OZG-3928 OZG-4396 tiny cleanup

alfa-service/src/main/java/de/ozgcloud/alfa/SecurityConfiguration.java

@@ -48,7 +48,7 @@ import de.ozgcloud.alfa.common.downloadtoken.DownloadTokenAuthenticationFilter;
 
 @Configuration
 @EnableWebSecurity
-@EnableMethodSecurity(securedEnabled = true, prePostEnabled = true)
+@EnableMethodSecurity(securedEnabled = true)
 public class SecurityConfiguration {
 
 	@Autowired

alfa-service/src/main/java/de/ozgcloud/alfa/common/user/CurrentUserHelper.java

@@ -41,13 +41,13 @@ import lombok.NoArgsConstructor;
 
 @NoArgsConstructor(access = AccessLevel.PRIVATE)
 public class CurrentUserHelper {
+
 	static final String ROLE_PREFIX = "ROLE_";
 	private static final String SUB_CLAIM_KEY = "sub";
 
-	public static final Predicate<String> HAS_ROLE = CurrentUserHelper::hasRole;
-
 	private static final AuthenticationTrustResolver TRUST_RESOLVER = new AuthenticationTrustResolverImpl();
-	private static final Predicate<Authentication> TRUSTED = auth -> !TRUST_RESOLVER.isAnonymous(auth);
+	private static final Predicate<Authentication> IS_TRUSTED = auth -> !TRUST_RESOLVER.isAnonymous(auth);
+	private static final Predicate<String> IS_ROLE_PREFIX_MISSING = role -> !role.startsWith(ROLE_PREFIX);
 
 	public static boolean hasRole(String role) {
 		var auth = getAuthentication();
@@ -55,25 +55,14 @@ public class CurrentUserHelper {
 		if ((Objects.isNull(auth)) || (Objects.isNull(auth.getPrincipal()))) {
 			return false;
 		}
-		Collection<? extends GrantedAuthority> authorities = auth.getAuthorities();
-		return containsRole(authorities, role);
-
+		return containsRole(auth.getAuthorities(), role);
 	}
 
 	public static boolean containsRole(Collection<? extends GrantedAuthority> authorities, String role) {
-		String roleToCheck;
-
-		if (Objects.nonNull(role) && !role.startsWith(ROLE_PREFIX)) {
-			roleToCheck = ROLE_PREFIX + role;
-		} else {
-			roleToCheck = role;
-		}
-
 		if (Objects.isNull(authorities)) {
 			return false;
 		}
-
-		return containsRole(roleToCheck, authorities);
+		return containsRole(prepareRoleForCheck(role), authorities);
 	}
 
 	static boolean containsRole(String role, Collection<? extends GrantedAuthority> authorities) {
@@ -84,12 +73,11 @@ public class CurrentUserHelper {
 		return StringUtils.equalsIgnoreCase(role, authority) || StringUtils.equalsIgnoreCase(prepareRoleForCheck(role), authority);
 	}
 
-	static String prepareRoleForCheck(String role) {
-		if ((Objects.nonNull(role)) && (!role.startsWith(ROLE_PREFIX))) {
-			return ROLE_PREFIX + role;
-		} else {
-			return role;
-		}
+	static String prepareRoleForCheck(String roleToCheck) {
+		return Optional.ofNullable(roleToCheck)
+				.filter(IS_ROLE_PREFIX_MISSING)
+				.map(role -> String.format("%s%s", ROLE_PREFIX, role))
+				.orElse(roleToCheck);
 	}
 
 	public static UserId getCurrentUserId() {
@@ -105,6 +93,6 @@ public class CurrentUserHelper {
 	}
 
 	private static Optional<Authentication> findAuthentication() {
-		return Optional.ofNullable(SecurityContextHolder.getContext().getAuthentication()).filter(TRUSTED);
+		return Optional.ofNullable(SecurityContextHolder.getContext().getAuthentication()).filter(IS_TRUSTED);
 	}
 }

alfa-service/src/main/java/de/ozgcloud/alfa/common/user/CurrentUserService.java

@@ -25,7 +25,6 @@ package de.ozgcloud.alfa.common.user;
 
 import java.util.Collection;
 import java.util.Collections;
-import java.util.HashSet;
 import java.util.List;
 import java.util.Objects;
 import java.util.Optional;
@@ -86,7 +85,7 @@ public class CurrentUserService {
 	}
 
 	public Collection<GrantedAuthority> getAuthorities() {
-		return Collections.unmodifiableCollection(new HashSet<GrantedAuthority>(CurrentUserHelper.getAuthentication().getAuthorities()));
+		return Collections.unmodifiableCollection(CurrentUserHelper.getAuthentication().getAuthorities());
 	}
 
 	public UserId getUserId() {

alfa-service/src/test/java/de/ozgcloud/alfa/common/user/CurrentUserHelperTest.java

+package de.ozgcloud.alfa.common.user;
+
+import static org.assertj.core.api.Assertions.*;
+
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+
+class CurrentUserHelperTest {
+
+	@DisplayName("Prepare role for check")
+	@Nested
+	class TestPrepareRoleForCheck {
+
+		@Test
+		void shouldAddPrefixIfMissing() {
+			var roleWithoutPrefix = UserRole.VERWALTUNG_USER;
+
+			var role = CurrentUserHelper.prepareRoleForCheck(roleWithoutPrefix);
+
+			assertThat(role).isEqualTo(String.format("%s%s", CurrentUserHelper.ROLE_PREFIX, UserRole.VERWALTUNG_USER));
+		}
+
+		@Test
+		void shouldReturnRoleIfPrefixAlreadyExists() {
+			var roleWithPrefix = String.format("ROLE_%s", UserRole.VERWALTUNG_USER);
+
+			var role = CurrentUserHelper.prepareRoleForCheck(roleWithPrefix);
+
+			assertThat(role).isEqualTo(roleWithPrefix);
+		}
+
+		@Test
+		void shouldReturnPassingRoleIfNonNull() {
+			var role = CurrentUserHelper.prepareRoleForCheck(null);
+
+			assertThat(role).isNull();
+		}
+	}
+}

goofy-server/src/main/java/de/ozgcloud/alfa/AlfaServerApplication.java

@@ -49,14 +49,14 @@ public class AlfaServerApplication {
 	}
 
 	@Bean
-	public FilterRegistrationBean<ForwardedHeaderFilter> forwardedHeaderFilter() {
+	FilterRegistrationBean<ForwardedHeaderFilter> forwardedHeaderFilter() {
 		FilterRegistrationBean<ForwardedHeaderFilter> bean = new FilterRegistrationBean<>();
 		bean.setFilter(new ForwardedHeaderFilter());
 		return bean;
 	}
 
 	@Bean
-	public ThreadPoolTaskExecutor threadPoolTaskExecutor() {
+	ThreadPoolTaskExecutor threadPoolTaskExecutor() {
 		ThreadPoolTaskExecutor executor = new ThreadPoolTaskExecutor();
 
 		executor.setThreadNamePrefix("async-");
@@ -65,12 +65,12 @@ public class AlfaServerApplication {
 	}
 
 	@Bean
-	public CallScope callScope() {
+	CallScope callScope() {
 		return new CallScope();
 	}
 
 	@Bean
-	public BeanFactoryPostProcessor beanFactoryPostProcessor(CallScope callScope) {
+	BeanFactoryPostProcessor beanFactoryPostProcessor(CallScope callScope) {
 		return new CallBeanFactoryPostProcessor(callScope);
 	}
 }
\ No newline at end of file