From a6b7078306722e690b6279bdb787850a2bca3110 Mon Sep 17 00:00:00 2001 From: Wasiullah Khan Jadoon Date: Mon, 6 Apr 2026 17:53:31 +0500 Subject: [PATCH] Added permission check for Authorization, rejection, reversal and cancellation of transactions --- .../client/model/TransactionEndpoint.java | 14 +++++++++++++- .../service/CancellationTransactionService.java | 13 ++++++++++++- .../client/service/RejectTransactionService.java | 12 +++++++++++- .../service/ReversalTransactionService.java | 12 +++++++++++- .../service/TransactionAuthorizationService.java | 15 +++++++++++++-- 5 files changed, 60 insertions(+), 6 deletions(-) diff --git a/aconnect/src/main/java/com/mfsys/aconnect/client/model/TransactionEndpoint.java b/aconnect/src/main/java/com/mfsys/aconnect/client/model/TransactionEndpoint.java index 261580c..1116849 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/client/model/TransactionEndpoint.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/client/model/TransactionEndpoint.java @@ -7,7 +7,19 @@ public enum TransactionEndpoint { ACCOUNT_TO_GL(AconnectURI.TRANSACTION_ACCOUNT_GL_URI), GL_TO_GL(AconnectURI.TRANSACTION_GL_GL_URI), ACCOUNT_TO_ACCOUNT(AconnectURI.ACCOUNT_TO_ACCOUNT_TRANSACTION_URI), - GL_TO_ACCOUNT(AconnectURI.GL_TO_ACCOUNT_TRANSACTION_URI); + GL_TO_ACCOUNT(AconnectURI.GL_TO_ACCOUNT_TRANSACTION_URI), + + DEPOSIT_REJECTION(AconnectURI.DEPOSIT_TRANSACTION_REJECT_URI), + GL_REJECTION(AconnectURI.GENERALLEDGER_TRANSACTION_REJECT_URI), + + DEPOSIT_REVERSAL(AconnectURI.DEPOSIT_TRANSACTION_REVERSAL_URI), + GL_REVERSAL(AconnectURI.GENERALLEDGER_TRANSACTION_REVERSAL_URI), + + DEPOSIT_CANCELLATION(AconnectURI.DEPOSIT_CANCELLATION_URI), + GL_CANCELLATION(AconnectURI.GENERALLEDGER_CANCELLATION_URI), + + DEPOSIT_AUTHORIZATION(AconnectURI.DEPOSIT_AUTHORIZATION_URI), + GL_AUTHORIZATION(AconnectURI.GENERALLEDGER_AUTHORIZATION_URI); private final String code; diff --git a/aconnect/src/main/java/com/mfsys/aconnect/client/service/CancellationTransactionService.java b/aconnect/src/main/java/com/mfsys/aconnect/client/service/CancellationTransactionService.java index 60c7443..0fab668 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/client/service/CancellationTransactionService.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/client/service/CancellationTransactionService.java @@ -3,7 +3,9 @@ package com.mfsys.aconnect.client.service; import com.mfsys.aconnect.client.dto.DepositCancellationDTO; import com.mfsys.aconnect.client.dto.GLCancellationDTO; import com.mfsys.aconnect.client.exception.PreviousDayCancellationException; +import com.mfsys.aconnect.client.exception.TransactionNotAllowedException; import com.mfsys.aconnect.client.exception.TransactionNotFoundException; +import com.mfsys.aconnect.client.model.TransactionEndpoint; import com.mfsys.aconnect.client.model.TransactionLog; import com.mfsys.aconnect.client.repository.TransactionLogRepository; import com.mfsys.aconnect.configuration.config.WebClientConfig; @@ -27,12 +29,18 @@ public class CancellationTransactionService { private final WebClientConfig webClientConfig; private final TransactionLogRepository transactionLogRepository; - public CancellationTransactionService(WebClientConfig webClientConfig, TransactionLogRepository transactionLogRepository) { + private final TransactionPermissionService permissionService; + public CancellationTransactionService(WebClientConfig webClientConfig, TransactionLogRepository transactionLogRepository, + TransactionPermissionService permissionService) { this.webClientConfig = webClientConfig; this.transactionLogRepository = transactionLogRepository; + this.permissionService = permissionService; } public ResponseEntity processDepositCancellationTransaction(DepositCancellationDTO depositCancellationDTO, String tokenHeader) { + if (!permissionService.isAllowed(depositCancellationDTO.getSusUsercode(), TransactionEndpoint.DEPOSIT_CANCELLATION.getCode())) { + throw new TransactionNotAllowedException(depositCancellationDTO.getPorOrgacode()); + } String porOrgacode = depositCancellationDTO.getPorOrgacode(); // TransactionLog log = transactionLogRepository @@ -62,6 +70,9 @@ public class CancellationTransactionService { } public ResponseEntity processGLCancellationTransaction(GLCancellationDTO glCancellationDTO, String tokenHeader) { + if (!permissionService.isAllowed(glCancellationDTO.getSusUsercode(), TransactionEndpoint.GL_CANCELLATION.getCode())) { + throw new TransactionNotAllowedException(glCancellationDTO.getPorOrgacode()); + } String porOrgacode = glCancellationDTO.getPorOrgacode(); // TransactionLog log = transactionLogRepository diff --git a/aconnect/src/main/java/com/mfsys/aconnect/client/service/RejectTransactionService.java b/aconnect/src/main/java/com/mfsys/aconnect/client/service/RejectTransactionService.java index a18c71c..eca30a5 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/client/service/RejectTransactionService.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/client/service/RejectTransactionService.java @@ -1,6 +1,8 @@ package com.mfsys.aconnect.client.service; import com.mfsys.aconnect.client.dto.DepositRejectDTO; +import com.mfsys.aconnect.client.exception.TransactionNotAllowedException; +import com.mfsys.aconnect.client.model.TransactionEndpoint; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.*; import org.springframework.stereotype.Service; @@ -18,11 +20,16 @@ public class RejectTransactionService { private String generalledgerURI; private final WebClientConfig webClientConfig; - public RejectTransactionService(WebClientConfig webClientConfig) { + private final TransactionPermissionService permissionService; + public RejectTransactionService(WebClientConfig webClientConfig, TransactionPermissionService permissionService) { this.webClientConfig = webClientConfig; + this.permissionService = permissionService; } public ResponseEntity processDepositRejectionTransaction(DepositRejectDTO rejectRequest, String tokenHeader) { + if (!permissionService.isAllowed(rejectRequest.getSusUsercode(), TransactionEndpoint.DEPOSIT_REJECTION.getCode())) { + throw new TransactionNotAllowedException(rejectRequest.getPorOrgacode()); + } String porOrgacode = rejectRequest.getPorOrgacode(); String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions" + ACONNECT +"/rejection"; HttpHeaders headers = new HttpHeaders(); @@ -39,6 +46,9 @@ public class RejectTransactionService { } public ResponseEntity processGLRejectionTransaction(DepositRejectDTO rejectRequest, String tokenHeader) { + if (!permissionService.isAllowed(rejectRequest.getSusUsercode(), TransactionEndpoint.GL_REJECTION.getCode())) { + throw new TransactionNotAllowedException(rejectRequest.getPorOrgacode()); + } String porOrgacode = rejectRequest.getPorOrgacode(); String url = generalledgerURI + "/generalledger/" + "/organizations/" + porOrgacode + "/transactions" + ACONNECT +"/rejection"; HttpHeaders headers = new HttpHeaders(); diff --git a/aconnect/src/main/java/com/mfsys/aconnect/client/service/ReversalTransactionService.java b/aconnect/src/main/java/com/mfsys/aconnect/client/service/ReversalTransactionService.java index b4fc070..7968d00 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/client/service/ReversalTransactionService.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/client/service/ReversalTransactionService.java @@ -2,6 +2,8 @@ package com.mfsys.aconnect.client.service; import com.mfsys.aconnect.client.dto.DepositReversalDTO; import com.mfsys.aconnect.client.dto.GLReversalDTO; +import com.mfsys.aconnect.client.exception.TransactionNotAllowedException; +import com.mfsys.aconnect.client.model.TransactionEndpoint; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.*; import org.springframework.stereotype.Service; @@ -19,12 +21,17 @@ public class ReversalTransactionService { private String generalledgerURI; private final WebClientConfig webClientConfig; - public ReversalTransactionService(WebClientConfig webClientConfig) { + private final TransactionPermissionService permissionService; + public ReversalTransactionService(WebClientConfig webClientConfig, TransactionPermissionService permissionService) { this.webClientConfig = webClientConfig; + this.permissionService = permissionService; } public ResponseEntity processDepositReversalTransaction(DepositReversalDTO reversalRequest, String tokenHeader) { + if (!permissionService.isAllowed(reversalRequest.getSusUsercode(), TransactionEndpoint.DEPOSIT_REVERSAL.getCode())) { + throw new TransactionNotAllowedException(reversalRequest.getPorOrgacode()); + } String porOrgacode = reversalRequest.getPorOrgacode(); String nodeID = reversalRequest.getNodeId(); String sgtGntrtranlink = reversalRequest.getSgtGntrtranlink(); @@ -45,6 +52,9 @@ public class ReversalTransactionService { public ResponseEntity processGLReversalTransaction(GLReversalDTO reversalRequest, String tokenHeader) { + if (!permissionService.isAllowed(reversalRequest.getSusUsercode(), TransactionEndpoint.GL_REVERSAL.getCode())) { + throw new TransactionNotAllowedException(reversalRequest.getPorOrgacode()); + } String porOrgacode = reversalRequest.getPorOrgacode(); String nodeID = reversalRequest.getNodeId(); String sgtGntrtranlink = reversalRequest.getSgtGntrtranlink(); diff --git a/aconnect/src/main/java/com/mfsys/aconnect/client/service/TransactionAuthorizationService.java b/aconnect/src/main/java/com/mfsys/aconnect/client/service/TransactionAuthorizationService.java index a47d8c9..b59c994 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/client/service/TransactionAuthorizationService.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/client/service/TransactionAuthorizationService.java @@ -2,6 +2,8 @@ package com.mfsys.aconnect.client.service; import com.mfsys.aconnect.client.dto.DepositAuthorizationRequest; import com.mfsys.aconnect.client.dto.GLAuthorizationDTO; +import com.mfsys.aconnect.client.exception.TransactionNotAllowedException; +import com.mfsys.aconnect.client.model.TransactionEndpoint; import com.mfsys.aconnect.configuration.config.WebClientConfig; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.*; @@ -19,10 +21,16 @@ public class TransactionAuthorizationService { private String generalledgerURI; private final WebClientConfig webClientConfig; - public TransactionAuthorizationService(WebClientConfig webClientConfig) { - this.webClientConfig = webClientConfig;} + private final TransactionPermissionService permissionService; + public TransactionAuthorizationService(WebClientConfig webClientConfig, TransactionPermissionService permissionService) { + this.webClientConfig = webClientConfig; + this.permissionService = permissionService; + } public ResponseEntity processDepositAuthTransaction(DepositAuthorizationRequest authorizationRequest, String tokenHeader) { + if (!permissionService.isAllowed(authorizationRequest.getSusUsercode(), TransactionEndpoint.DEPOSIT_AUTHORIZATION.getCode())) { + throw new TransactionNotAllowedException(authorizationRequest.getPorOrgacode()); + } String porOrgacode = authorizationRequest.getPorOrgacode(); String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions" + ACONNECT + "/authorizations"; HttpHeaders headers = new HttpHeaders(); @@ -40,6 +48,9 @@ public class TransactionAuthorizationService { } public ResponseEntity processGLAuthTransaction(GLAuthorizationDTO authorizationRequest, String tokenHeader) { + if (!permissionService.isAllowed(authorizationRequest.getSusUsercode(), TransactionEndpoint.GL_AUTHORIZATION.getCode())) { + throw new TransactionNotAllowedException(authorizationRequest.getPorOrgacode()); + } String porOrgacode = authorizationRequest.getPorOrgacode(); String url = generalledgerURI + "/generalledger/" + "/organizations/" + porOrgacode + "/transactions/authorizations"; HttpHeaders headers = new HttpHeaders();