feat(frd-kpi): PPABV-98 add authorizer check for fdr kpi (#2675)

infantesimone · web-flow · commit ff82265ed6bc · 2024-12-20T13:02:22.000+01:00
* feat(frd-kpi): add authorizer check for fdr kpi

* feat: add new psps id as query param

* chore: check for brokerId

* chore: brokerFiscalCode as query param

* fix: update broker as query param

* fix: typo

* chore: check brokerFiscalCode as first
diff --git a/src/domains/qi-app/api/qi-fdr-kpi-api/v1/_base_policy.xml.tpl b/src/domains/qi-app/api/qi-fdr-kpi-api/v1/_base_policy.xml.tpl
@@ -1,6 +1,26 @@
 <policies>
     <inbound>
       <base />
+      <!-- Calling Authorizer's fragment START -->
+      <set-variable name="application_domain" value="qi" />
+      <set-variable name="authCheck" 
+              value="@((string)context.Request.Url.Query.GetValueOrDefault("brokerFiscalCode", "") != "" 
+                      ? context.Request.Url.Query.GetValueOrDefault("brokerFiscalCode", "") 
+                      : context.Request.Url.Query.GetValueOrDefault("pspId", ""))"/>
+
+      <choose>
+        <!-- Making sure that will excludes all APIs that does not includes CI fiscal code -->
+        <when condition="@(context.Variables.GetValueOrDefault("authCheck","") != "")">
+          <set-variable name="authorization_entity" value="@(context.Variables.GetValueOrDefault("authCheck",""))" />
+          <include-fragment fragment-id="authorizer" />
+        </when>
+        <otherwise>
+          <return-response>
+            <set-status code="403" reason="Unauthorized" />
+          </return-response>
+        </otherwise>
+      </choose>
+      <!-- Calling Authorizer's fragment END -->
       <set-backend-service base-url="https://${hostname}/pagopa-qi-fdr-kpi-service" />
     </inbound>
     <outbound>
diff --git a/src/domains/qi-app/api/qi-fdr-kpi-api/v1/_openapi.json.tpl b/src/domains/qi-app/api/qi-fdr-kpi-api/v1/_openapi.json.tpl
@@ -17,7 +17,7 @@
     }
   ],
   "paths": {
-    "/fdr-kpi/{kpiType}/{period}": {
+    "/fdr-kpi/{kpiType}": {
       "get": {
         "tags": [
           "qiFdr"
@@ -39,9 +39,18 @@
             },
             "description": "The type of KPI to calculate\n"
           },
+          {
+            "name": "brokerFiscalCode",
+            "in": "query",
+            "required": false,
+            "schema": {
+              "type": "string"
+            },
+            "description": "Broker fiscal code    \n"
+          },
           {
             "name": "period",
-            "in": "path",
+            "in": "query",
             "required": true,
             "schema": {
               "type": "string",
@@ -62,6 +71,14 @@
               "example": "2024-09"
             },
             "description": "For daily KPIs: Specify the full date (YYYY-MM-DD). Must be at least 10 days before current date.\nFor monthly KPIs: Specify year and month (YYYY-MM).\n"
+          },
+          {
+            "name": "pspId",
+            "in": "query",
+            "required": false,
+            "schema": {
+              "type": "string"
+            }
           }
         ],
         "responses": {
@@ -177,35 +194,6 @@
           }
         ]
       },
-      "PSPIdentifier": {
-        "type": "object",
-        "required": [
-          "idPsp"
-        ],
-        "properties": {
-          "idPsp": {
-            "type": "string",
-            "example": "CIPBITMM"
-          }
-        }
-      },
-      "BrokerIdentifier": {
-        "type": "object",
-        "required": [
-          "idBrokerPsp",
-          "idPsp"
-        ],
-        "properties": {
-          "idBrokerPsp": {
-            "type": "string",
-            "example": "02654890025"
-          },
-          "idPsp": {
-            "type": "string",
-            "example": "CIPBITMM"
-          }
-        }
-      },
       "DailyKPIBase": {
         "type": "object",
         "required": [
