BFF: Implement delegation endpoint

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/ClientInterfaces/ISingleRightClient.cs

@@ -19,5 +19,17 @@ public interface ISingleRightClient
         /// </param>
         /// <returns>List<DelegationAccessCheckResponse /></returns>
         Task<List<DelegationAccessCheckResponse>> CheckDelegationAccess(string partyId, DelegationRequestDto request);
+
+        /// <summary>
+        ///     Creates a single rights delegation
+        /// </summary>
+        /// <param name="party">
+        ///     The party from which to delegate the right
+        /// </param>
+        /// <param name="delegation">
+        ///     The delegation to be created
+        /// </param>
+        /// <returns></returns>
+        Task<HttpResponseMessage> CreateDelegation(string party, DelegationInput delegation);
     }
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Models/Delegation/DelegationRequestDto.cs

@@ -17,6 +17,6 @@ public class DelegationRequestDto
         ///     Gets or sets the set of Attribute Id and Attribute Value for a specific action, to identify the action this right
         ///     applies to
         /// </summary>
-        public IdValuePair? Action { get; set; }
+        public string? Action { get; set; }
     }
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Models/ResourceRegistry/Frontend/ServiceResourceFE.cs

@@ -38,6 +38,16 @@ public class ServiceResourceFE
         /// </summary>
         public string Status { get; set; }
 
+        /// <summary>
+        /// Is this resource possible to delegate to others or not
+        /// </summary>
+        public bool Delegable { get; set; } = true;
+
+        /// <summary>
+        /// The visibility of the resource
+        /// </summary>
+        public bool Visible { get; set; } = true;
+
         /// <summary>
         /// When the resource is available from
         /// </summary>
@@ -84,7 +94,7 @@ public ServiceResourceFE()
         /// <summary>
         /// Basic constructor
         /// </summary>
-        public ServiceResourceFE(string identifier, string title, string description, string rightDescription, string status, DateTime validFrom, DateTime validTo, string resourceOwnerName, string resourceOwnerOrgNumber, List<ResourceReference> resourceReferences, ResourceType resourceType, string? homepage = null, int? priorityCounter = null)
+        public ServiceResourceFE(string identifier, string title, string description, string rightDescription, string status, DateTime validFrom, DateTime validTo, string resourceOwnerName, string resourceOwnerOrgNumber, List<ResourceReference> resourceReferences, ResourceType resourceType, string? homepage = null, int? priorityCounter = null, bool visible = true, bool delegable = true)
         {
             Identifier = identifier;
             Title = title;
@@ -99,6 +109,8 @@ public ServiceResourceFE(string identifier, string title, string description, st
             ResourceReferences = resourceReferences;
             PriorityCounter = priorityCounter;
             ResourceType = resourceType;
+            Visible = visible;
+            Delegable = delegable;
         }
 
         /// <summary>
@@ -120,6 +132,8 @@ public ServiceResourceFE(ServiceResourceFE serviceResourceFE)
             PriorityCounter = serviceResourceFE.PriorityCounter;
             ResourceReferences = serviceResourceFE.ResourceReferences;
             ResourceType = serviceResourceFE.ResourceType;
+            Visible = serviceResourceFE.Visible;
+            Delegable = serviceResourceFE.Delegable;
         }
     }
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Models/ResourceRegistry/ServiceResource.cs

@@ -4,19 +4,19 @@
 namespace Altinn.AccessManagement.UI.Core.Models.ResourceRegistry
 {
     /// <summary>
-    /// Model describing a complete resource from the resource registry.
+    /// Model describing a complete resource from the resource registry
     /// </summary>
     public class ServiceResource
     {
         /// <summary>
         /// The identifier of the resource
         /// </summary>
         public string Identifier { get; set; }
 
         /// <summary>
         /// The title of service
         /// </summary>
         public Dictionary<string, string> Title { get; set; }
 
         /// <summary>
         /// Description
@@ -59,20 +59,30 @@
         public bool IsPublicService { get; set; }
 
         /// <summary>
-        /// ThematicArea
+        /// ThematicAreas
         /// </summary>
-        public string? ThematicArea { get; set; }
+        public List<string>? ThematicAreas { get; set; }
 
         /// <summary>
         /// ResourceReference
         /// </summary>
-        public List<ResourceReference> ResourceReferences { get; set; }
+        public List<ResourceReference>? ResourceReferences { get; set; }
 
         /// <summary>
         /// IsComplete
         /// </summary>
         public bool? IsComplete { get; set; }
 
+        /// <summary>
+        /// Is this resource possible to delegate to others or not
+        /// </summary>
+        public bool Delegable { get; set; } = true;
+
+        /// <summary>
+        /// The visibility of the resource
+        /// </summary>
+        public bool Visible { get; set; } = true;
+
         /// <summary>
         /// HasCompetentAuthority
         /// </summary>
@@ -93,5 +103,19 @@
         /// </summary>
         [JsonConverter(typeof(JsonStringEnumConverter))]
         public ResourceType ResourceType { get; set; }
+
+        /// <summary>
+        /// The fallback language of the resource
+        /// </summary>
+        public string MainLanguage { get; set; } = "nb";
+
+        /// <summary>
+        /// Writes key information when this object is written to Log.
+        /// </summary>
+        /// <returns></returns>
+        public override string ToString()
+        {
+            return $"Identifier: {Identifier}, ResourceType: {ResourceType}";
+        }
     }
-}
+}

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Services/Interfaces/ISingleRightService.cs

@@ -17,5 +17,17 @@ public interface ISingleRightService
         /// <param name="request">The delegation access check request object that's going to be consumed by the backend</param>
         /// <returns> List<DelegationAccessCheckResponse /></returns>
         Task<List<DelegationAccessCheckResponse>> CheckDelegationAccess(string partyId, DelegationRequestDto request);
+
+        /// <summary>
+        ///     Creates a single right delegation from a given party
+        /// </summary>
+        /// <param name="party">
+        ///     The party from which to delegate the right
+        /// </param>
+        /// <param name="delegation">
+        ///     The delegation to be created
+        /// </param>
+        /// <returns></returns>
+        Task<HttpResponseMessage> CreateDelegation(string party, DelegationInput delegation);
     }
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Services/ResourceService.cs

@@ -56,7 +56,7 @@ public async Task<PaginatedList<ServiceResourceFE>> GetPaginatedSearchResults(st
             try
             {
                 List<ServiceResource> resources = await GetFullResourceList();
-                List<ServiceResource> resourceList = resources.FindAll(r => r.ResourceType != ResourceType.MaskinportenSchema && r.ResourceType != ResourceType.SystemResource);
+                List<ServiceResource> resourceList = resources.FindAll(r => r.ResourceType != ResourceType.MaskinportenSchema && r.ResourceType != ResourceType.SystemResource && r.Delegable && r.Visible);
                 List<ServiceResourceFE> resourcesFE = MapResourceToFrontendModel(resourceList, languageCode);
 
                 List<ServiceResourceFE> filteredresources = FilterResourceList(resourcesFE, resourceOwnerFilters);
@@ -76,7 +76,7 @@ public async Task<List<ServiceResourceFE>> GetResources(ResourceType resourceTyp
             try
             {
                 List<ServiceResource> resources = await GetResources();
-                List<ServiceResource> resourceList = resources.FindAll(r => r.ResourceType == resourceType);
+                List<ServiceResource> resourceList = resources.FindAll(r => r.ResourceType == resourceType && r.Delegable && r.Visible);
                 return MapResourceToFrontendModel(resourceList, languageCode);
             }
             catch (Exception ex)
@@ -322,7 +322,9 @@ private List<ServiceResourceFE> MapResourceToFrontendModel(List<ServiceResource>
                         rightDescription: resource.RightDescription?.GetValueOrDefault(languageCode) ?? resource.RightDescription?.GetValueOrDefault("nb"),
                         description: resource.Description?.GetValueOrDefault(languageCode) ?? resource.Description?.GetValueOrDefault("nb"),
                         validFrom: resource.ValidFrom,
-                        validTo: resource.ValidTo);
+                        validTo: resource.ValidTo,
+                        visible: resource.Visible,
+                        delegable: resource.Delegable);
 
                     resourceList.Add(resourceFE);
                 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Services/SingleRightService.cs

@@ -23,5 +23,11 @@ public async Task<List<DelegationAccessCheckResponse>> CheckDelegationAccess(str
         {
             return await _singleRightClient.CheckDelegationAccess(partyId, request);
         }
+
+        /// <inheritdoc />
+        public async Task<HttpResponseMessage> CreateDelegation(string party, DelegationInput delegation)
+        {
+            return await _singleRightClient.CreateDelegation(party, delegation);
+        }
     }
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Integration/Clients/SingleRightClient.cs

@@ -73,5 +73,15 @@ public async Task<List<DelegationAccessCheckResponse>> CheckDelegationAccess(str
                 throw;
             }
         }
+
+        /// <inheritdoc />
+        public async Task<HttpResponseMessage> CreateDelegation(string party, DelegationInput delegation)
+        {
+            string endpointUrl = $"{party}/rights/delegation/offered";
+            string token = JwtTokenUtil.GetTokenFromContext(_httpContextAccessor.HttpContext, _platformSettings.JwtCookieName);
+            StringContent requestBody = new StringContent(JsonSerializer.Serialize(delegation, _serializerOptions), Encoding.UTF8, "application/json");
+            HttpResponseMessage response = await _client.PostAsync(token, endpointUrl, requestBody);
+            return response;
+        }
     }
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Mocks/Altinn.AccessManagement.UI.Mocks.csproj

@@ -12,6 +12,15 @@
     </Content>
   </ItemGroup>
 
+  <ItemGroup>
+    <None Remove="Data\SingleRight\CreateDelegation\3225.json" />
+    <None Remove="Data\SingleRight\CreateDelegation\322a.json" />
+    <None Remove="Data\SingleRight\CreateDelegation\a3-app2.json" />
+    <None Remove="Data\SingleRight\CreateDelegation\appid-502.json" />
+    <None Remove="Data\SingleRight\CreateDelegation\appid-503.json" />
+    <None Remove="Data\SingleRight\CreateDelegation\appid-508.json" />
+  </ItemGroup>
+
   <ItemGroup>
     <PackageReference Include="Altinn.App.Common" Version="6.0.2" />
     <PackageReference Include="Altinn.Common.PEP" Version="1.3.0" />

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Mocks/Data/MaskinportenSchema/Delegation/appid-400/from_p50067798/to_810418362/ExpectedOutput_Default.json

@@ -13,10 +13,7 @@
           "value": "appid-400"
         }
       ],
-      "action": {
-        "id": "urn:oasis:names:tc:xacml:1.0:action:action-id",
-        "value": "ScopeAccess"
-      }
+      "action": "ScopeAccess"
     }
   ]
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Mocks/Data/MaskinportenSchema/Delegation/appid-400/from_p50067798/to_810418532/ExpectedOutput_Default.json

@@ -13,10 +13,7 @@
           "value": "appid-400"
         }
       ],
-      "action": {
-        "id": "urn:oasis:names:tc:xacml:1.0:action:action-id",
-        "value": "ScopeAccess"
-      }
+      "action": "ScopeAccess"
     }
   ]
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Mocks/Data/MaskinportenSchema/Delegation/appid-402/from_p50067798/to_810418362/ExpectedOutput_Default.json

@@ -13,10 +13,7 @@
           "value": "appid-402"
         }
       ],
-      "action": {
-        "id": "urn:oasis:names:tc:xacml:1.0:action:action-id",
-        "value": "ScopeAccess"
-      }
+      "action": "ScopeAccess"
     }
   ]
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Mocks/Data/MaskinportenSchema/Delegation/appid-402/from_p50067798/to_810418532/ExpectedOutput_Default.json

@@ -13,10 +13,7 @@
           "value": "appid-402"
         }
       ],
-      "action": {
-        "id": "urn:oasis:names:tc:xacml:1.0:action:action-id",
-        "value": "ScopeAccess"
-      }
+      "action": "ScopeAccess"
     }
   ]
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Mocks/Data/MaskinportenSchema/Delegation/nav_aa_distribution/from_p50005545/to_810418672/ExpectedOutput_Default.json

@@ -13,10 +13,7 @@
           "value": "nav_aa_distribution"
         }
       ],
-      "action": {
-        "id": "urn:oasis:names:tc:xacml:1.0:action:action-id",
-        "value": "ScopeAccess"
-      }
+      "action": "ScopeAccess"
     }
   ]
 }