altinn:/notifications.create -> serviceowner scope

Altinn · Oct 27, 2023 · 215bb17 · 215bb17
1 parent 69b3bd8
commit 215bb17
Show file tree

Hide file tree

Showing 9 changed files with 25 additions and 30 deletions.
diff --git a/src/Altinn.Notifications.Persistence/Extensions/ServiceCollectionExtensions.cs b/src/Altinn.Notifications.Persistence/Extensions/ServiceCollectionExtensions.cs
@@ -1,6 +1,5 @@
 using Altinn.Notifications.Core.Repository.Interfaces;
 using Altinn.Notifications.Persistence.Configuration;
-using Altinn.Notifications.Persistence.Health;
 using Altinn.Notifications.Persistence.Repository;
 
 using Microsoft.Extensions.Configuration;
@@ -45,11 +44,7 @@ public static void AddPostgresHealthChecks(this IServiceCollection services, ICo
             .Get<PostgreSqlSettings>()
             ?? throw new ArgumentNullException(nameof(config), "Required PostgreSQLSettings is missing from application configuration");
 
-        string connectionString = string.Format(settings.ConnectionString, settings.NotificationsDbPwd);
-
-        var dataSourceBuilder = new NpgsqlDataSourceBuilder(connectionString);
-
         services.AddHealthChecks()
-            .AddCheck("notifications_postgres_health_check", new PostgresHealthCheck(dataSourceBuilder.Build()));
+             .AddNpgSql(string.Format(string.Format(settings.ConnectionString, settings.NotificationsDbPwd)), name: "notifications_postgres_health_check");
     }
 }
diff --git a/src/Altinn.Notifications/Configuration/AuthorizationConstants.cs b/src/Altinn.Notifications/Configuration/AuthorizationConstants.cs
@@ -13,6 +13,6 @@ public static class AuthorizationConstants
         /// <summary>
         /// Scope for allowing access to creating notifications
         /// </summary>
-        public const string SCOPE_NOTIFICATIONS_CREATE = "altinn:notifications.create";
+        public const string SCOPE_NOTIFICATIONS_CREATE = "altinn:serviceowner/notifications.create";
     }
 }
diff --git a/...Notifications/EmailNotificationsOrderController/EmailNotificationOrdersControllerTests.cs b/...Notifications/EmailNotificationsOrderController/EmailNotificationOrdersControllerTests.cs
@@ -106,7 +106,7 @@ public async Task Post_InvalidScopeInToken_Forbidden()
     public async Task Post_EmptyBody_BadRequest()
     {
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Post, _basePath)
         {
@@ -132,7 +132,7 @@ public async Task Post_ValidationReturnsError_BadRequest()
             .Returns(new ValidationResult(new List<ValidationFailure> { new ValidationFailure("SomeProperty", "SomeError") }));
 
         HttpClient client = GetTestClient(validator.Object);
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Post, _basePath)
         {
@@ -177,7 +177,7 @@ public async Task Post_ServiceReturnsError_ServerError()
             .ReturnsAsync((null, new ServiceError(500)));
 
         HttpClient client = GetTestClient(orderService: serviceMock.Object);
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Post, _basePath)
         {
@@ -210,7 +210,7 @@ public async Task Post_ValidScope_ServiceReturnsOrder_Accepted()
             .ReturnsAsync((_order, null));
 
         HttpClient client = GetTestClient(orderService: serviceMock.Object);
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Post, _basePath)
         {
@@ -223,7 +223,7 @@ public async Task Post_ValidScope_ServiceReturnsOrder_Accepted()
 
         // Assert
         Assert.Equal(HttpStatusCode.Accepted, response.StatusCode);
-        OrderIdExt? orderIdObjectExt = JsonSerializer.Deserialize<OrderIdExt>(respoonseString);     
+        OrderIdExt? orderIdObjectExt = JsonSerializer.Deserialize<OrderIdExt>(respoonseString);
         Assert.NotNull(orderIdObjectExt);
         Assert.Equal(_order.Id, orderIdObjectExt.OrderId);
         Assert.Equal("http://localhost:5090/notifications/api/v1/orders/" + _order.Id, response.Headers?.Location?.ToString());
@@ -262,7 +262,7 @@ public async Task Post_ValidAccessToken_ServiceReturnsOrder_Accepted()
 
         // Assert
         Assert.Equal(HttpStatusCode.Accepted, response.StatusCode);
-        OrderIdExt? orderIdObjectExt = JsonSerializer.Deserialize<OrderIdExt>(respoonseString);      
+        OrderIdExt? orderIdObjectExt = JsonSerializer.Deserialize<OrderIdExt>(respoonseString);
         Assert.NotNull(orderIdObjectExt);
         Assert.Equal(_order.Id, orderIdObjectExt.OrderId);
         Assert.Equal("http://localhost:5090/notifications/api/v1/orders/" + _order.Id, response.Headers?.Location?.ToString());
@@ -289,7 +289,7 @@ public async Task Post_OrderWithoutFromAddress_StringEmptyUsedAsServiceInput_Acc
             .ReturnsAsync((_order, null));
 
         HttpClient client = GetTestClient(orderService: serviceMock.Object);
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         EmailNotificationOrderRequestExt request = new()
         {

diff --git a/...tifications.IntegrationTests/Notifications/EmailNotificationsOrderController/PostTests.cs b/...tifications.IntegrationTests/Notifications/EmailNotificationsOrderController/PostTests.cs
@@ -67,7 +67,7 @@ public async Task Post_ServiceReturnsOrderWIthId_Accepted()
     {
         // Arrange
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Post, _basePath)
         {
@@ -90,7 +90,7 @@ public async Task Post_OrderWithoutSendersRef_Accepted()
     {
         // Arrange
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Post, _basePath)
         {

diff --git a/test/Altinn.Notifications.IntegrationTests/Notifications/OrdersController/GetByIdTests.cs b/test/Altinn.Notifications.IntegrationTests/Notifications/OrdersController/GetByIdTests.cs
@@ -42,7 +42,7 @@ public async Task GetById_NoMatchInDb_ReturnsNotFound()
         string uri = $"{_basePath}/{Guid.NewGuid()}";
 
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, uri);
 
@@ -86,7 +86,7 @@ public async Task GetById_SingleMatchInDb_ReturnsOk()
         string uri = $"{_basePath}/{persistedOrder.Id}";
 
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, uri);
 

diff --git a/...inn.Notifications.IntegrationTests/Notifications/OrdersController/GetBySendersRefTests.cs b/...inn.Notifications.IntegrationTests/Notifications/OrdersController/GetBySendersRefTests.cs
@@ -41,7 +41,7 @@ public async Task GetBySendersRef_NoMatchInDb_ReturnsOK_EmptyList()
         string sendersReference = $"{_sendersRefBase}-{Guid.NewGuid()}";
 
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         string uri = $"{_basePath}?sendersReference={sendersReference}";
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, uri);
@@ -65,7 +65,7 @@ public async Task GetBySendersRef_SingleMatchInDb_ReturnsOk_SingleElementInlList
         NotificationOrder persistedOrder = await PostgreUtil.PopulateDBWithOrder(sendersReference: sendersReference);
 
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         string uri = $"{_basePath}?sendersReference={sendersReference}";
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, uri);
@@ -92,7 +92,7 @@ public async Task GetBySendersRef_MultipleMatchInDb_ReturnsOk_MultipleElementInl
         await PostgreUtil.PopulateDBWithOrder(sendersReference: sendersReference);
 
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         string uri = $"{_basePath}?sendersReference={sendersReference}";
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, uri);

diff --git a/...Altinn.Notifications.IntegrationTests/Notifications/OrdersController/GetWithStatusById.cs b/...Altinn.Notifications.IntegrationTests/Notifications/OrdersController/GetWithStatusById.cs
@@ -41,7 +41,7 @@ public async Task GetWithStatusById_NoMatchInDb_ReturnsNotFound()
         string uri = $"{_basePath}/{Guid.NewGuid()}/status";
 
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, uri);
 
@@ -91,7 +91,7 @@ public async Task GetWithStatusById_SingleMatchInDbAndOneEmail_ReturnsOk()
         string uri = $"{_basePath}/{persistedOrder.Id}/status";
 
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, uri);
 
@@ -130,7 +130,7 @@ public async Task GetWithStatusById_SingleMatchInDb_ReturnsOk()
         string uri = $"{_basePath}/{persistedOrder.Id}/status";
 
         HttpClient client = GetTestClient();
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, uri);
 

diff --git a/...nn.Notifications.IntegrationTests/Notifications/OrdersController/OrdersControllerTests.cs b/...nn.Notifications.IntegrationTests/Notifications/OrdersController/OrdersControllerTests.cs
@@ -115,7 +115,7 @@ public async Task GetBySendersRef_ValidBearerToken_CorrespondingServiceMethodCal
              .ReturnsAsync((new List<NotificationOrder>() { _order }, null));
 
         HttpClient client = GetTestClient(orderService.Object);
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         string url = _basePath + "?sendersReference=" + "internal-ref";
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, url);
@@ -212,7 +212,7 @@ public async Task GetById_ValidBearerToken_CorrespondingServiceMethodCalled()
              .ReturnsAsync((_order, null));
 
         HttpClient client = GetTestClient(orderService.Object);
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         string url = _basePath + "/" + orderId;
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, url);
@@ -262,7 +262,7 @@ public async Task GetById_ServiceReturnsError_StatusCodeMatchesError()
              .ReturnsAsync((null, new ServiceError(404)));
 
         HttpClient client = GetTestClient(orderService.Object);
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         string url = _basePath + "/" + orderId;
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, url);
@@ -336,7 +336,7 @@ public async Task GetWithStatusById_ValidBearerToken_CorrespondingServiceMethodC
              .ReturnsAsync((_orderWithStatus, null));
 
         HttpClient client = GetTestClient(orderService.Object);
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         string url = _basePath + "/" + orderId + "/status";
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, url);
@@ -387,7 +387,7 @@ public async Task GetWithStatusById_ServiceReturnsError_StatusCodeMatchesError()
              .ReturnsAsync((null, new ServiceError(404)));
 
         HttpClient client = GetTestClient(orderService.Object);
-        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:notifications.create"));
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", PrincipalUtil.GetOrgToken("ttd", scope: "altinn:serviceowner/notifications.create"));
 
         string url = _basePath + "/" + orderId + "/status";
         HttpRequestMessage httpRequestMessage = new(HttpMethod.Get, url);

diff --git a/test/k6/src/tests/orders_email.js b/test/k6/src/tests/orders_email.js
@@ -20,7 +20,7 @@ const orderRequestJson = JSON.parse(
 );
 import { generateJUnitXML, reportPath } from "../report.js";
 import { addErrorCount, stopIterationOnFail } from "../errorhandler.js";
-const scopes = "altinn:notifications.create";
+const scopes = "altinn:serviceowner/notifications.create";
 const emailRecipient = __ENV.emailRecipient.toLowerCase();
 
 export const options = {