chore: pr cleanup

Signed-off-by: Pat Losoponkul <[email protected]>
hyperledger · Nov 8, 2023 · 1dc284d · 1dc284d
1 parent cfd8b9b
commit 1dc284d
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 39 deletions.
diff --git a/...c/main/scala/io/iohk/atala/iam/authorization/core/EntityPermissionManagementService.scala b/...c/main/scala/io/iohk/atala/iam/authorization/core/EntityPermissionManagementService.scala
@@ -2,7 +2,6 @@ package io.iohk.atala.iam.authorization.core
 
 import io.iohk.atala.agent.walletapi.model.Entity
 import io.iohk.atala.agent.walletapi.service.EntityService
-import io.iohk.atala.agent.walletapi.service.WalletManagementService
 import io.iohk.atala.iam.authorization.core.PermissionManagement.Error
 import io.iohk.atala.iam.authorization.core.PermissionManagement.Error.ServiceError
 import io.iohk.atala.iam.authorization.core.PermissionManagement.Error.WalletNotFoundById
@@ -12,15 +11,13 @@ import zio.*
 
 import scala.language.implicitConversions
 
-class EntityPermissionManagementService(entityService: EntityService, walletManagementService: WalletManagementService)
-    extends PermissionManagement.Service[Entity] {
+class EntityPermissionManagementService(entityService: EntityService) extends PermissionManagement.Service[Entity] {
 
   override def grantWalletToUser(walletId: WalletId, entity: Entity): ZIO[WalletAdministrationContext, Error, Unit] = {
     for {
-      _ <- walletManagementService
-        .getWallet(walletId)
-        .mapError(wmse => ServiceError(wmse.toThrowable.getMessage))
-        .someOrFail(WalletNotFoundById(walletId))
+      _ <- ZIO
+        .serviceWith[WalletAdministrationContext](_.isAuthorized(walletId))
+        .filterOrFail(identity)(Error.WalletNotFoundById(walletId))
       _ <- entityService.assignWallet(entity.id, walletId.toUUID).mapError[Error](e => e)
     } yield ()
   }
@@ -29,14 +26,16 @@ class EntityPermissionManagementService(entityService: EntityService, walletMana
     ZIO.fail(Error.ServiceError(s"Revoking wallet permission for an Entity is not yet supported."))
 
   override def listWalletPermissions(entity: Entity): ZIO[WalletAdministrationContext, Error, Seq[WalletId]] = {
-    walletManagementService
-      .getWallet(WalletId.fromUUID(entity.walletId))
-      .mapBoth(e => e, _.toSeq.map(_.id))
+    val walletId = WalletId.fromUUID(entity.walletId)
+    ZIO
+      .serviceWith[WalletAdministrationContext](_.isAuthorized(walletId))
+      .filterOrFail(identity)(Error.WalletNotFoundById(walletId))
+      .as(Seq(walletId))
   }
 
 }
 
 object EntityPermissionManagementService {
-  val layer: URLayer[EntityService & WalletManagementService, PermissionManagement.Service[Entity]] =
-    ZLayer.fromFunction(EntityPermissionManagementService(_, _))
+  val layer: URLayer[EntityService, PermissionManagement.Service[Entity]] =
+    ZLayer.fromFunction(EntityPermissionManagementService(_))
 }
diff --git a/...ice/server/src/main/scala/io/iohk/atala/iam/authorization/core/PermissionManagement.scala b/...ice/server/src/main/scala/io/iohk/atala/iam/authorization/core/PermissionManagement.scala
@@ -6,7 +6,6 @@ import io.iohk.atala.agent.walletapi.model.error.EntityServiceError.EntityAlread
 import io.iohk.atala.agent.walletapi.model.error.EntityServiceError.EntityNotFound
 import io.iohk.atala.agent.walletapi.model.error.EntityServiceError.EntityStorageError
 import io.iohk.atala.agent.walletapi.model.error.EntityServiceError.EntityWalletNotFound
-import io.iohk.atala.agent.walletapi.service.WalletManagementServiceError
 import io.iohk.atala.shared.models.WalletAdministrationContext
 import io.iohk.atala.shared.models.WalletId
 import zio.*
@@ -47,7 +46,5 @@ object PermissionManagement {
       case e: EntityStorageError   => UnexpectedError(Exception(s"Entity storage error: ${e.message}"))
       case e: EntityWalletNotFound => WalletNotFoundById(WalletId.fromUUID(e.walletId))
     }
-
-    given Conversion[WalletManagementServiceError, Error] = { e => UnexpectedError(e.toThrowable) }
   }
 }
diff --git a/...pi/src/main/scala/io/iohk/atala/agent/walletapi/service/WalletManagementServiceImpl.scala b/...pi/src/main/scala/io/iohk/atala/agent/walletapi/service/WalletManagementServiceImpl.scala
@@ -51,35 +51,19 @@ class WalletManagementServiceImpl(
       walletId: WalletId
   ): ZIO[WalletAdministrationContext, WalletManagementServiceError, Option[Wallet]] = {
     ZIO
-      .serviceWith[WalletAdministrationContext] {
-        case WalletAdministrationContext.Admin() => Some(walletId)
-        case WalletAdministrationContext.SelfService(permittedWallets) =>
-          if permittedWallets.contains(walletId)
-          then Some(walletId)
-          else None
-      }
+      .serviceWith[WalletAdministrationContext](_.isAuthorized(walletId))
       .flatMap {
-        case Some(walletId) =>
-          nonSecretStorage
-            .getWallet(walletId)
-            .mapError(e => e)
-        case None => ZIO.none
+        case true  => nonSecretStorage.getWallet(walletId).mapError(e => e)
+        case false => ZIO.none
       }
   }
 
   override def getWallets(
       walletIds: Seq[WalletId]
   ): ZIO[WalletAdministrationContext, WalletManagementServiceError, Seq[Wallet]] = {
     ZIO
-      .serviceWith[WalletAdministrationContext] {
-        case WalletAdministrationContext.Admin()                       => walletIds
-        case WalletAdministrationContext.SelfService(permittedWallets) => walletIds.intersect(permittedWallets)
-      }
-      .flatMap { filteredIds =>
-        nonSecretStorage
-          .getWallets(filteredIds)
-          .mapError(e => e)
-      }
+      .serviceWith[WalletAdministrationContext](ctx => walletIds.filter(ctx.isAuthorized))
+      .flatMap { filteredIds => nonSecretStorage.getWallets(filteredIds).mapError(e => e) }
   }
 
   override def listWallets(

diff --git a/shared/src/main/scala/io/iohk/atala/shared/models/MultiTenancy.scala b/shared/src/main/scala/io/iohk/atala/shared/models/MultiTenancy.scala
@@ -18,9 +18,15 @@ final case class WalletAccessContext(walletId: WalletId)
 
 // This might eventually be unified with WalletAccessContext and introduce some scope / role.
 // For now this is only intended for wallet admin related operations.
-sealed trait WalletAdministrationContext
+sealed trait WalletAdministrationContext {
+  def isAuthorized(walletId: WalletId): Boolean
+}
 
 object WalletAdministrationContext {
-  final case class Admin() extends WalletAdministrationContext
-  final case class SelfService(permittedWallets: Seq[WalletId]) extends WalletAdministrationContext
+  final case class Admin() extends WalletAdministrationContext {
+    def isAuthorized(walletId: WalletId): Boolean = true
+  }
+  final case class SelfService(permittedWallets: Seq[WalletId]) extends WalletAdministrationContext {
+    def isAuthorized(walletId: WalletId): Boolean = permittedWallets.contains(walletId)
+  }
 }