Merge pull request #576 from pagopa/CHK-4674-massive-iban

feat(iban-bulk): CHK-4674 massive iban

Author: infantesimone

openapi/openapi.json

@@ -7174,6 +7174,155 @@
         ]
       }
     },
+    "/creditor-institutions/{ci-code}/ibans/bulk": {
+      "parameters": [
+        {
+          "description": "This header identifies the call, if not passed it is self-generated. This ID is returned in the response.",
+          "in": "header",
+          "name": "X-Request-Id",
+          "schema": {
+            "type": "string"
+          }
+        }
+      ],
+      "post": {
+        "description": "Internal | External | Synchronous | Authorization | Authentication | TPS | Idempotency | Stateless | Read/Write Intense | Cacheable\n-|-|-|-|-|-|-|-|-|-\nY | N | Y | JWT | JWT | 1.0/sec | Y | Y |  | N\n",
+        "operationId": "bulkIbanOperations",
+        "parameters": [
+          {
+            "description": "Creditor institution code",
+            "in": "path",
+            "name": "ci-code",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/IbanBulkOperationRequest"
+              }
+            }
+          },
+          "required": true
+        },
+        "responses": {
+          "201": {
+            "description": "Created - Bulk operations completed successfully",
+            "headers": {
+              "X-Request-Id": {
+                "description": "This header identifies the call",
+                "schema": {
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "400": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ProblemJson"
+                }
+              }
+            },
+            "description": "Bad Request - Invalid data format, missing required fields",
+            "headers": {
+              "X-Request-Id": {
+                "description": "This header identifies the call",
+                "schema": {
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "401": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ProblemJson"
+                }
+              }
+            },
+            "description": "Unauthorized - Authentication credentials missing or invalid",
+            "headers": {
+              "X-Request-Id": {
+                "description": "This header identifies the call",
+                "schema": {
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "403": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ProblemJson"
+                }
+              }
+            },
+            "description": "Forbidden - User does not have permission to perform this operation",
+            "headers": {
+              "X-Request-Id": {
+                "description": "This header identifies the call",
+                "schema": {
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "404": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ProblemJson"
+                }
+              }
+            },
+            "description": "Not Found - Creditor institution code not found",
+            "headers": {
+              "X-Request-Id": {
+                "description": "This header identifies the call",
+                "schema": {
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "409": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ProblemJson"
+                }
+              }
+            },
+            "description": "Conflict - Creditor institution already associated with IBAN",
+            "headers": {
+              "X-Request-Id": {
+                "description": "This header identifies the call",
+                "schema": {
+                  "type": "string"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "JWT": []
+          }
+        ],
+        "summary": "Bulk IBAN operations (create, update, delete). Operations are atomic: all or nothing",
+        "tags": [
+          "Ibans"
+        ]
+      }
+    },
     "/creditor-institutions/{ci-code}/ibans/{iban-value}": {
       "delete": {
         "description": "Internal | External | Synchronous | Authorization | Authentication | TPS | Idempotency | Stateless | Read/Write Intense | Cacheable\n-|-|-|-|-|-|-|-|-|-\nY | N | Y | JWT | JWT | 1.0/sec | Y | Y |  | N\n",
@@ -14823,6 +14972,22 @@
           }
         }
       },
+      "IbanBulkOperationRequest": {
+        "required": [
+          "operations"
+        ],
+        "type": "object",
+        "properties": {
+          "operations": {
+            "maxItems": 500,
+            "minItems": 1,
+            "type": "array",
+            "items": {
+              "$ref": "#/components/schemas/IbanOperation"
+            }
+          }
+        }
+      },
       "IbanCreate": {
         "required": [
           "due_date",
@@ -14922,6 +15087,33 @@
         },
         "description": "The labels array associated with the IBAN"
       },
+      "IbanOperation": {
+        "required": [
+          "ibanValue",
+          "operation",
+          "validityDate"
+        ],
+        "type": "object",
+        "properties": {
+          "description": {
+            "type": "string"
+          },
+          "ibanValue": {
+            "type": "string"
+          },
+          "operation": {
+            "type": "string",
+            "enum": [
+              "CREATE",
+              "UPDATE",
+              "DELETE"
+            ]
+          },
+          "validityDate": {
+            "type": "string"
+          }
+        }
+      },
       "Ibans": {
         "required": [
           "ibans_enhanced"

src/main/java/it/pagopa/selfcare/pagopa/backoffice/audit/AuditLogger.java

@@ -0,0 +1,32 @@
+package it.pagopa.selfcare.pagopa.backoffice.audit;
+
+import org.slf4j.Logger;
+import org.springframework.stereotype.Component;
+
+@Component
+public class AuditLogger {
+
+    public void info(Logger logger, String format, Object... args) {
+        try (var audit = AuditScope.enable()) {
+            logger.info(format, args);
+        }
+    }
+
+    public void warn(Logger logger, String format, Object... args) {
+        try (var audit = AuditScope.enable()) {
+            logger.warn(format, args);
+        }
+    }
+
+    public void error(Logger logger, String format, Object... args) {
+        try (var audit = AuditScope.enable()) {
+            logger.error(format, args);
+        }
+    }
+
+    public void error(Logger logger, String message, Throwable throwable) {
+        try (var audit = AuditScope.enable()) {
+            logger.error(message, throwable);
+        }
+    }
+}

src/main/java/it/pagopa/selfcare/pagopa/backoffice/audit/AuditScope.java

@@ -0,0 +1,44 @@
+package it.pagopa.selfcare.pagopa.backoffice.audit;
+
+import org.slf4j.MDC;
+
+public final class AuditScope implements AutoCloseable {
+    private static final String MDC_AUDIT_KEY = "audit";
+    private static final String MDC_AUDIT_VALUE = "true";
+
+    private static final ThreadLocal<AuditState> AUDIT_STATE =
+            ThreadLocal.withInitial(AuditState::new);
+
+    private final AuditState state;
+    private final boolean isOwner;
+
+    private AuditScope(AuditState state, boolean isOwner) {
+        this.state = state;
+        this.isOwner = isOwner;
+    }
+
+    public static AuditScope enable() {
+        AuditState state = AUDIT_STATE.get();
+
+        if (state.depth++ == 0) {
+            MDC.put(MDC_AUDIT_KEY, MDC_AUDIT_VALUE);
+            return new AuditScope(state, true);
+        }
+
+        return new AuditScope(state, false);
+    }
+
+    @Override
+    public void close() {
+        if (--state.depth == 0) {
+            if (isOwner) {
+                MDC.remove(MDC_AUDIT_KEY);
+            }
+            AUDIT_STATE.remove();
+        }
+    }
+
+    private static final class AuditState {
+        int depth = 0;
+    }
+}

src/main/java/it/pagopa/selfcare/pagopa/backoffice/client/ApiConfigClient.java

@@ -35,13 +35,8 @@
 import org.springframework.http.MediaType;
 import org.springframework.retry.annotation.Backoff;
 import org.springframework.retry.annotation.Retryable;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.multipart.MultipartFile;
 
 import javax.validation.Valid;
 import javax.validation.constraints.Min;
@@ -305,6 +300,12 @@ void deleteCreditorInstitutionIbans(
             @PathVariable("ibanValue") String ibanValue
     );
 
+    @PostMapping(value = "/creditorinstitutions/ibans/csv",
+            consumes = MediaType.MULTIPART_FORM_DATA_VALUE,
+            produces = MediaType.APPLICATION_JSON_VALUE)
+    @Valid
+    void createCreditorInstitutionIbansBulk(@RequestPart("file") MultipartFile file);
+
     @GetMapping(value = "/brokers", produces = MediaType.APPLICATION_JSON_VALUE)
     @RequestLine("getBrokersEC")
     @Retryable(

src/main/java/it/pagopa/selfcare/pagopa/backoffice/controller/IbanController.java

@@ -10,6 +10,7 @@
 import io.swagger.v3.oas.annotations.tags.Tag;
 import it.pagopa.selfcare.pagopa.backoffice.model.ProblemJson;
 import it.pagopa.selfcare.pagopa.backoffice.model.iban.Iban;
+import it.pagopa.selfcare.pagopa.backoffice.model.iban.IbanBulkOperationRequest;
 import it.pagopa.selfcare.pagopa.backoffice.model.iban.IbanCreate;
 import it.pagopa.selfcare.pagopa.backoffice.model.iban.Ibans;
 import it.pagopa.selfcare.pagopa.backoffice.security.JwtSecurity;
@@ -21,6 +22,7 @@
 import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.*;
 
+import javax.validation.Valid;
 import javax.validation.constraints.NotNull;
 
 import static it.pagopa.selfcare.pagopa.backoffice.model.institutions.ProductRole.ADMIN;
@@ -87,4 +89,22 @@ public void deleteCreditorInstitutionIbans(@Parameter(description = "Creditor in
         ibanService.deleteIban(ciCode, ibanValue);
     }
 
+    @PostMapping(value = "/bulk", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
+    @ApiResponses(value = {
+            @ApiResponse(responseCode = "201", description = "Created - Bulk operations completed successfully"),
+            @ApiResponse(responseCode = "400", description = "Bad Request - Invalid data format, missing required fields", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, schema = @Schema(implementation = ProblemJson.class))),
+            @ApiResponse(responseCode = "401", description = "Unauthorized - Authentication credentials missing or invalid", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, schema = @Schema(implementation = ProblemJson.class))),
+            @ApiResponse(responseCode = "403", description = "Forbidden - User does not have permission to perform this operation", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, schema = @Schema(implementation = ProblemJson.class))),
+            @ApiResponse(responseCode = "404", description = "Not Found - Creditor institution code not found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, schema = @Schema(implementation = ProblemJson.class))),
+            @ApiResponse(responseCode = "409", description = "Conflict - Creditor institution already associated with IBAN", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, schema = @Schema(implementation = ProblemJson.class)))
+    })
+    @ResponseStatus(HttpStatus.CREATED)
+    @Operation(summary = "Bulk IBAN operations (create, update, delete). Operations are atomic: all or nothing", security = {@SecurityRequirement(name = "JWT")})
+    @OpenApiTableMetadata
+    @JwtSecurity(paramName = "ciCode", allowedProductRole = ADMIN)
+    public void bulkIbanOperations(
+            @Parameter(description = "Creditor institution code") @PathVariable("ci-code") String ciCode,
+            @RequestBody @Valid IbanBulkOperationRequest request) {
+        ibanService.processBulkIbanOperations(ciCode, request.getOperations());
+    }
 }

src/main/java/it/pagopa/selfcare/pagopa/backoffice/model/iban/IbanBulkOperationRequest.java

@@ -0,0 +1,27 @@
+package it.pagopa.selfcare.pagopa.backoffice.model.iban;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.Valid;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Size;
+import java.util.List;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class IbanBulkOperationRequest {
+
+    @JsonProperty("operations")
+    @NotNull(message = "Operations list cannot be null")
+    @NotEmpty(message = "Operations list cannot be empty")
+    @Size(min = 1, max = 500, message = "At least 1 and maximum 500 operations allowed per request")
+    @Valid
+    private List<IbanOperation> operations;
+}