Altinn · jonkjetiloye · Nov 22, 2024 · Nov 22, 2024
diff --git a/...anceDelegation/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToOrg_Dagl.bru b/...anceDelegation/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToOrg_Dagl.bru
@@ -0,0 +1,75 @@
+meta {
+  name: InstDelgParties_AsAccMngr_ToOrg_Dagl
+  type: http
+  seq: 5
+}
+
+get {
+  url: {{baseUrl}}/accessmanagement/api/v1/{{party}}/authorizedparties?includeAltinn2=false
+  body: json
+  auth: inherit
+}
+
+params:query {
+  includeAltinn2: false
+}
+
+headers {
+  Content-Type: application/json
+  Accept: application/json
+}
+
+script:pre-request {
+  const sharedtestdata = require(`./Testdata/sharedtestdata.json`);
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+
+  var getTokenParameters = {
+    auth_tokenType: sharedtestdata.authTokenType.personal,
+    auth_ssn: testdata.organizations.legitimJusterbarTiger.dagl.personId,
+    auth_userId: testdata.organizations.legitimJusterbarTiger.dagl.userId,
+    auth_partyId: testdata.organizations.legitimJusterbarTiger.dagl.partyId
+  }
+
+  const token = await testTokenGenerator.getToken(getTokenParameters);
+  bru.setVar("bearerToken",  token);
+  bru.setVar("party", testdata.organizations.legitimJusterbarTiger.partyId);
+}
+
+tests {
+  // Should be the same as the .bru request file. Used as prefix in test name which also shows in test result in pipeline.
+  const requestName = "InstDelgParties_AsAccMngr_ToOrg_Dagl";
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+  const body = res.getBody();
+
+  test(requestName + "|HttpStatus.OK", function() {
+    expect(res.status).to.equal(200);
+  });
+
+  test(requestName + "|Contains_O2O_MainUnitDelegatedFrom", function() {
+    const instanceId = testdata.instances.o2o.instanceId;
+    const mainUnit = body.find(party => party.partyUuid === testdata.instances.o2o.from);
+    assert.isOk(mainUnit, `MainUnit having delegated instance access was not found in AuthorizedParties for recipient`);
+
+    const mainUnitDelegation = mainUnit.authorizedInstances.find(delegation => delegation.instanceId === instanceId);
+    assert.isOk(mainUnitDelegation, `InstanceId ${instanceId} not found in AuthorizedInstances on MainUnit having delegated the instance`);
+
+    const subunit = mainUnit.subunits.find(subunit => subunit.partyUuid === testdata.organizations.mobilBeskjedenTiger.subunits.mobilBeskjedenTiger.partyUuid);
+    assert.isOk(subunit, `Expected MainUnit ${testdata.organizations.mobilBeskjedenTiger.organizationNumber} to have Subunit ${testdata.organizations.mobilBeskjedenTiger.subunits.mobilBeskjedenTiger.organizationNumber}. Maybe this bug has been fixed: https://github.com/Altinn/altinn-access-management/issues/873 ? If so update this test to not expect to find subunit.`);
+
+    const subunitDelegation = subunit.authorizedInstances.find(delegation => delegation.instanceId === instanceId);
+    assert.isNotOk(subunitDelegation, `InstanceId ${instanceId} should not be found in AuthorizedInstances on Subunit`);
+  });
+
+  test(requestName + "|Contains_P2O_PersonDelegatedFrom", function() {
+    const instanceId_1 = testdata.instances.p2o.instanceId_1;
+    const instanceId_2 = testdata.instances.p2o.instanceId_2;
+    const person = body.find(party => party.partyUuid === testdata.instances.p2o.from);
+    assert.isOk(person, `Person having delegated instance access was not found in AuthorizedParties for recipient`);
+
+    const personDelegation_1 = person.authorizedInstances.find(delegation => delegation.instanceId === instanceId_1);
+    assert.isOk(personDelegation_1, `InstanceId ${instanceId_1} not found in AuthorizedInstances on Person having delegated the instance`);
+
+    const personDelegation_2 = person.authorizedInstances.find(delegation => delegation.instanceId === instanceId_2);
+    assert.isOk(personDelegation_2, `InstanceId ${instanceId_1} not found in AuthorizedInstances on Person having delegated the instance`);
+  });
+}
diff --git a/...egation/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToOrg_Dagl_InclA2.bru b/...egation/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToOrg_Dagl_InclA2.bru
@@ -0,0 +1,75 @@
+meta {
+  name: InstDelgParties_AsAccMngr_ToOrg_Dagl_InclA2
+  type: http
+  seq: 6
+}
+
+get {
+  url: {{baseUrl}}/accessmanagement/api/v1/{{party}}/authorizedparties?includeAltinn2=true
+  body: json
+  auth: inherit
+}
+
+params:query {
+  includeAltinn2: true
+}
+
+headers {
+  Content-Type: application/json
+  Accept: application/json
+}
+
+script:pre-request {
+  const sharedtestdata = require(`./Testdata/sharedtestdata.json`);
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+
+  var getTokenParameters = {
+    auth_tokenType: sharedtestdata.authTokenType.personal,
+    auth_ssn: testdata.organizations.legitimJusterbarTiger.dagl.personId,
+    auth_userId: testdata.organizations.legitimJusterbarTiger.dagl.userId,
+    auth_partyId: testdata.organizations.legitimJusterbarTiger.dagl.partyId
+  }
+
+  const token = await testTokenGenerator.getToken(getTokenParameters);
+  bru.setVar("bearerToken",  token);
+  bru.setVar("party", testdata.organizations.legitimJusterbarTiger.partyId);
+}
+
+tests {
+  // Should be the same as the .bru request file. Used as prefix in test name which also shows in test result in pipeline.
+  const requestName = "InstDelgParties_AsAccMngr_ToOrg_Dagl_InclA2";
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+  const body = res.getBody();
+
+  test(requestName + "|HttpStatus.OK", function() {
+    expect(res.status).to.equal(200);
+  });
+
+  test(requestName + "|Contains_O2O_MainUnitDelegatedFrom", function() {
+    const instanceId = testdata.instances.o2o.instanceId;
+    const mainUnit = body.find(party => party.partyUuid === testdata.instances.o2o.from);
+    assert.isOk(mainUnit, `MainUnit having delegated instance access was not found in AuthorizedParties for recipient`);
+
+    const mainUnitDelegation = mainUnit.authorizedInstances.find(delegation => delegation.instanceId === instanceId);
+    assert.isOk(mainUnitDelegation, `InstanceId ${instanceId} not found in AuthorizedInstances on MainUnit having delegated the instance`);
+
+    const subunit = mainUnit.subunits.find(subunit => subunit.partyUuid === testdata.organizations.mobilBeskjedenTiger.subunits.mobilBeskjedenTiger.partyUuid);
+    assert.isOk(subunit, `Expected MainUnit ${testdata.organizations.mobilBeskjedenTiger.organizationNumber} to have Subunit ${testdata.organizations.mobilBeskjedenTiger.subunits.mobilBeskjedenTiger.organizationNumber}. Maybe this bug has been fixed: https://github.com/Altinn/altinn-access-management/issues/873 ? If so update this test to not expect to find subunit.`);
+
+    const subunitDelegation = subunit.authorizedInstances.find(delegation => delegation.instanceId === instanceId);
+    assert.isNotOk(subunitDelegation, `InstanceId ${instanceId} should not be found in AuthorizedInstances on Subunit`);
+  });
+
+  test(requestName + "|Contains_P2O_PersonDelegatedFrom", function() {
+    const instanceId_1 = testdata.instances.p2o.instanceId_1;
+    const instanceId_2 = testdata.instances.p2o.instanceId_2;
+    const person = body.find(party => party.partyUuid === testdata.instances.p2o.from);
+    assert.isOk(person, `Person having delegated instance access was not found in AuthorizedParties for recipient`);
+
+    const personDelegation_1 = person.authorizedInstances.find(delegation => delegation.instanceId === instanceId_1);
+    assert.isOk(personDelegation_1, `InstanceId ${instanceId_1} not found in AuthorizedInstances on Person having delegated the instance`);
+
+    const personDelegation_2 = person.authorizedInstances.find(delegation => delegation.instanceId === instanceId_2);
+    assert.isOk(personDelegation_2, `InstanceId ${instanceId_1} not found in AuthorizedInstances on Person having delegated the instance`);
+  });
+}
diff --git a/...eDelegation/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToPerson_Self.bru b/...eDelegation/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToPerson_Self.bru
@@ -0,0 +1,78 @@
+meta {
+  name: InstDelgParties_AsAccMngr_ToPerson_Self
+  type: http
+  seq: 1
+}
+
+get {
+  url: {{baseUrl}}/accessmanagement/api/v1/{{party}}/authorizedparties?includeAltinn2=false
+  body: json
+  auth: inherit
+}
+
+params:query {
+  includeAltinn2: false
+}
+
+headers {
+  Content-Type: application/json
+  Accept: application/json
+}
+
+script:pre-request {
+  const sharedtestdata = require(`./Testdata/sharedtestdata.json`);
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+
+  var getTokenParameters = {
+    auth_tokenType: sharedtestdata.authTokenType.personal,
+    auth_ssn: testdata.persons.hakkeDyr.personId,
+    auth_userId: testdata.persons.hakkeDyr.userId,
+    auth_partyId: testdata.persons.hakkeDyr.partyId
+  }
+
+  const token = await testTokenGenerator.getToken(getTokenParameters);
+  bru.setVar("bearerToken",  token);
+  bru.setVar("party", testdata.persons.hakkeDyr.partyId);
+}
+
+tests {
+  // Should be the same as the .bru request file. Used as prefix in test name which also shows in test result in pipeline.
+  const requestName = "InstDelgParties_AsAccMngr_ToPerson_Self";
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+  const body = res.getBody();
+
+  test(requestName + "|HttpStatus.OK", function() {
+    expect(res.status).to.equal(200);
+  });
+
+  test(requestName + "|Contains_P2P_PersonDelegatedFrom", function() {
+    const person = body.find(party => party.partyUuid === testdata.instances.p2p.from);
+    assert.isOk(person, `Person having delegated instance access was not found in AuthorizedParties for recipient`);
+
+    const personDelegation = person.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.p2p.instanceId);
+    assert.isOk(personDelegation, `InstanceId ${testdata.instances.p2p.instanceId} not found in AuthorizedInstances on Person having delegated the instance`);
+  });
+
+  test(requestName + "|Contains_Main2P_MainUnitDelegatedFrom", function() {
+    const mainUnit = body.find(party => party.partyUuid === testdata.instances.main2p.from);
+    assert.isOk(mainUnit, `MainUnit having delegated instance access was not found in AuthorizedParties for recipient`);
+
+    const mainUnitDelegation = mainUnit.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.main2p.instanceId);
+    assert.isOk(mainUnitDelegation, `InstanceId ${testdata.instances.main2p.instanceId} not found in AuthorizedInstances on MainUnit having delegated the instance`);
+
+    const subunit = mainUnit.subunits.find(subunit => subunit.partyUuid === testdata.organizations.legitimJusterbarTiger.subunits.legitimJusterbarTiger.partyUuid);
+    assert.isOk(subunit, `Expected MainUnit ${testdata.organizations.legitimJusterbarTiger.organizationNumber} to have Subunit ${testdata.organizations.legitimJusterbarTiger.subunits.legitimJusterbarTiger.organizationNumber}`);
+
+    const subunitDelegation = subunit.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.main2p.instanceId);
+    assert.isNotOk(subunitDelegation, `InstanceId ${testdata.instances.main2p.instanceId} should not be found in AuthorizedInstances on Subunit`);
+  });
+
+  test(requestName + "|Contains_Sub2P_SubUnitDelegatedFrom", function() {
+    const mainUnit = body.find(party => party.subunits.find(subunit => subunit.partyUuid === testdata.instances.sub2p.from));
+    assert.isOk(mainUnit, `Subunit was not found as a subunit on any party in AuthorizedParties for recipient`);
+
+    const subunit = mainUnit.subunits.find(subunit => subunit.partyUuid === testdata.instances.sub2p.from);
+    const subunitDelegation = subunit.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.sub2p.instanceId);
+    assert.isOk(subunitDelegation, `InstanceId ${testdata.instances.sub2p.instanceId} not found in AuthorizedInstances on Subunit having delegated the instance`);
+  });
+}
diff --git a/...tion/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToPerson_Self_InclA2.bru b/...tion/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToPerson_Self_InclA2.bru
@@ -0,0 +1,78 @@
+meta {
+  name: InstDelgParties_AsAccMngr_ToPerson_Self_InclA2
+  type: http
+  seq: 2
+}
+
+get {
+  url: {{baseUrl}}/accessmanagement/api/v1/{{party}}/authorizedparties?includeAltinn2=true
+  body: json
+  auth: inherit
+}
+
+params:query {
+  includeAltinn2: true
+}
+
+headers {
+  Content-Type: application/json
+  Accept: application/json
+}
+
+script:pre-request {
+  const sharedtestdata = require(`./Testdata/sharedtestdata.json`);
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+
+  var getTokenParameters = {
+    auth_tokenType: sharedtestdata.authTokenType.personal,
+    auth_ssn: testdata.persons.hakkeDyr.personId,
+    auth_userId: testdata.persons.hakkeDyr.userId,
+    auth_partyId: testdata.persons.hakkeDyr.partyId
+  }
+
+  const token = await testTokenGenerator.getToken(getTokenParameters);
+  bru.setVar("bearerToken",  token);
+  bru.setVar("party", testdata.persons.hakkeDyr.partyId);
+}
+
+tests {
+  // Should be the same as the .bru request file. Used as prefix in test name which also shows in test result in pipeline.
+  const requestName = "InstDelgParties_AsAccMngr_ToPerson_Self_InclA2";
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+  const body = res.getBody();
+
+  test(requestName + "|HttpStatus.OK", function() {
+    expect(res.status).to.equal(200);
+  });
+
+  test(requestName + "|Contains_P2P_PersonDelegatedFrom", function() {
+    const person = body.find(party => party.partyUuid === testdata.instances.p2p.from);
+    assert.isOk(person, `Person having delegated instance access was not found in AuthorizedParties for recipient`);
+
+    const personDelegation = person.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.p2p.instanceId);
+    assert.isOk(personDelegation, `InstanceId ${testdata.instances.p2p.instanceId} not found in AuthorizedInstances on Person having delegated the instance`);
+  });
+
+  test(requestName + "|Contains_Main2P_MainUnitDelegatedFrom", function() {
+    const mainUnit = body.find(party => party.partyUuid === testdata.instances.main2p.from);
+    assert.isOk(mainUnit, `MainUnit having delegated instance access was not found in AuthorizedParties for recipient`);
+
+    const mainUnitDelegation = mainUnit.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.main2p.instanceId);
+    assert.isOk(mainUnitDelegation, `InstanceId ${testdata.instances.main2p.instanceId} not found in AuthorizedInstances on MainUnit having delegated the instance`);
+
+    const subunit = mainUnit.subunits.find(subunit => subunit.partyUuid === testdata.organizations.legitimJusterbarTiger.subunits.legitimJusterbarTiger.partyUuid);
+    assert.isOk(subunit, `Expected MainUnit ${testdata.organizations.legitimJusterbarTiger.organizationNumber} to have Subunit ${testdata.organizations.legitimJusterbarTiger.subunits.legitimJusterbarTiger.organizationNumber}`);
+
+    const subunitDelegation = subunit.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.main2p.instanceId);
+    assert.isNotOk(subunitDelegation, `InstanceId ${testdata.instances.main2p.instanceId} should not be found in AuthorizedInstances on Subunit`);
+  });
+
+  test(requestName + "|Contains_Sub2P_SubUnitDelegatedFrom", function() {
+    const mainUnit = body.find(party => party.subunits.find(subunit => subunit.partyUuid === testdata.instances.sub2p.from));
+    assert.isOk(mainUnit, `Subunit was not found as a subunit on any party in AuthorizedParties for recipient`);
+
+    const subunit = mainUnit.subunits.find(subunit => subunit.partyUuid === testdata.instances.sub2p.from);
+    const subunitDelegation = subunit.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.sub2p.instanceId);
+    assert.isOk(subunitDelegation, `InstanceId ${testdata.instances.sub2p.instanceId} not found in AuthorizedInstances on Subunit having delegated the instance`);
+  });
+}
diff --git a/...legation/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToPerson_SubOnly.bru b/...legation/AuthorizedParties/AsAccessManager/InstDelgParties_AsAccMngr_ToPerson_SubOnly.bru
@@ -0,0 +1,61 @@
+meta {
+  name: InstDelgParties_AsAccMngr_ToPerson_SubOnly
+  type: http
+  seq: 3
+}
+
+get {
+  url: {{baseUrl}}/accessmanagement/api/v1/{{party}}/authorizedparties?includeAltinn2=false
+  body: json
+  auth: inherit
+}
+
+params:query {
+  includeAltinn2: false
+}
+
+headers {
+  Content-Type: application/json
+  Accept: application/json
+}
+
+script:pre-request {
+  const sharedtestdata = require(`./Testdata/sharedtestdata.json`);
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+
+  var getTokenParameters = {
+    auth_tokenType: sharedtestdata.authTokenType.personal,
+    auth_ssn: testdata.persons.spesifikkSmaragd.personId,
+    auth_userId: testdata.persons.spesifikkSmaragd.userId,
+    auth_partyId: testdata.persons.spesifikkSmaragd.partyId
+  }
+
+  const token = await testTokenGenerator.getToken(getTokenParameters);
+  bru.setVar("bearerToken",  token);
+  bru.setVar("party", testdata.persons.spesifikkSmaragd.partyId);
+}
+
+tests {
+  // Should be the same as the .bru request file. Used as prefix in test name which also shows in test result in pipeline.
+  const requestName = "InstDelgParties_AsAccMngr_ToPerson_SubOnly";
+  const testdata = require(`./Testdata/instance-delegation-authorized-parties/${bru.getEnvVar("tokenEnv")}.json`);
+  const body = res.getBody();
+
+  test(requestName + "|HttpStatus.OK", function() {
+    expect(res.status).to.equal(200);
+  });
+
+  test(requestName + "|Contains_SubOnly2P_MainUnitOnlyHierarchy_SubunitWithInstanceIds", function() {
+    const mainUnit = body.find(party => party.subunits.find(subunit => subunit.partyUuid === testdata.instances.subonly2p.from));
+    assert.isOk(mainUnit, `Subunit was not found as a subunit on any party in AuthorizedParties for recipient`);
+    assert.isOk(mainUnit.onlyHierarchyElementWithNoAccess, `Expected mainUnit.onlyHierarchyElementWithNoAccess to be true. Recipient should only have Subunit access.`);
+
+    const subunit = mainUnit.subunits.find(subunit => subunit.partyUuid === testdata.instances.subonly2p.from);
+
+    const subunitInstanceDelegation_1 = subunit.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.subonly2p.instanceId_1);
+    assert.isOk(subunitInstanceDelegation_1, `InstanceId ${testdata.instances.subonly2p.instanceId_1} not found in AuthorizedInstances on Subunit having delegated the instance`);
+
+    const subunitInstanceDelegation_2 = subunit.authorizedInstances.find(delegation => delegation.instanceId === testdata.instances.subonly2p.instanceId_2);
+    assert.isOk(subunitInstanceDelegation_2, `InstanceId ${testdata.instances.subonly2p.instanceId_2} not found in AuthorizedInstances on Subunit having delegated the instance`);
+  });
+}