Merge pull request #560 from solita/feature/AE-2282-energiatodistus-d…

…estruction-lambda Feature/ae 2282 energiatodistus destruction lambda
solita · Oct 18, 2024 · fb8fc61 · fb8fc61
2 parents 5dc925e + 7935b76
commit fb8fc61
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 13 deletions.
diff --git a/etp-core/etp-backend/src/main/clj/solita/etp/api/energiatodistus.clj b/etp-core/etp-backend/src/main/clj/solita/etp/api/energiatodistus.clj
@@ -18,6 +18,7 @@
             [solita.etp.schema.valvonta-oikeellisuus :as valvonta-schema]
             [solita.etp.schema.viesti :as viesti-schema]
             [solita.etp.security :as security]
+            [solita.etp.service.concurrent :as concurrent]
             [solita.etp.service.energiatodistus :as energiatodistus-service]
             [solita.etp.service.energiatodistus-destruction :as energiatodistus-destruction-service]
             [solita.etp.service.energiatodistus-csv :as energiatodistus-csv-service]
@@ -263,11 +264,16 @@
 (def internal-routes
   [["/energiatodistukset"
     ["/anonymize-and-delete-expired"
-     {:post {:summary    "Anonymisoi vanhentuneet energiatodistukset ja poistaa niihin linkittyvät dokumentit."
+     {:post {:summary    "Anonymisoi vanhentuneet energiatodistukset ja poistaa niihin linkittyvät tiedot ja dokumentit."
              :middleware [[security/wrap-db-application-name
                            (kayttaja-service/system-kayttaja :expiration)]
                           [security/wrap-whoami-for-internal-expiration-api]]
              :responses  {200 {:body nil}}
-             :handler    (fn [{:keys [db aws-s3-client]}]
-                           (r/response (energiatodistus-destruction-service/destroy-expired-energiatodistukset!
-                                         db aws-s3-client)))}}]]])
+             :handler    (fn [{:keys [db aws-s3-client whoami]}]
+                           (r/response
+                             (concurrent/run-background
+                               #(energiatodistus-destruction-service/destroy-expired-energiatodistukset!
+                                 db
+                                 aws-s3-client
+                                 whoami)
+                               "Expired energiatodistukset destruction failed")))}}]]])
diff --git a/etp-core/etp-backend/src/main/clj/solita/etp/service/energiatodistus_destruction.clj b/etp-core/etp-backend/src/main/clj/solita/etp/service/energiatodistus_destruction.clj
@@ -4,8 +4,11 @@
   (:require [clojure.java.jdbc :as jdbc]
             [clojure.tools.logging :as log]
             [solita.etp.db :as db]
+            [solita.etp.exception :as exception]
             [solita.etp.service.complete-energiatodistus :as complete-energiatodistus-service]
             [solita.etp.service.energiatodistus :as energiatodistus-service]
+            [solita.etp.service.kayttaja :as kayttaja-service]
+            [solita.etp.service.rooli :as rooli-service]
             [solita.etp.service.liite :as liite-service]
             [solita.etp.service.file :as file]
             [solita.etp.service.viesti :as viesti-service]))
@@ -117,7 +120,10 @@
   (->> (energiatodistus-destruction-db/select-expired-energiatodistus-ids db)
        (map :energiatodistus-id)))
 
-(defn destroy-expired-energiatodistukset! [db aws-s3-client]
+(defn destroy-expired-energiatodistukset! [db aws-s3-client whoami]
+  (when-not (and (rooli-service/system? whoami)
+                 (= (:id whoami) (kayttaja-service/system-kayttaja :expiration)))
+    (exception/throw-forbidden! (str "Can not run destruction of expired todistukset as whoami (id: " (:id whoami) ") (rooli: " (:rooli whoami) ")")))
   (log/info (str "Destruction of expired energiatodistukset initiated."))
   (let [expired-todistukset-ids (get-currently-expired-todistus-ids db)]
     (run! #(destroy-expired-energiatodistus! db aws-s3-client %) expired-todistukset-ids)))
diff --git a/etp-core/etp-backend/src/test/clj/solita/etp/service/energiatodistus_destruction_test.clj b/etp-core/etp-backend/src/test/clj/solita/etp/service/energiatodistus_destruction_test.clj
@@ -6,6 +6,7 @@
             [solita.etp.service.valvonta-oikeellisuus :as valvonta-oikeellisuus-service]
             [solita.etp.service.energiatodistus-destruction :as service]
             [solita.etp.service.viesti-test :as viesti-test]
+            [solita.etp.service.kayttaja :as kayttaja-service]
             [solita.etp.service.file :as file-service]
             [solita.etp.service.liite :as liite-service]
             [solita.etp.service.viesti :as viesti-service]
@@ -19,6 +20,8 @@
 
 (t/use-fixtures :each ts/fixture)
 
+(def system-expiration-user {:id (kayttaja-service/system-kayttaja :expiration) :rooli -1})
+
 (defn file-exists? [file-key] (file-service/file-exists? ts/*aws-s3-client* file-key))
 
 (defn update-energiatodistus! [energiatodistus-id energiatodistus laatija-id]
@@ -188,7 +191,7 @@
       (t/is (false? (file-service/file-exists? ts/*aws-s3-client* lang-mu-pdf-sv-key))))
 
     (expire-energiatodistus! energiatodistus-id-fi)
-    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client*)
+    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client* system-expiration-user)
 
     (t/testing "Finnish version PDF should not exist after deleting it."
       (t/is (true? (file-service/file-exists? ts/*aws-s3-client* control-pdf-fi-key)))
@@ -214,7 +217,7 @@
       (t/is (false? (file-service/file-exists? ts/*aws-s3-client* lang-mu-pdf-sv-key))))
 
     (expire-energiatodistus! energiatodistus-id-sv)
-    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client*)
+    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client* system-expiration-user)
 
     (t/testing "Swedish version PDF should not exist after deleting it."
       (t/is (true? (file-service/file-exists? ts/*aws-s3-client* control-pdf-fi-key)))
@@ -240,7 +243,7 @@
       (t/is (true? (file-service/file-exists? ts/*aws-s3-client* lang-mu-pdf-sv-key))))
 
     (expire-energiatodistus! energiatodistus-id-mu)
-    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client*)
+    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client* system-expiration-user)
 
     (t/testing "Multilingual version PDFs should not exist after deleting it."
       (t/is (true? (file-service/file-exists? ts/*aws-s3-client* control-pdf-fi-key)))
@@ -283,7 +286,7 @@
         [id-1] ids
         get-et-1 #(first (select-energiatodistus id-1))]
     (expire-energiatodistus! id-1)
-    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client*)
+    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client* system-expiration-user)
     (t/testing "The values are anonymized."
       (t/is (empty? (->> (get-et-1)
                          (collect-invalid-keys-for-destroyed-energiatodistus)
@@ -302,7 +305,7 @@
         get-et-2-audit-information #(select-audit-information id-2)]
     (t/testing "There was some audit information before deletion."
       (t/is (not (empty? (get-et-1-audit-information)))))
-    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client*)
+    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client* system-expiration-user)
     (t/testing "The audit data for et-1 still exists as it is not expired."
       (t/is (not (empty? (get-et-1-audit-information)))))
     (t/testing "The audit data for et-2 is destroyed as it is expired."
@@ -371,7 +374,7 @@
       (t/is (not (empty? (select-notes-audit energiatodistus-id-1)))))
 
     (expire-energiatodistus! energiatodistus-id-1)
-    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client*)
+    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client* system-expiration-user)
 
     (t/testing "There are no more toimenpiteet after deletion."
       (t/is (empty? (get-vo-toimenpiteet energiatodistus-id-1))))
@@ -450,7 +453,7 @@
 
     ;; Destroy et-1 liiteet
     (expire-energiatodistus! energiatodistus-id-1)
-    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client*)
+    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client* system-expiration-user)
 
     (t/testing "The liitteet for energiatodistus-1 are deleted but exist for energiatodistus-2"
       (let [liitteet-1-in-db (select-liitteet energiatodistus-id-1)
@@ -556,7 +559,7 @@
       (t/is (not (empty? (select-viesti-liite-audit viestiketju-2-id)))))
 
     (expire-energiatodistus! energiatodistus-id-1)
-    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client*)
+    (service/destroy-expired-energiatodistukset! ts/*db* ts/*aws-s3-client* system-expiration-user)
 
     (t/testing "Only viestiketju 2 exists after deletion"
       (t/is (empty? (select-viestiketju viestiketju-1-id)))