groups,
-          isInProjectAdminGroups = Seq(SharedTestDataADM.incunabulaProjectIri, imagesProjectIri),
-          isInSystemAdminGroup = false,
-          requestingUser = KnoraSystemInstances.Users.SystemUser,
+        val actual = UnsafeZioRun.runOrThrow(
+          PermissionResponder(
+            _.getPermissionData(
+              createDummyUser(
+                SharedTestDataADM2.multiuserUser.projects_info.keys,
+                SharedTestDataADM2.multiuserUser.groups,
+                SystemAdmin.IsNotSystemAdmin,
+                Chunk(SharedTestDataADM.incunabulaProjectIri, imagesProjectIri),
+              ),
+            ),
+          ),
         )
-        expectMsg(SharedTestDataADM2.multiuserUser.permissionData)
+
+        assert(actual == SharedTestDataADM2.multiuserUser.permissionData)
       }
 
       "return the permissions profile (incunabula project admin user)" in {
-        appActor ! PermissionDataGetADM(
-          projectIris = SharedTestDataADM2.incunabulaProjectAdminUser.projects_info.keys.toSeq,
-          groupIris = SharedTestDataADM2.incunabulaProjectAdminUser.groups,
-          isInProjectAdminGroups = Seq(SharedTestDataADM.incunabulaProjectIri),
-          isInSystemAdminGroup = false,
-          requestingUser = KnoraSystemInstances.Users.SystemUser,
+        val actual = UnsafeZioRun.runOrThrow(
+          PermissionResponder(
+            _.getPermissionData(
+              createDummyUser(
+                SharedTestDataADM2.incunabulaProjectAdminUser.projects_info.keys,
+                SharedTestDataADM2.incunabulaProjectAdminUser.groups,
+                SystemAdmin.IsNotSystemAdmin,
+                Chunk(SharedTestDataADM.incunabulaProjectIri),
+              ),
+            ),
+          ),
         )
-        expectMsg(SharedTestDataADM2.incunabulaProjectAdminUser.permissionData)
+
+        assert(actual == SharedTestDataADM2.incunabulaProjectAdminUser.permissionData)
       }
 
       "return the permissions profile (incunabula creator user)" in {
-        appActor ! PermissionDataGetADM(
-          projectIris = SharedTestDataADM2.incunabulaProjectAdminUser.projects_info.keys.toSeq,
-          groupIris = SharedTestDataADM2.incunabulaCreatorUser.groups,
-          isInProjectAdminGroups = Seq.empty[IRI],
-          isInSystemAdminGroup = false,
-          requestingUser = KnoraSystemInstances.Users.SystemUser,
+        val actual = UnsafeZioRun.runOrThrow(
+          PermissionResponder(
+            _.getPermissionData(
+              createDummyUser(
+                SharedTestDataADM2.incunabulaProjectAdminUser.projects_info.keys,
+                SharedTestDataADM2.incunabulaCreatorUser.groups,
+                SystemAdmin.IsNotSystemAdmin,
+                Chunk.empty,
+              ),
+            ),
+          ),
         )
-        expectMsg(SharedTestDataADM2.incunabulaCreatorUser.permissionData)
+
+        assert(actual == SharedTestDataADM2.incunabulaCreatorUser.permissionData)
       }
 
       "return the permissions profile (incunabula normal project member user)" in {
-        appActor ! PermissionDataGetADM(
-          projectIris = SharedTestDataADM2.incunabulaProjectAdminUser.projects_info.keys.toSeq,
-          groupIris = SharedTestDataADM2.incunabulaMemberUser.groups,
-          isInProjectAdminGroups = Seq.empty[IRI],
-          isInSystemAdminGroup = false,
-          requestingUser = KnoraSystemInstances.Users.SystemUser,
+        val actual = UnsafeZioRun.runOrThrow(
+          PermissionResponder(
+            _.getPermissionData(
+              createDummyUser(
+                SharedTestDataADM2.incunabulaProjectAdminUser.projects_info.keys,
+                SharedTestDataADM2.incunabulaMemberUser.groups,
+                SystemAdmin.IsNotSystemAdmin,
+                Chunk.empty,
+              ),
+            ),
+          ),
         )
-        expectMsg(SharedTestDataADM2.incunabulaMemberUser.permissionData)
+
+        assert(actual == SharedTestDataADM2.incunabulaMemberUser.permissionData)
       }
 
       "return the permissions profile (images user 01)" in {
-        appActor ! PermissionDataGetADM(
-          projectIris = SharedTestDataADM2.imagesUser01.projects_info.keys.toSeq,
-          groupIris = SharedTestDataADM2.imagesUser01.groups,
-          isInProjectAdminGroups = Seq(imagesProjectIri),
-          isInSystemAdminGroup = false,
-          requestingUser = KnoraSystemInstances.Users.SystemUser,
+        val actual = UnsafeZioRun.runOrThrow(
+          PermissionResponder(
+            _.getPermissionData(
+              createDummyUser(
+                SharedTestDataADM2.imagesUser01.projects_info.keys,
+                SharedTestDataADM2.imagesUser01.groups,
+                SystemAdmin.IsNotSystemAdmin,
+                Chunk(imagesProjectIri),
+              ),
+            ),
+          ),
         )
-        expectMsg(SharedTestDataADM2.imagesUser01.permissionData)
+
+        assert(actual == SharedTestDataADM2.imagesUser01.permissionData)
       }
 
       "return the permissions profile (images-reviewer-user)" in {
-        appActor ! PermissionDataGetADM(
-          projectIris = SharedTestDataADM2.imagesReviewerUser.projects_info.keys.toSeq,
-          groupIris = SharedTestDataADM2.imagesReviewerUser.groups,
-          isInProjectAdminGroups = Seq.empty[IRI],
-          isInSystemAdminGroup = false,
-          requestingUser = KnoraSystemInstances.Users.SystemUser,
+        val actual = UnsafeZioRun.runOrThrow(
+          PermissionResponder(
+            _.getPermissionData(
+              createDummyUser(
+                SharedTestDataADM2.imagesReviewerUser.projects_info.keys,
+                SharedTestDataADM2.imagesReviewerUser.groups,
+                SystemAdmin.IsNotSystemAdmin,
+                Chunk.empty,
+              ),
+            ),
+          ),
         )
-        expectMsg(SharedTestDataADM2.imagesReviewerUser.permissionData)
+
+        assert(actual == SharedTestDataADM2.imagesReviewerUser.permissionData)
       }
 
       "return the permissions profile (anything user 01)" in {
-        appActor ! PermissionDataGetADM(
-          projectIris = SharedTestDataADM2.anythingUser1.projects_info.keys.toSeq,
-          groupIris = SharedTestDataADM2.anythingUser1.groups,
-          isInProjectAdminGroups = Seq.empty[IRI],
-          isInSystemAdminGroup = false,
-          requestingUser = KnoraSystemInstances.Users.SystemUser,
+        val actual = UnsafeZioRun.runOrThrow(
+          PermissionResponder(
+            _.getPermissionData(
+              createDummyUser(
+                SharedTestDataADM2.anythingUser1.projects_info.keys,
+                SharedTestDataADM2.anythingUser1.groups,
+                SystemAdmin.IsNotSystemAdmin,
+                Chunk.empty,
+              ),
+            ),
+          ),
         )
-        expectMsg(SharedTestDataADM2.anythingUser1.permissionData)
+
+        assert(actual == SharedTestDataADM2.anythingUser1.permissionData)
       }
     }
     "ask for userAdministrativePermissionsGetADM" should {

webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala

@@ -140,25 +140,6 @@ case class ChangePermissionPropertyApiRequestADM(forProperty: IRI) extends Permi
  */
 sealed trait PermissionsResponderRequestADM extends KnoraRequestADM with RelayedMessage
 
-/**
- * A message that requests the user's [[PermissionsDataADM]].
- *
- * @param projectIris            the projects the user is part of.
- * @param groupIris              the groups the user is member of.
- * @param isInProjectAdminGroups the projects for which the user is member of the ProjectAdmin group.
- * @param isInSystemAdminGroup   the flag denoting users membership in the SystemAdmin group.
- */
-case class PermissionDataGetADM(
-  projectIris: Seq[IRI],
-  groupIris: Seq[IRI],
-  isInProjectAdminGroups: Seq[IRI],
-  isInSystemAdminGroup: Boolean,
-  requestingUser: User,
-) extends PermissionsResponderRequestADM {
-
-  if (!requestingUser.isSystemUser) throw ForbiddenException("Permission data can only by queried by a SystemUser.")
-}
-
 // Administrative Permissions
 
 /**

webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponder.scala

@@ -6,8 +6,12 @@
 package org.knora.webapi.responders.admin
 
 import com.typesafe.scalalogging.LazyLogging
+import zio._
+
+import java.util.UUID
+import scala.collection.mutable.ListBuffer
+
 import dsp.errors._
-import dsp.valueobjects.LanguageCode
 import org.knora.webapi._
 import org.knora.webapi.config.AppConfig
 import org.knora.webapi.core.MessageHandler
@@ -27,20 +31,12 @@ import org.knora.webapi.responders.IriLocker
 import org.knora.webapi.responders.IriService
 import org.knora.webapi.responders.Responder
 import org.knora.webapi.slice.admin.AdminConstants
-import org.knora.webapi.slice.admin.domain.model.Email
-import org.knora.webapi.slice.admin.domain.model.FamilyName
-import org.knora.webapi.slice.admin.domain.model.GivenName
 import org.knora.webapi.slice.admin.domain.model.GroupIri
 import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri
 import org.knora.webapi.slice.admin.domain.model.KnoraUser
-import org.knora.webapi.slice.admin.domain.model.PasswordHash
 import org.knora.webapi.slice.admin.domain.model.Permission
 import org.knora.webapi.slice.admin.domain.model.PermissionIri
-import org.knora.webapi.slice.admin.domain.model.SystemAdmin
 import org.knora.webapi.slice.admin.domain.model.User
-import org.knora.webapi.slice.admin.domain.model.UserIri
-import org.knora.webapi.slice.admin.domain.model.UserStatus
-import org.knora.webapi.slice.admin.domain.model.Username
 import org.knora.webapi.slice.admin.domain.service.AdministrativePermissionService
 import org.knora.webapi.slice.admin.domain.service.GroupService
 import org.knora.webapi.slice.admin.domain.service.KnoraGroupRepo._
@@ -54,11 +50,6 @@ import org.knora.webapi.store.triplestore.api.TriplestoreService.Queries.Constru
 import org.knora.webapi.store.triplestore.api.TriplestoreService.Queries.Select
 import org.knora.webapi.store.triplestore.api.TriplestoreService.Queries.Update
 import org.knora.webapi.util.ZioHelper
-import zio._
-import zio.prelude.ForEachOps
-
-import java.util.UUID
-import scala.collection.mutable.ListBuffer
 
 final case class PermissionsResponder(
   appConfig: AppConfig,
@@ -83,33 +74,6 @@ final case class PermissionsResponder(
     message.isInstanceOf[PermissionsResponderRequestADM]
 
   override def handle(msg: ResponderRequest): Task[Any] = msg match {
-    case PermissionDataGetADM(
-          projectIris,
-          groupIris,
-          projectAdminIris,
-          isSystemAdmin,
-          _,
-        ) => {
-      val isInProject           = projectIris.map(ProjectIri.unsafeFrom).toChunk
-      val isInSystemAdminGroup  = SystemAdmin.from(isSystemAdmin)
-      val isInProjectAdminGroup = projectAdminIris.map(ProjectIri.unsafeFrom).toChunk
-      val isInGroups            = groupIris.map(GroupIri.unsafeFrom).toChunk
-      val user = KnoraUser(
-        UserIri.unsafeFrom("http://rdfh.ch/users/dummy"),
-        Username.unsafeFrom("dummy"),
-        Email.unsafeFrom("[email protected]"),
-        FamilyName.unsafeFrom("dummy"),
-        GivenName.unsafeFrom("dummy"),
-        PasswordHash.unsafeFrom("dummy"),
-        LanguageCode.en,
-        UserStatus.Active,
-        isInProject,
-        isInGroups,
-        isInSystemAdminGroup,
-        isInProjectAdminGroup,
-      )
-      getPermissionData(user)
-    }
     case AdministrativePermissionForIriGetRequestADM(administrativePermissionIri, requestingUser, _) =>
       administrativePermissionForIriGetRequestADM(administrativePermissionIri, requestingUser)
     case ObjectAccessPermissionsForResourceGetADM(resourceIri, requestingUser) =>