Merge pull request #252 from navikt/fjerne-unleash-poao-tilgang-bryter

Fjerne unleash poao tilgang bryter

pom.xml

@@ -113,11 +113,6 @@
         </dependency>
 
         <!-- Common -->
-        <dependency>
-            <groupId>com.github.navikt.common-java-modules</groupId>
-            <artifactId>abac</artifactId>
-            <version>${common.version}</version>
-        </dependency>
         <dependency>
             <groupId>com.github.navikt.common-java-modules</groupId>
             <artifactId>rest</artifactId>
@@ -138,11 +133,6 @@
             <artifactId>metrics</artifactId>
             <version>${common.version}</version>
         </dependency>
-        <dependency>
-            <groupId>com.github.navikt.common-java-modules</groupId>
-            <artifactId>feature-toggle</artifactId>
-            <version>${common.version}</version>
-        </dependency>
         <dependency>
             <groupId>com.github.navikt.common-java-modules</groupId>
             <artifactId>client</artifactId>

src/main/java/no/nav/pto/veilarbfilter/config/ApplicationConfig.java

@@ -6,13 +6,8 @@
 import com.github.benmanes.caffeine.cache.Caffeine;
 import net.javacrumbs.shedlock.core.LockProvider;
 import net.javacrumbs.shedlock.provider.jdbctemplate.JdbcTemplateLockProvider;
-import no.nav.common.abac.Pep;
-import no.nav.common.abac.VeilarbPepFactory;
-import no.nav.common.abac.audit.SpringAuditRequestInfoSupplier;
 import no.nav.common.auth.context.AuthContextHolder;
 import no.nav.common.auth.context.AuthContextHolderThreadLocal;
-import no.nav.common.featuretoggle.UnleashClient;
-import no.nav.common.featuretoggle.UnleashClientImpl;
 import no.nav.common.job.leader_election.LeaderElectionClient;
 import no.nav.common.job.leader_election.LeaderElectionHttpClient;
 import no.nav.common.metrics.InfluxClient;
@@ -63,15 +58,6 @@ public AuthContextHolder authContextHolder() {
         return AuthContextHolderThreadLocal.instance();
     }
 
-    @Bean
-    public Pep veilarbPep(EnvironmentProperties properties) {
-        Credentials serviceUserCredentials = getCredentials("service_user");
-        return VeilarbPepFactory.get(
-                properties.getAbacUrl(), serviceUserCredentials.username,
-                serviceUserCredentials.password, new SpringAuditRequestInfoSupplier()
-        );
-    }
-
     @Bean
     public AzureAdMachineToMachineTokenClient azureAdMachineToMachineTokenClient() {
         return AzureAdTokenClientBuilder.builder()
@@ -114,8 +100,4 @@ public PoaoTilgangClient poaoTilgangClient(EnvironmentProperties properties, Azu
         );
     }
 
-    @Bean
-    public UnleashClient unleashClient(EnvironmentProperties properties) {
-        return new UnleashClientImpl(properties.getUnleashUrl(), APPLICATION_NAME);
-    }
 }

src/main/java/no/nav/pto/veilarbfilter/config/EnvironmentProperties.java

@@ -9,10 +9,8 @@
 @ConfigurationProperties(prefix = "app.env")
 public class EnvironmentProperties {
     private String dbUrl;
-    private String abacUrl;
     private String naisAadDiscoveryUrl;
     private String naisAadClientId;
     private String poaoTilgangUrl;
     private String poaoTilgangScope;
-    private String unleashUrl;
 }

src/main/java/no/nav/pto/veilarbfilter/rest/VeilederGruppeController.java

@@ -2,18 +2,13 @@
 
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import no.nav.common.abac.Pep;
 import no.nav.common.auth.context.AuthContextHolder;
-import no.nav.common.types.identer.EnhetId;
-import no.nav.common.types.identer.NavIdent;
 import no.nav.poao_tilgang.client.Decision;
 import no.nav.poao_tilgang.client.NavAnsattTilgangTilNavEnhetPolicyInput;
 import no.nav.poao_tilgang.client.PoaoTilgangClient;
 import no.nav.pto.veilarbfilter.auth.AuthUtils;
 import no.nav.pto.veilarbfilter.domene.FilterModel;
 import no.nav.pto.veilarbfilter.domene.NyttFilterModel;
-import no.nav.pto.veilarbfilter.domene.value.VeilederId;
-import no.nav.pto.veilarbfilter.service.UnleashService;
 import no.nav.pto.veilarbfilter.service.VeilederGrupperService;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -29,113 +24,64 @@
 @RequiredArgsConstructor
 public class VeilederGruppeController {
     private final VeilederGrupperService veilederGrupperService;
-    private final Pep veilarbPep;
-    private final UnleashService unleashService;
     private final PoaoTilgangClient poaoTilgangClient;
 
     private final AuthContextHolder authContextHolder;
 
     @PostMapping("/{enhetId}")
     public ResponseEntity<FilterModel> lagreFilter(@PathVariable(value = "enhetId") String enhetId, @RequestBody NyttFilterModel nyttFilterModel) {
-        VeilederId innloggetVeilederIdent = AuthUtils.getInnloggetVeilederIdent();
         UUID innloggetVeilederUUID = AuthUtils.getInnloggetVeilederUUID(authContextHolder);
 
-        if (unleashService.isPoaoTilgangEnabled()) {
-            if (harVeilederTilgangTilEnhet(innloggetVeilederUUID, enhetId)) {
-                Optional<FilterModel> filterModelOptional = veilederGrupperService.lagreFilter(enhetId, nyttFilterModel);
-                if (filterModelOptional.isPresent()) {
-                    return ResponseEntity.ok().body(filterModelOptional.get());
-                }
-                throw new IllegalStateException();
-            }
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
-        } else {
-            if (veilarbPep.harVeilederTilgangTilEnhet(NavIdent.of(innloggetVeilederIdent.toString()), EnhetId.of(enhetId))) {
-                Optional<FilterModel> filterModelOptional = veilederGrupperService.lagreFilter(enhetId, nyttFilterModel);
-                if (filterModelOptional.isPresent()) {
-                    return ResponseEntity.ok().body(filterModelOptional.get());
-                }
-                throw new IllegalStateException();
-            }
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
-        }
+		if (harVeilederTilgangTilEnhet(innloggetVeilederUUID, enhetId)) {
+			Optional<FilterModel> filterModelOptional = veilederGrupperService.lagreFilter(enhetId, nyttFilterModel);
+			if (filterModelOptional.isPresent()) {
+				return ResponseEntity.ok().body(filterModelOptional.get());
+			}
+			throw new IllegalStateException();
+		}
+		return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
     }
 
     @PutMapping("/{enhetId}")
     public ResponseEntity<FilterModel> oppdaterFilter(@PathVariable(value = "enhetId") String enhetId, @RequestBody FilterModel filterModel) {
-        VeilederId innloggetVeilederIdent = AuthUtils.getInnloggetVeilederIdent();
         UUID innloggetVeilederUUID = AuthUtils.getInnloggetVeilederUUID(authContextHolder);
 
-        if (unleashService.isPoaoTilgangEnabled()) {
-            if (harVeilederTilgangTilEnhet(innloggetVeilederUUID, enhetId)) {
-                Optional<FilterModel> filterModelOptional = veilederGrupperService.oppdaterFilter(enhetId, filterModel);
-                if (filterModelOptional.isPresent()) {
-                    return ResponseEntity.ok().body(filterModelOptional.get());
-                }
-                throw new IllegalStateException();
-            }
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
-        } else {
-            if (veilarbPep.harVeilederTilgangTilEnhet(NavIdent.of(innloggetVeilederIdent.toString()), EnhetId.of(enhetId))) {
-                Optional<FilterModel> filterModelOptional = veilederGrupperService.oppdaterFilter(enhetId, filterModel);
-                if (filterModelOptional.isPresent()) {
-                    return ResponseEntity.ok().body(filterModelOptional.get());
-                }
-                throw new IllegalStateException();
-            }
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
-        }
+		if (harVeilederTilgangTilEnhet(innloggetVeilederUUID, enhetId)) {
+			Optional<FilterModel> filterModelOptional = veilederGrupperService.oppdaterFilter(enhetId, filterModel);
+			if (filterModelOptional.isPresent()) {
+				return ResponseEntity.ok().body(filterModelOptional.get());
+			}
+			throw new IllegalStateException();
+		}
+		return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+
     }
 
     @GetMapping("/{enhetId}")
     public ResponseEntity<List<FilterModel>> finnFilterForFilterBruker(@PathVariable(value = "enhetId") String enhetId) {
-        VeilederId innloggetVeilederIdent = AuthUtils.getInnloggetVeilederIdent();
         UUID innloggetVeilederUUID = AuthUtils.getInnloggetVeilederUUID(authContextHolder);
 
-        if (unleashService.isPoaoTilgangEnabled()) {
-            if (harVeilederTilgangTilEnhet(innloggetVeilederUUID, enhetId)) {
-                List<FilterModel> filterModels = veilederGrupperService.finnFilterForFilterBruker(enhetId);
-
-                return ResponseEntity.ok().body(filterModels);
-            }
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+		if (harVeilederTilgangTilEnhet(innloggetVeilederUUID, enhetId)) {
+			List<FilterModel> filterModels = veilederGrupperService.finnFilterForFilterBruker(enhetId);
 
-        } else {
-            if (veilarbPep.harVeilederTilgangTilEnhet(NavIdent.of(innloggetVeilederIdent.toString()), EnhetId.of(enhetId))) {
-                List<FilterModel> filterModels = veilederGrupperService.finnFilterForFilterBruker(enhetId);
-
-                return ResponseEntity.ok().body(filterModels);
-            }
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
-        }
+			return ResponseEntity.ok().body(filterModels);
+		}
+		return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
     }
 
     @DeleteMapping("{enhetId}/filter/{filterId}")
     public ResponseEntity slettFilter(@PathVariable(value = "enhetId") String enhetId, @PathVariable(value = "filterId") Integer filterId) {
-        VeilederId innloggetVeilederIdent = AuthUtils.getInnloggetVeilederIdent();
         UUID innloggetVeilederUUID = AuthUtils.getInnloggetVeilederUUID(authContextHolder);
 
-        if (unleashService.isPoaoTilgangEnabled()) {
-            if (harVeilederTilgangTilEnhet(innloggetVeilederUUID, enhetId)) {
-                Integer slettetFilterId = veilederGrupperService.slettFilter(filterId, enhetId);
-                if (slettetFilterId == 0) {
-                    return ResponseEntity.notFound().build();
-                }
-
-                return ResponseEntity.noContent().build();
-            }
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
-        } else {
-            if (veilarbPep.harVeilederTilgangTilEnhet(NavIdent.of(innloggetVeilederIdent.toString()), EnhetId.of(enhetId))) {
-                Integer slettetFilterId = veilederGrupperService.slettFilter(filterId, enhetId);
-                if (slettetFilterId == 0) {
-                    return ResponseEntity.notFound().build();
-                }
-
-                return ResponseEntity.noContent().build();
-            }
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
-        }
+		if (harVeilederTilgangTilEnhet(innloggetVeilederUUID, enhetId)) {
+			Integer slettetFilterId = veilederGrupperService.slettFilter(filterId, enhetId);
+			if (slettetFilterId == 0) {
+				return ResponseEntity.notFound().build();
+			}
+
+			return ResponseEntity.noContent().build();
+		}
+		return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
     }
 
     public boolean harVeilederTilgangTilEnhet(UUID innloggetVeilederUUID, String enhetId) {

src/main/resources/application.properties

@@ -10,11 +10,9 @@ management.endpoint.health.probes.enabled=true
 management.endpoint.health.group.liveness.include=livenessState,dataSource
 #ENV PROPS -- start
 app.env.dbUrl=${VEILARBFILTER_DB_URL}
-app.env.abacUrl=${ABAC_PDP_ENDPOINT_URL}
 #ENV NAIS -- start
 app.env.naisAadDiscoveryUrl=${AZURE_APP_WELL_KNOWN_URL:#{null}}
 app.env.naisAadClientId=${AZURE_APP_CLIENT_ID:#{null}}
-app.env.unleashUrl=${UNLEASH_API_URL}
 app.env.poaoTilgangUrl=${POAO_TILGANG_URL:#{null}}
 app.env.poaoTilgangScope=${POAO_TILGANG_SCOPE:#{null}}
 #ENV NAIS -- end
@@ -24,4 +22,4 @@ spring.flyway.enabled=false
 spring.data.jdbc.repositories.enabled=false
 # Application environment
 server.shutdown=graceful
-server.port=8080
+server.port=8080

src/test/java/no/nav/pto/veilarbfilter/config/AppConfig.java

@@ -1,9 +1,7 @@
 package no.nav.pto.veilarbfilter.config;
 
-import no.nav.common.abac.Pep;
 import no.nav.common.auth.context.AuthContextHolder;
 import no.nav.common.auth.context.AuthContextHolderThreadLocal;
-import no.nav.common.featuretoggle.UnleashClient;
 import no.nav.common.metrics.InfluxClient;
 import no.nav.common.types.identer.EnhetId;
 import no.nav.poao_tilgang.client.Decision;
@@ -36,7 +34,6 @@
         MineLagredeFilterService.class,
         MineLagredeFilterController.class,
         VeilederGruppeController.class,
-        UnleashService.class,
         OverblikkVisningService.class,
         OverblikkVisningRepository.class,
         OverblikkVisningController.class})
@@ -49,12 +46,6 @@ public AuthContextHolder authContextHolder() {
         return AuthContextHolderThreadLocal.instance();
     }
 
-    @Bean
-    public Pep pep() {
-        Pep mockPep = mock(Pep.class);
-        Mockito.when(mockPep.harVeilederTilgangTilEnhet(any(), any())).thenReturn(true);
-        return mockPep;
-    }
     @Bean
     public PoaoTilgangClient poaoTilgangClient() {
         PoaoTilgangClient mockPoaoTilgangClient = mock(PoaoTilgangClient.class);
@@ -68,10 +59,4 @@ public VeilarbveilederClient veilarbveilederClient() {
         return mockVeilarbVeilederClient;
     }
 
-    @Bean
-    public UnleashClient unleashClient() {
-        UnleashClient mockUnleashClient = mock(UnleashClient.class);
-        Mockito.when(mockUnleashClient.isEnabled(any())).thenReturn(true);
-        return mockUnleashClient;
-    }
 }