OZG-6179 impl PR comments

nachrichten-manager-server/src/main/java/de/ozgcloud/nachrichten/antragraum/AntragraumService.java

@@ -175,19 +175,11 @@ public class AntragraumService {
 	}
 
 	public boolean isAccessible(String samlToken, String trustLevel) {
-		try {
-			int vorgangTrustLevel = TrustLevel.fromString(trustLevel).getLevelValue();
-			int tokenTrustLevel = TrustLevel.fromString(getTrustLevel(samlToken)).getLevelValue();
-			return tokenTrustLevel >= vorgangTrustLevel;
-
-		} catch (Exception e) {
-			LOG.error(String.format("Unknown TrustLevel '%s', access denied.", trustLevel));
-			return false;
-		}
+		return getTrustLevel(samlToken).getIntValue() >= TrustLevel.fromString(trustLevel).getIntValue();
 	}
 
-	String getTrustLevel(String samlToken) {
-		return decrypter.decryptTrustLevel(parseSamlToken(samlToken));
+	TrustLevel getTrustLevel(String samlToken) {
+		return TrustLevel.fromString(decrypter.decryptTrustLevel(parseSamlToken(samlToken)));
 	}
 
 	Response parseSamlToken(String samlToken) {

nachrichten-manager-server/src/main/java/de/ozgcloud/nachrichten/antragraum/TrustLevel.java

@@ -3,9 +3,8 @@ package de.ozgcloud.nachrichten.antragraum;
 import java.util.Arrays;
 
 import lombok.Getter;
-import lombok.RequiredArgsConstructor;
 
-@RequiredArgsConstructor
+@Getter
 enum TrustLevel {
 
 	LEVEL_1("STORK-QAA-Level-1"),
@@ -13,14 +12,20 @@ enum TrustLevel {
 	LEVEL_3("STORK-QAA-Level-3"),
 	LEVEL_4("STORK-QAA-Level-4");
 
-	@Getter
-	private final String name;
+	private final String value;
+	private final int intValue;
 
-	public int getLevelValue() {
-		return Integer.parseInt(name.substring(name.length() - 1, name.length()));
+	TrustLevel(String value) {
+		this.value = value;
+		this.intValue = extractIntValue();
 	}
 
-	public static TrustLevel fromString(String name) {
-		return Arrays.stream(TrustLevel.values()).filter(trustLevel -> trustLevel.getName().equals(name)).findFirst().orElse(null);
+	private int extractIntValue() {
+		return Integer.parseInt(value.substring(value.length() - 1, value.length()));
 	}
-}
+
+	public static TrustLevel fromString(String value) {
+		return Arrays.stream(TrustLevel.values()).filter(trustLevel -> trustLevel.getValue().equals(value)).findFirst()
+				.orElseThrow(() -> new IllegalArgumentException("Unknown TrustLevel: '" + value + "'"));
+	}
+}
\ No newline at end of file

nachrichten-manager-server/src/test/java/de/ozgcloud/nachrichten/antragraum/AntragraumServiceTest.java

@@ -476,34 +476,27 @@ class AntragraumServiceTest {
 
 		@Test
 		void shouldCallGetTrustLevel() {
-			service.isAccessible(GrpcGetRueckfrageRequestTestFactory.SAML_TOKEN, TrustLevel.LEVEL_1.getName());
+			doReturn(TrustLevel.LEVEL_1).when(service).getTrustLevel(any());
+
+			service.isAccessible(GrpcGetRueckfrageRequestTestFactory.SAML_TOKEN, TrustLevel.LEVEL_1.getValue());
 
 			verify(service).getTrustLevel(GrpcGetRueckfrageRequestTestFactory.SAML_TOKEN);
 		}
 
 		@Test
 		void shouldReturnTrueIfTrustLevelMatches() {
-			doReturn(TrustLevel.LEVEL_1.getName()).when(service).getTrustLevel(any());
+			doReturn(TrustLevel.LEVEL_1).when(service).getTrustLevel(any());
 
-			var trustLevel = service.isAccessible(GrpcGetRueckfrageRequestTestFactory.SAML_TOKEN, TrustLevel.LEVEL_1.getName());
+			var trustLevel = service.isAccessible(GrpcGetRueckfrageRequestTestFactory.SAML_TOKEN, TrustLevel.LEVEL_1.getValue());
 
 			assertThat(trustLevel).isTrue();
 		}
 
-		@Test
-		void shouldReturnFalseIfTrustLevelNotMatches() {
-			doReturn("qutasch").when(service).getTrustLevel(any());
-
-			var trustLevel = service.isAccessible(GrpcGetRueckfrageRequestTestFactory.SAML_TOKEN, TrustLevel.LEVEL_1.getName());
-
-			assertThat(trustLevel).isFalse();
-		}
-
 		@Test
 		void shouldAllowAccessOnHigherTrustLevel() {
-			doReturn(TrustLevel.LEVEL_2.getName()).when(service).getTrustLevel(any());
+			doReturn(TrustLevel.LEVEL_2).when(service).getTrustLevel(any());
 
-			var trustLevel = service.isAccessible(GrpcGetRueckfrageRequestTestFactory.SAML_TOKEN, TrustLevel.LEVEL_1.getName());
+			var trustLevel = service.isAccessible(GrpcGetRueckfrageRequestTestFactory.SAML_TOKEN, TrustLevel.LEVEL_1.getValue());
 
 			assertThat(trustLevel).isTrue();
 		}
@@ -520,7 +513,7 @@ class AntragraumServiceTest {
 		void mock() {
 			doReturn(response).when(service).parseSamlToken(any());
 
-			when(decrypter.decryptTrustLevel(any())).thenReturn(GrpcServiceKontoTestFactory.TRUST_LEVEL);
+			when(decrypter.decryptTrustLevel(any())).thenReturn(TrustLevel.LEVEL_1.getValue());
 		}
 
 		@Test
@@ -541,7 +534,7 @@ class AntragraumServiceTest {
 		void shouldReturnValue() {
 			var trustLevel = service.getTrustLevel(GrpcGetRueckfrageRequestTestFactory.SAML_TOKEN);
 
-			assertThat(trustLevel).isEqualTo(GrpcServiceKontoTestFactory.TRUST_LEVEL);
+			assertThat(trustLevel).isEqualTo(TrustLevel.LEVEL_1);
 		}
 	}
 

nachrichten-manager-server/src/test/java/de/ozgcloud/nachrichten/antragraum/TrustLevelTest.java

+package de.ozgcloud.nachrichten.antragraum;
+
+import static org.assertj.core.api.Assertions.*;
+
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+
+class TrustLevelTest {
+
+	@DisplayName("From string")
+	@Nested
+	class TestFromString {
+
+		@DisplayName("should return TrustLevel if value matches with existing")
+		@Test
+		void shouldReturnTrustLevel() {
+			var trustLevelValue = "STORK-QAA-Level-2";
+
+			var trustLevel = TrustLevel.fromString(trustLevelValue);
+
+			assertThat(trustLevel.getValue()).isEqualTo(trustLevelValue);
+		}
+
+		@Test
+		void shouldThrowExceptionIfValueNotMatches() {
+			var trustLevelValue = "quatsch";
+
+			assertThatThrownBy(() -> TrustLevel.fromString(trustLevelValue)).isInstanceOf(IllegalArgumentException.class);
+		}
+	}
+}