Merge pull request #4066 from bodnara/fixMfaEnforceModule

fix(core): enforce mfa modul - correctly retrieve mfa categories

Author: HejdaJakub

perun-core/src/main/java/cz/metacentrum/perun/core/impl/modules/attributes/urn_perun_user_attribute_def_def_mfaEnforceSettings.java

@@ -4,13 +4,17 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import cz.metacentrum.perun.core.api.Attribute;
+import cz.metacentrum.perun.core.api.AttributesManager;
 import cz.metacentrum.perun.core.api.User;
+import cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException;
 import cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException;
 import cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException;
 import cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException;
 import cz.metacentrum.perun.core.impl.PerunSessionImpl;
 import cz.metacentrum.perun.core.implApi.modules.attributes.UserAttributesModuleAbstract;
 import cz.metacentrum.perun.core.implApi.modules.attributes.UserAttributesModuleImplApi;
+
+import java.util.Collections;
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.Map;
@@ -142,11 +146,21 @@ public void checkAttributeSemantics(PerunSessionImpl perunSession, User user, At
 			throw new WrongAttributeAssignmentException("Attribute " + attribute + "is incorrectly assigned.");
 		}
 
-		Attribute mfaCategories = perunSession.getPerunBl().getAttributesManagerBl().getEntitylessAttributes(perunSession, "mfaCategories").get(0);
-		String mfaSettingsValue = mfaCategories.valueAsString();
+
+		Attribute mfaCategory = null;
+		try {
+			Map<String, Attribute> mfaCategories = perunSession.getPerunBl().getAttributesManagerBl().getEntitylessAttributesWithKeys(perunSession, AttributesManager.NS_ENTITYLESS_ATTR_DEF + ":mfaCategories", Collections.singletonList("categories"));
+			mfaCategory = mfaCategories.get("categories");
+		} catch (AttributeNotExistsException e) {
+			throw new WrongReferenceAttributeValueException("Attribute mfa categories does not exist.");
+		}
+
+		if (mfaCategory == null) throw new WrongReferenceAttributeValueException("Attribute mfa categories does not have value for key categories.");
+
+		String mfaCategoryValue = mfaCategory.valueAsString();
 		try {
 			final ObjectMapper mapper = new ObjectMapper();
-			JsonNode mfaCategoriesNode = mapper.readTree(mfaSettingsValue).get("categories");
+			JsonNode mfaCategoriesNode = mapper.readTree(mfaCategoryValue);
 
 			// Iterate through categories and check that all included categories exist
 			for (Iterator<Map.Entry<String, JsonNode>> catIt = mfaCategoriesNode.fields(); catIt.hasNext(); ) {
@@ -171,7 +185,7 @@ public void checkAttributeSemantics(PerunSessionImpl perunSession, User user, At
 				throw new WrongReferenceAttributeValueException("Rps " + excludeRps + " do not exist inside included categories in mfaCategories attribute.");
 			}
 		} catch (JsonProcessingException e) {
-			throw new WrongAttributeAssignmentException("Attribute " + mfaCategories + "is incorrectly assigned.");
+			throw new WrongAttributeAssignmentException("Attribute " + mfaCategory + "is incorrectly assigned.");
 		}
 	}
 

perun-core/src/test/java/cz/metacentrum/perun/core/impl/modules/attributes/urn_perun_user_attribute_def_def_mfaEnforceSettingsTest.java

@@ -2,6 +2,8 @@
 
 import cz.metacentrum.perun.core.api.Attribute;
 import cz.metacentrum.perun.core.api.User;
+import cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException;
+import cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException;
 import cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException;
 import cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException;
 import cz.metacentrum.perun.core.impl.PerunSessionImpl;
@@ -24,16 +26,15 @@ public class urn_perun_user_attribute_def_def_mfaEnforceSettingsTest {
 	private static Attribute attributeToCheck;
 
 	@Before
-	public void setUp() {
+	public void setUp() throws WrongAttributeAssignmentException, AttributeNotExistsException {
 		classInstance = new urn_perun_user_attribute_def_def_mfaEnforceSettings();
 		session = mock(PerunSessionImpl.class, RETURNS_DEEP_STUBS);
 		user = new User();
 		attributeToCheck = new Attribute();
 
 
 		Attribute mockMfaCategories = new Attribute();
-		mockMfaCategories.setValue("{\"categories\":" +
-			"  {" +
+		mockMfaCategories.setValue("{" +
 			"    \"cat1\":" +
 			"    {" +
 			"      \"label\": {\"en\": \"cat1_en_label\"}," +
@@ -50,11 +51,10 @@ public void setUp() {
 			"      {" +
 			"        \"cat2_rps1\": {\"en\":\"cat2_rps1_en_label\"}" +
 			"      }" +
-			"    }" +
-			"  }" +
+			"    }" + "  " +
 			"}");
-		when(session.getPerunBl().getAttributesManagerBl().getEntitylessAttributes(any(), any()))
-			.thenReturn(Collections.singletonList(mockMfaCategories));
+		when(session.getPerunBl().getAttributesManagerBl().getEntitylessAttributesWithKeys(any(), any(), any()))
+			.thenReturn(Collections.singletonMap("categories", mockMfaCategories));
 	}
 
 	@Test