Safe dictionary accessors, slight refactor, more tests

Altinn · Nov 29, 2024 · ff0b376 · ff0b376
1 parent dab9e24
commit ff0b376
Show file tree

Hide file tree

Showing 2 changed files with 75 additions and 18 deletions.
diff --git a/src/Altinn.App.Core/Helpers/UserHelper.cs b/src/Altinn.App.Core/Helpers/UserHelper.cs
@@ -59,45 +59,40 @@ public async Task<UserContext> GetUserContext(HttpContext context)
         UserContext userContext = new()
         {
             User = context.User,
-            UserName = tokenClaims[AltinnCoreClaimTypes.UserName],
-            UserId = tokenClaims[AltinnCoreClaimTypes.UserId] switch
+            UserName = tokenClaims.GetValueOrDefault(AltinnCoreClaimTypes.UserName),
+            UserId = tokenClaims.GetValueOrDefault(AltinnCoreClaimTypes.UserId) switch
             {
                 { } value => Convert.ToInt32(value, CultureInfo.InvariantCulture),
-                _ => default,
+                _ => throw new Exception("Could not get user profile - could not retrieve user ID from claims"),
             },
-            PartyId = tokenClaims[AltinnCoreClaimTypes.PartyID] switch
+            PartyId = tokenClaims.GetValueOrDefault(AltinnCoreClaimTypes.PartyID) switch
             {
                 { } value => Convert.ToInt32(value, CultureInfo.InvariantCulture),
                 _ => default,
             },
-            AuthenticationLevel = tokenClaims[AltinnCoreClaimTypes.AuthenticationLevel] switch
+            AuthenticationLevel = tokenClaims.GetValueOrDefault(AltinnCoreClaimTypes.AuthenticationLevel) switch
             {
                 { } value => Convert.ToInt32(value, CultureInfo.InvariantCulture),
                 _ => default,
             },
         };
 
-        if (userContext.UserId == default)
-        {
-            throw new Exception("Could not get user profile - could not retrieve user ID from claims");
-        }
-
         UserProfile userProfile =
             await _profileClient.GetUserProfile(userContext.UserId)
             ?? throw new Exception("Could not get user profile while getting user context");
 
-        userContext.UserParty = userProfile.Party;
+        if (partyCookieValue is not null)
+            userContext.PartyId = Convert.ToInt32(partyCookieValue, CultureInfo.InvariantCulture);
 
-        userContext.PartyId = partyCookieValue is not null
-            ? Convert.ToInt32(partyCookieValue, CultureInfo.InvariantCulture)
-            : userContext.PartyId;
+        if (userContext.PartyId == userProfile.PartyId)
+            userContext.Party = userProfile.Party;
+        else if (userContext.PartyId > 0)
+            userContext.Party = await _altinnPartyClientService.GetParty(userContext.PartyId);
 
-        userContext.Party = userContext.PartyId.Equals(userProfile.PartyId)
-            ? userProfile.Party
-            : await _altinnPartyClientService.GetParty(userContext.PartyId);
+        userContext.UserParty = userProfile.Party;
 
         userContext.SocialSecurityNumber =
-            userContext.Party?.SSN ?? userContext.Party?.Person?.SSN ?? userContext.UserParty.SSN;
+            userContext.Party?.SSN ?? userContext.Party?.Person?.SSN ?? userContext.UserParty?.SSN;
 
         return userContext;
     }

diff --git a/test/Altinn.App.Api.Tests/Helpers/UserHelperTest.cs b/test/Altinn.App.Api.Tests/Helpers/UserHelperTest.cs
@@ -84,4 +84,66 @@ public async Task GetUserContext_PerformsCorrectLogic(int userId, int partyId, s
                 }
             );
     }
+
+    [Fact]
+    public async Task GetUserContext_HandlesMissingClaims()
+    {
+        // Arrange
+        const int userId = 1001;
+        const int authLevel = 3;
+        var userPrincipal = PrincipalUtil.GetUserPrincipal(userId, default, authLevel);
+        await using var fixture = Fixture.Create(userPrincipal);
+        var userHelper = new UserHelper(
+            profileClient: fixture.ProfileClientMock,
+            altinnPartyClientService: fixture.AltinnPartyClientMock,
+            settings: fixture.GeneralSettings
+        );
+        var httpContextAccessor = fixture.App.Services.GetRequiredService<IHttpContextAccessor>();
+        var httpContext = httpContextAccessor.HttpContext;
+        var userProfile = await fixture.ProfileClientMock.GetUserProfile(userId);
+
+        // Act
+        var result = await userHelper.GetUserContext(httpContext!);
+
+        // Assert
+        result
+            .Should()
+            .BeEquivalentTo(
+                new Altinn.App.Core.Models.UserContext
+                {
+                    SocialSecurityNumber = null,
+                    UserName = $"User{userId}",
+                    UserId = userId,
+                    PartyId = default,
+                    AuthenticationLevel = authLevel,
+                    User = userPrincipal,
+                    UserParty = userProfile!.Party,
+                    Party = null,
+                }
+            );
+    }
+
+    [Fact]
+    public async Task GetUserContext_ThrowsOnMissingUserId()
+    {
+        // Arrange
+        var userPrincipal = PrincipalUtil.GetUserPrincipal(default, default);
+        await using var fixture = Fixture.Create(userPrincipal);
+        var userHelper = new UserHelper(
+            profileClient: fixture.ProfileClientMock,
+            altinnPartyClientService: fixture.AltinnPartyClientMock,
+            settings: fixture.GeneralSettings
+        );
+        var httpContextAccessor = fixture.App.Services.GetRequiredService<IHttpContextAccessor>();
+        var httpContext = httpContextAccessor.HttpContext;
+
+        // Act
+        var act = async () =>
+        {
+            await userHelper.GetUserContext(httpContext!);
+        };
+
+        // Assert
+        await act.Should().ThrowAsync<Exception>().WithMessage("*not*ID*from*claims*");
+    }
 }