OH2-395 | Add new method to update(assign/revolke) user group permiss…

…ions (#1426)

* update(OH2-395): Add method to user group permissions

* styles: Reformat code

* styles: Fix indent

* update: Update group permissions update method and add params to replace

* chore: Replace var usage with explicit types and update code styles settings

* update: Add group permissions upate tests

* update: Update group permissions update tests

---------

Co-authored-by: SteveGT96 <[email protected]>

.ide-settings/idea/OpenHospital-code-style-configuration.xml

@@ -73,7 +73,7 @@
     <option name="ASSERT_STATEMENT_COLON_ON_NEXT_LINE" value="true" />
     <option name="VARIABLE_ANNOTATION_WRAP" value="2" />
     <indentOptions>
-      <option name="CONTINUATION_INDENT_SIZE" value="16" />
+      <option name="CONTINUATION_INDENT_SIZE" value="4" />
       <option name="USE_TAB_CHARACTER" value="true" />
     </indentOptions>
   </codeStyleSettings>

src/main/java/org/isf/permissions/manager/GroupPermissionManager.java

@@ -28,18 +28,23 @@
 import org.isf.permissions.model.GroupPermission;
 import org.isf.permissions.model.Permission;
 import org.isf.permissions.service.GroupPermissionIoOperations;
+import org.isf.permissions.service.PermissionIoOperations;
 import org.isf.utils.exception.OHDataValidationException;
 import org.isf.utils.exception.OHServiceException;
 import org.isf.utils.exception.model.OHExceptionMessage;
 import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
 
 @Component
 public class GroupPermissionManager {
 
 	private final GroupPermissionIoOperations operations;
 
-	public GroupPermissionManager(GroupPermissionIoOperations groupPermissionIoOperations) {
+	private final PermissionIoOperations permissionOperations;
+
+	public GroupPermissionManager(GroupPermissionIoOperations groupPermissionIoOperations, PermissionIoOperations permissionIoOperations) {
 		this.operations = groupPermissionIoOperations;
+		this.permissionOperations = permissionIoOperations;
 	}
 
 	public List<GroupPermission> findByIdIn(List<Integer> ids) throws OHServiceException {
@@ -61,7 +66,7 @@ public GroupPermission findById(int id) {
 	public GroupPermission create(UserGroup userGroup, Permission permission) throws OHDataValidationException {
 		if (operations.existsByUserGroupCodeAndPermissionId(userGroup.getCode(), permission.getId())) {
 			throw new OHDataValidationException(
-					new OHExceptionMessage(MessageBundle.getMessage("usergroup.permissionalreadyassigned"))
+				new OHExceptionMessage(MessageBundle.getMessage("usergroup.permissionalreadyassigned"))
 			);
 		}
 
@@ -72,12 +77,34 @@ public GroupPermission create(UserGroup userGroup, Permission permission) throws
 		return operations.create(groupPermission);
 	}
 
+	@Transactional
+	public List<Permission> update(UserGroup userGroup, List<Integer> permissionIds, Boolean replace) throws OHDataValidationException {
+
+		List<Permission> permissions = permissionOperations.findByIdIn(permissionIds).stream().toList();
+
+		List<GroupPermission> groupPermissions = operations.findUserGroupPermissions(userGroup.getCode()).stream().toList();
+
+		List<GroupPermission> permissionsToAssign = permissions.stream()
+			.filter(item -> groupPermissions.stream().noneMatch(groupPermission -> groupPermission.getPermission().getId() == item.getId())).map(
+				permission -> new GroupPermission(userGroup, permission)
+			).toList();
+		operations.createAll(permissionsToAssign);
+
+		if (replace) {
+			List<GroupPermission> permissionsToRemove = groupPermissions.stream()
+				.filter(item -> permissions.stream().noneMatch(permission -> permission.getId() == item.getPermission().getId())).toList();
+			operations.deleteAll(permissionsToRemove);
+		}
+
+		return operations.findUserGroupPermissions(userGroup.getCode()).stream().map(GroupPermission::getPermission).toList();
+	}
+
 	public void delete(UserGroup userGroup, Permission permission) throws OHDataValidationException {
 		GroupPermission groupPermission = operations.findByUserGroupCodeAndPermissionId(userGroup.getCode(), permission.getId());
 
 		if (groupPermission == null) {
 			throw new OHDataValidationException(
-					new OHExceptionMessage(MessageBundle.getMessage("usergroup.permissionnotassigned"))
+				new OHExceptionMessage(MessageBundle.getMessage("usergroup.permissionnotassigned"))
 			);
 		}
 

src/main/java/org/isf/permissions/model/GroupPermission.java

@@ -56,9 +56,17 @@ public class GroupPermission extends Auditable<String> {
 
 	@NotNull
 	@ManyToOne
-	@JoinColumn(name = "GP_P_ID_A", referencedColumnName="P_ID_A")
+	@JoinColumn(name = "GP_P_ID_A", referencedColumnName = "P_ID_A")
 	private Permission permission;
 
+	public GroupPermission() {
+	}
+
+	public GroupPermission(UserGroup userGroup, Permission permission) {
+		this.userGroup = userGroup;
+		this.permission = permission;
+	}
+
 	public int getId() {
 		return id;
 	}
@@ -82,7 +90,5 @@ public UserGroup getUserGroup() {
 	public void setUserGroup(UserGroup userGroup) {
 		this.userGroup = userGroup;
 	}
-
-
 
 }

src/main/java/org/isf/permissions/model/Permission.java

@@ -43,18 +43,18 @@
 @AttributeOverride(name = "lastModifiedDate", column = @Column(name = "P_LAST_MODIFIED_DATE"))
 @AttributeOverride(name = "active", column = @Column(name = "P_ACTIVE"))
 public class Permission extends Auditable<String> {
-	
+
 	@Id
 	@GeneratedValue(strategy = GenerationType.IDENTITY)
 	@Column(name = "P_ID_A")
 	private int id;
 
-	@Column(name="P_NAME")
-	private String name;	
+	@Column(name = "P_NAME")
+	private String name;
 
-	@Column(name="P_DESCRIPTION")
+	@Column(name = "P_DESCRIPTION")
 	private String description;
-	
+
 	@OneToMany(mappedBy = "permission", cascade = CascadeType.REMOVE)
 	private List<GroupPermission> groupPermission;
 
@@ -88,8 +88,6 @@ public List<GroupPermission> getGroupPermission() {
 
 	public void setGroupPermission(List<GroupPermission> groupPermission) {
 		this.groupPermission = groupPermission;
-	}	
-
-
+	}
 
 }

src/main/java/org/isf/permissions/service/GroupPermissionIoOperations.java

@@ -22,6 +22,7 @@
 package org.isf.permissions.service;
 
 import java.util.List;
+
 import org.isf.menu.model.UserGroup;
 import org.isf.permissions.model.GroupPermission;
 import org.isf.utils.db.TranslateOHServiceException;
@@ -60,10 +61,18 @@ public GroupPermission create(GroupPermission groupPermission) {
 		return repository.save(groupPermission);
 	}
 
+	public List<GroupPermission> createAll(List<GroupPermission> groupPermissions) {
+		return repository.saveAll(groupPermissions);
+	}
+
 	public void delete(GroupPermission groupPermission) {
 		repository.delete(groupPermission);
 	}
 
+	public void deleteAll(List<GroupPermission> groupPermissions) {
+		repository.deleteAll(groupPermissions);
+	}
+
 	public boolean existsByUserGroupCodeAndPermissionId(String groupCode, int permissionId) {
 		return repository.existsByUserGroupCodeAndPermissionId(groupCode, permissionId);
 	}

src/main/java/org/isf/permissions/service/PermissionIoOperationRepository.java

@@ -32,6 +32,8 @@
 @Repository
 public interface PermissionIoOperationRepository extends JpaRepository<Permission, Integer> {
 
+	List<Permission> findByIdIn(List<Integer> ids);
+
 	@Query(value = "FROM Permission p WHERE p.active=1 and p.id in (select permission.id from GroupPermission where active=1 and userGroup.code like :userGroupCode)")
 	List<Permission> findAllByUserGroupCode(@Param("userGroupCode") String userGroupCode);
 

src/main/java/org/isf/permissions/service/PermissionIoOperations.java

@@ -22,6 +22,7 @@
 package org.isf.permissions.service;
 
 import java.util.List;
+
 import org.isf.permissions.model.Permission;
 import org.isf.utils.db.TranslateOHServiceException;
 import org.isf.utils.exception.OHServiceException;
@@ -39,6 +40,10 @@ public PermissionIoOperations(PermissionIoOperationRepository permissionIoOperat
 		this.repository = permissionIoOperationRepository;
 	}
 
+	public List<Permission> findByIdIn(List<Integer> ids) {
+		return repository.findByIdIn(ids);
+	}
+
 	public List<Permission> retrivePermisionsByGroupCode(String userGropupCode) throws OHServiceException {
 		return repository.findAllByUserGroupCode(userGropupCode);
 	}

src/test/java/org/isf/permissions/TestGroupPermissionManager.java

@@ -27,20 +27,28 @@
 import java.util.List;
 
 import org.isf.OHCoreTestCase;
+import org.isf.menu.manager.UserGroupManager;
+import org.isf.menu.model.UserGroup;
 import org.isf.permissions.manager.GroupPermissionManager;
 import org.isf.permissions.model.GroupPermission;
+import org.isf.permissions.model.Permission;
 import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 
 class TestGroupPermissionManager extends OHCoreTestCase {
 
+	@Autowired
+	UserGroupManager userGroupManager;
+
 	@Autowired
 	GroupPermissionManager groupPermissionManager;
 
 	@BeforeEach
 	void setUp() {
 		cleanH2InMemoryDb();
+		executeSQLScript("LoadGroupTable.sql");
 		executeSQLScript("LoadPermissionTables.sql");
 	}
 
@@ -53,4 +61,26 @@ void testFindByIdIn() throws Exception {
 		assertThat(groupPermissionList).isNotEmpty();
 		assertThat(groupPermissionList).hasSize(2);
 	}
+
+	@Test
+	@DisplayName("Update group permissions")
+	void updateGroupPermissions() throws Exception {
+		UserGroup userGroup = userGroupManager.findByIdIn(List.of("admin")).stream().findFirst().orElseGet(() -> null);
+		List<Integer> permissionsIds = List.of(10, 11, 12);
+		assertThat(userGroup).isNotNull();
+		List<GroupPermission> groupPermissions = groupPermissionManager.findUserGroupPermissions(userGroup.getCode());
+		List<Permission> permissions = groupPermissionManager.update(userGroup, permissionsIds, false);
+		assertThat(permissions).isNotEmpty();
+		assertThat(permissions).hasSize(groupPermissions.size());
+
+		permissions = groupPermissionManager.update(userGroup, List.of(10), true);
+		assertThat(permissions).hasSize(1);
+
+		permissions = groupPermissionManager.update(userGroup, List.of(11, 12), true);
+		assertThat(permissions).hasSize(2);
+		assertThat(permissions.stream().allMatch(item -> List.of(11, 12).contains(item.getId()))).isTrue();
+
+		permissions = groupPermissionManager.update(userGroup, permissionsIds, false);
+		assertThat(permissions).hasSize(permissionsIds.size());
+	}
 }

src/test/resources/org/isf/permissions/LoadGroupTable.sql

@@ -0,0 +1,4 @@
+INSERT INTO `oh_usergroup` (`UG_ID_A`, `UG_DESC`, `UG_CREATED_BY`, `UG_CREATED_DATE`, `UG_LAST_MODIFIED_BY`, `UG_LAST_MODIFIED_DATE`, `UG_ACTIVE`) VALUES ('admin','USER with all the privileges',NULL,NULL,NULL,NULL,1);
+INSERT INTO `oh_usergroup` (`UG_ID_A`, `UG_DESC`, `UG_CREATED_BY`, `UG_CREATED_DATE`, `UG_LAST_MODIFIED_BY`, `UG_LAST_MODIFIED_DATE`, `UG_ACTIVE`) VALUES ('doctor','Access everywhere except the laboratory',NULL,NULL,NULL,NULL,1);
+INSERT INTO `oh_usergroup` (`UG_ID_A`, `UG_DESC`, `UG_CREATED_BY`, `UG_CREATED_DATE`, `UG_LAST_MODIFIED_BY`, `UG_LAST_MODIFIED_DATE`, `UG_ACTIVE`) VALUES ('guest','Read Only Users',NULL,NULL,NULL,NULL,1);
+INSERT INTO `oh_usergroup` (`UG_ID_A`, `UG_DESC`, `UG_CREATED_BY`, `UG_CREATED_DATE`, `UG_LAST_MODIFIED_BY`, `UG_LAST_MODIFIED_DATE`, `UG_ACTIVE`) VALUES ('laboratorist','Access only laboratory',NULL,NULL,NULL,NULL,1);