Add endpoints for customer delegation to agent systemuser (#1347)

* WIP

* fix route params

* fix mock data

* fix some tests

* fix assignment data: return assignment id to frontend

* fixes

* fix test

* fix tests

* handle errors

* add test for negative case

* add tests for remove agent delegation

* fix code smells

* remove using

* return empty list instead of error in agent delegations mock

* enable agent delegation mock

* rename

* refactor nesting

* remove mock

* refactor

* fix url

* fixes

* fix tests

* fix

* fix

* fix typo

* refactor

Author: mgunnerud

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/ClientInterfaces/ISystemUserAgentDelegationClient.cs

@@ -0,0 +1,40 @@
+using Altinn.AccessManagement.UI.Core.Models.SystemUser;
+using Altinn.Authorization.ProblemDetails;
+
+namespace Altinn.AccessManagement.UI.Core.ClientInterfaces
+{
+    /// <summary>
+    /// Interface for client wrapper for integration with the systemuser client delegation API
+    /// </summary>
+    public interface ISystemUserAgentDelegationClient
+    {
+        /// <summary>
+        /// Return delegated customers for this system user
+        /// </summary>
+        /// <param name="partyId">The party id of the party owning system user to retrieve delegated customers from</param>
+        /// <param name="systemUserGuid">The system user UUID to retrieve delegated customers from</param>
+        /// <param name="cancellationToken">Cancellation token</param>
+        /// <returns>List of delegated customers for system user</returns>
+        Task<List<AgentDelegation>> GetSystemUserAgentDelegations(int partyId, Guid systemUserGuid, CancellationToken cancellationToken);
+
+        /// <summary>
+        /// Add client to system user
+        /// </summary>
+        /// <param name="partyId">The party id of the party owning system user to add customer to</param>
+        /// <param name="systemUserGuid">The system user UUID to add customer to</param>
+        /// <param name="delegationRequest">The party uuid of the customer to add + partyUuid of system user owner party</param>
+        /// <param name="cancellationToken">Cancellation token</param>
+        /// <returns>New AgentDelegation with delegation info</returns>
+        Task<Result<AgentDelegation>> AddClient(int partyId, Guid systemUserGuid, AgentDelegationRequest delegationRequest, CancellationToken cancellationToken);
+
+        /// <summary>
+        /// Remove client from system user
+        /// </summary>
+        /// <param name="partyId">The party id of the party owning system user to remove customer from</param>
+        /// <param name="systemUserGuid">The system user UUID to remove customer from</param>
+        /// <param name="assignmentId">The assignment id to remove</param>
+        /// <param name="cancellationToken">Cancellation token</param>
+        /// <returns>Boolean result of remove</returns>
+        Task<Result<bool>> RemoveClient(int partyId, Guid systemUserGuid, Guid assignmentId, CancellationToken cancellationToken);
+    }
+}

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Models/SystemUser/AgentDelegation.cs

@@ -0,0 +1,44 @@
+namespace Altinn.AccessManagement.UI.Core.Models.SystemUser
+{
+    /// <summary>
+    /// A client delegation to a system user
+    /// </summary>
+    public class AgentDelegation
+    {
+        /// <summary>
+        /// Assignment id
+        /// </summary>
+        public Guid Id { get; init; }
+
+        /// <summary>
+        /// From party
+        /// </summary>
+        public DelegationParty From { get; init; }
+
+        /// <summary>
+        /// To party
+        /// </summary>
+        public DelegationParty To { get; init; }
+
+        /// <summary>
+        /// Facilitator - the agent system user
+        /// </summary>
+        public DelegationParty Facilitator { get; init; }
+    }
+
+    /// <summary>
+    /// Delegation Party for AgentDelegation
+    /// </summary>
+    public class DelegationParty
+    {
+        /// <summary>
+        /// Party id
+        /// </summary>
+        public Guid Id { get; init; }
+
+        /// <summary>
+        /// Party name
+        /// </summary>
+        public string Name { get; init; }
+    }
+}

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Models/SystemUser/AgentDelegationRequest.cs

@@ -0,0 +1,18 @@
+namespace Altinn.AccessManagement.UI.Core.Models.SystemUser
+{
+    /// <summary>
+    /// Payload when adding a party to agent system user
+    /// </summary>
+    public class AgentDelegationRequest
+    {
+        /// <summary>
+        /// The party uuid to add
+        /// </summary>
+        public Guid CustomerId { get; set; }
+
+        /// <summary>
+        /// PartyUuid of party which owns the agent system user
+        /// </summary>
+        public Guid FacilitatorId { get; set; }
+    }
+}

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Models/SystemUser/Frontend/AgentDelegationFE.cs

@@ -0,0 +1,18 @@
+namespace Altinn.AccessManagement.UI.Core.Models.SystemUser.Frontend
+{
+    /// <summary>
+    /// A client delegation to a system user
+    /// </summary>
+    public class AgentDelegationFE
+    {
+        /// <summary>
+        /// Assignment uuid
+        /// </summary>
+        public Guid AssignmentId { get; set; }
+
+        /// <summary>
+        /// Delegated customer party uuid
+        /// </summary>
+        public Guid CustomerId { get; set; }
+    }
+}

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Models/SystemUser/Frontend/AgentDelegationPartyFE.cs

@@ -8,12 +8,7 @@ public class AgentDelegationPartyFE
         /// <summary>
         /// Party UUID  
         /// </summary>
-        public required Guid Uuid { get; set; }
-
-        /// <summary>
-        /// Party Id
-        /// </summary>
-        public int Id { get; set; }
+        public required Guid Id { get; set; }
 
         /// <summary>
         /// Party display name

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Services/Interfaces/ISystemUserAgentDelegationService.cs

@@ -1,4 +1,5 @@
 using Altinn.AccessManagement.UI.Core.Enums;
+using Altinn.AccessManagement.UI.Core.Models.SystemUser;
 using Altinn.AccessManagement.UI.Core.Models.SystemUser.Frontend;
 using Altinn.Authorization.ProblemDetails;
 
@@ -16,6 +17,35 @@ public interface ISystemUserAgentDelegationService
         /// <param name="customerType">Customer type to get</param>
         /// <param name="cancellationToken">Cancellation token</param>
         /// <returns>List of all party customers</returns>
-        Task<Result<List<AgentDelegationPartyFE>>> GetPartyCustomers(Guid partyUuid, CustomerRoleType customerType, CancellationToken cancellationToken);
+        Task<List<AgentDelegationPartyFE>> GetPartyCustomers(Guid partyUuid, CustomerRoleType customerType, CancellationToken cancellationToken);
+
+        /// <summary>
+        /// Return delegated customers for this system user
+        /// </summary>
+        /// <param name="partyId">The party UUID of the party owning system user to retrieve delegated customers from</param>
+        /// <param name="systemUserGuid">The system user UUID to retrieve delegated customers from</param>
+        /// <param name="cancellationToken">Cancellation token</param>
+        /// <returns>List of delegated customers for system user</returns>
+        Task<List<AgentDelegationFE>> GetSystemUserAgentDelegations(int partyId, Guid systemUserGuid, CancellationToken cancellationToken);
+
+        /// <summary>
+        /// Add client to system user
+        /// </summary>
+        /// <param name="partyId">The party id of the party owning system user to add customer to</param>
+        /// <param name="systemUserGuid">The system user UUID to add customer to</param>
+        /// <param name="delegationRequest">Payload to send to add client</param>
+        /// <param name="cancellationToken">Cancellation token</param>
+        /// <returns>AgentDelegationFE with assignment id and customer id</returns>
+        Task<Result<AgentDelegationFE>> AddClient(int partyId, Guid systemUserGuid, AgentDelegationRequest delegationRequest, CancellationToken cancellationToken);
+
+        /// <summary>
+        /// Remove client from system user
+        /// </summary>
+        /// <param name="partyId">The party id of the party owning system user to remove customer from</param>
+        /// <param name="systemUserGuid">The system user UUID to remove customer from</param>
+        /// <param name="assignmentId">The assignment id to remove</param>
+        /// <param name="cancellationToken">Cancellation token</param>
+        /// <returns>Boolean result of remove</returns>
+        Task<Result<bool>> RemoveClient(int partyId, Guid systemUserGuid, Guid assignmentId, CancellationToken cancellationToken);
     }
 }

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Core/Services/SystemUserAgentDelegationService.cs

@@ -11,33 +11,76 @@ namespace Altinn.AccessManagement.UI.Core.Services
     /// <inheritdoc />
     public class SystemUserAgentDelegationService : ISystemUserAgentDelegationService
     {
+        private readonly ISystemUserAgentDelegationClient _systemUserAgentDelegationClient;
         private readonly IRegisterClient _registerClient;
 
         /// <summary>
-        /// Initializes a new instance of the <see cref="SystemUserService"/> class.
+        /// Initializes a new instance of the <see cref="SystemUserAgentDelegationService"/> class.
         /// </summary>
+        /// <param name="systemUserAgentDelegationClient">The system user client administration client.</param>
         /// <param name="registerClient">The register client</param>
         public SystemUserAgentDelegationService(
+            ISystemUserAgentDelegationClient systemUserAgentDelegationClient,
             IRegisterClient registerClient)
         {
+            _systemUserAgentDelegationClient = systemUserAgentDelegationClient;
             _registerClient = registerClient;
         }
 
         /// <inheritdoc />
-        public async Task<Result<List<AgentDelegationPartyFE>>> GetPartyCustomers(Guid partyUuid, CustomerRoleType customerType, CancellationToken cancellationToken)
+        public async Task<List<AgentDelegationPartyFE>> GetPartyCustomers(Guid partyUuid, CustomerRoleType customerType, CancellationToken cancellationToken)
         {
             CustomerList regnskapsforerCustomers = await _registerClient.GetPartyCustomers(partyUuid, customerType, cancellationToken);
             return MapCustomerListToCustomerFE(regnskapsforerCustomers);
         }
 
+        /// <inheritdoc />
+        public async Task<List<AgentDelegationFE>> GetSystemUserAgentDelegations(int partyId, Guid systemUserGuid, CancellationToken cancellationToken)
+        {
+            List<AgentDelegation> delegations = await _systemUserAgentDelegationClient.GetSystemUserAgentDelegations(partyId, systemUserGuid, cancellationToken);
+            return delegations.Select(x => new AgentDelegationFE()
+            {
+                AssignmentId = x.Id,
+                CustomerId = x.From.Id,
+            }).ToList();
+        }
+
+        /// <inheritdoc />
+        public async Task<Result<AgentDelegationFE>> AddClient(int partyId, Guid systemUserGuid, AgentDelegationRequest delegationRequest, CancellationToken cancellationToken)
+        {
+            Result<AgentDelegation> newAgentDelegation = await _systemUserAgentDelegationClient.AddClient(partyId, systemUserGuid, delegationRequest, cancellationToken);
+            
+            if (newAgentDelegation.IsProblem)
+            {
+                return new Result<AgentDelegationFE>(newAgentDelegation.Problem);
+            }
+
+            return new AgentDelegationFE()
+            {
+                AssignmentId = newAgentDelegation.Value.Id,
+                CustomerId = newAgentDelegation.Value.From.Id,
+            };
+        }
+
+        /// <inheritdoc />
+        public async Task<Result<bool>> RemoveClient(int partyId, Guid systemUserGuid, Guid assignmentId, CancellationToken cancellationToken)
+        {
+            Result<bool> response = await _systemUserAgentDelegationClient.RemoveClient(partyId, systemUserGuid, assignmentId, cancellationToken);
+            if (response.IsProblem)
+            {
+                return new Result<bool>(response.Problem);
+            }
+
+            return response.Value;
+        }
+
         private static List<AgentDelegationPartyFE> MapCustomerListToCustomerFE(CustomerList customers)
         {
             return customers.Data.Select(x => 
             {
                 return new AgentDelegationPartyFE()
                 {
-                    Id = x.PartyId,
-                    Uuid = x.PartyUuid,
+                    Id = x.PartyUuid,
                     Name = x.DisplayName,
                     OrgNo = x.OrganizationIdentifier
                 };

backend/src/Altinn.AccessManagement.UI/Altinn.AccessManagement.UI.Integration/Clients/SystemUserAgentDelegationClient.cs

@@ -0,0 +1,130 @@
+using System.Diagnostics.CodeAnalysis;
+using System.Net.Http.Json;
+using System.Text.Json;
+using Altinn.AccessManagement.UI.Core.ClientInterfaces;
+using Altinn.AccessManagement.UI.Core.Extensions;
+using Altinn.AccessManagement.UI.Core.Helpers;
+using Altinn.AccessManagement.UI.Core.Models.SystemUser;
+using Altinn.AccessManagement.UI.Integration.Configuration;
+using Altinn.Authorization.ProblemDetails;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+
+namespace Altinn.AccessManagement.UI.Integration.Clients
+{
+    /// <summary>
+    /// client that integrates with the agent deletation api
+    /// </summary>
+    [ExcludeFromCodeCoverage]
+    public class SystemUserAgentDelegationClient : ISystemUserAgentDelegationClient
+    {
+        private readonly ILogger _logger;
+        private readonly HttpClient _client;
+        private readonly IHttpContextAccessor _httpContextAccessor;
+        private readonly PlatformSettings _platformSettings;
+        private readonly JsonSerializerOptions _serializerOptions = new JsonSerializerOptions { PropertyNameCaseInsensitive = true };
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="SystemUserAgentDelegationClient"/> class
+        /// </summary>
+        /// <param name="httpClient">http client</param>
+        /// <param name="logger">the handler for logger service</param>
+        /// <param name="httpContextAccessor">the handler for httpcontextaccessor service</param>
+        /// <param name="platformSettings"> platform settings configuration</param>
+        public SystemUserAgentDelegationClient(
+            HttpClient httpClient,
+            ILogger<SystemUserAgentDelegationClient> logger,
+            IHttpContextAccessor httpContextAccessor,
+            IOptions<PlatformSettings> platformSettings)
+        {
+            _logger = logger;        
+            _httpContextAccessor = httpContextAccessor;
+            _platformSettings = platformSettings.Value;
+            httpClient.BaseAddress = new Uri(_platformSettings.ApiAuthenticationEndpoint);
+            httpClient.DefaultRequestHeaders.Add(_platformSettings.SubscriptionKeyHeaderName, _platformSettings.SubscriptionKey);
+            _client = httpClient;
+        }
+
+        /// <inheritdoc/>
+        public async Task<List<AgentDelegation>> GetSystemUserAgentDelegations(int partyId, Guid systemUserGuid, CancellationToken cancellationToken)
+        {
+            try
+            {
+                string token = JwtTokenUtil.GetTokenFromContext(_httpContextAccessor.HttpContext, _platformSettings.JwtCookieName);
+                string endpointUrl = $"systemuser/agent/{partyId}/{systemUserGuid}/delegation";
+
+                HttpResponseMessage response = await _client.GetAsync(token, endpointUrl);
+                string responseContent = await response.Content.ReadAsStringAsync(cancellationToken);
+
+                if (response.IsSuccessStatusCode)
+                {
+                    return JsonSerializer.Deserialize<List<AgentDelegation>>(responseContent, _serializerOptions);
+                }
+
+                _logger.LogError("AccessManagement.UI // SystemUserAgentDelegationClient // GetSystemUserAgentDelegations // Unexpected HttpStatusCode: {StatusCode}\n {responseBody}", response.StatusCode, responseContent);
+                return [];
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "AccessManagement.UI // SystemUserAgentDelegationClient // GetSystemUserAgentDelegations // Exception");
+                throw;
+            }
+        }
+
+        /// <inheritdoc/>
+        public async Task<Result<AgentDelegation>> AddClient(int partyId, Guid systemUserGuid, AgentDelegationRequest delegationRequest, CancellationToken cancellationToken)
+        {
+            try
+            {
+                string token = JwtTokenUtil.GetTokenFromContext(_httpContextAccessor.HttpContext, _platformSettings.JwtCookieName);
+                string endpointUrl = $"systemuser/agent/{partyId}/{systemUserGuid}/delegation";
+                StringContent requestBody = new StringContent(JsonSerializer.Serialize(delegationRequest, _serializerOptions), System.Text.Encoding.UTF8, "application/json");
+
+                HttpResponseMessage response = await _client.PostAsync(token, endpointUrl, requestBody);
+                string responseContent = await response.Content.ReadAsStringAsync(cancellationToken);
+
+                if (response.IsSuccessStatusCode)
+                {
+                    return JsonSerializer.Deserialize<AgentDelegation>(responseContent, _serializerOptions);
+                }
+
+                _logger.LogError("AccessManagement.UI // SystemUserAgentDelegationClient // AddClient // Unexpected HttpStatusCode: {StatusCode}\n {responseBody}", response.StatusCode, responseContent);
+                AltinnProblemDetails problemDetails = await response.Content.ReadFromJsonAsync<AltinnProblemDetails>(cancellationToken);
+                return ProblemMapper.MapToAuthUiError(problemDetails?.ErrorCode.ToString());
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "AccessManagement.UI // SystemUserAgentDelegationClient // AddClient // Exception");
+                throw;
+            }
+        }
+
+        /// <inheritdoc/>
+        public async Task<Result<bool>> RemoveClient(int partyId, Guid systemUserGuid, Guid assignmentId, CancellationToken cancellationToken)
+        {
+            try
+            {
+                string token = JwtTokenUtil.GetTokenFromContext(_httpContextAccessor.HttpContext, _platformSettings.JwtCookieName);
+                string endpointUrl = $"systemuser/agent/{partyId}/{systemUserGuid}/delegation/{assignmentId}";
+
+                HttpResponseMessage response = await _client.DeleteAsync(token, endpointUrl);
+                string responseContent = await response.Content.ReadAsStringAsync(cancellationToken);
+
+                if (response.IsSuccessStatusCode)
+                {
+                    return JsonSerializer.Deserialize<bool>(responseContent, _serializerOptions);
+                }
+
+                _logger.LogError("AccessManagement.UI // SystemUserAgentDelegationClient // RemoveClient // Unexpected HttpStatusCode: {StatusCode}\n {responseBody}", response.StatusCode, responseContent);
+                AltinnProblemDetails problemDetails = await response.Content.ReadFromJsonAsync<AltinnProblemDetails>(cancellationToken);
+                return ProblemMapper.MapToAuthUiError(problemDetails?.ErrorCode.ToString());
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "AccessManagement.UI // SystemUserAgentDelegationClient // RemoveClient // Exception");
+                throw;
+            }
+        }
+    }
+}