feat: add POST /test endpoint for claim mapping rule evaluation

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-14 16:42:54 +02:00
parent 90ae1d6a14
commit f110169d54
1 changed files with 40 additions and 1 deletions
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ClaimMappingAdminController.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ClaimMappingAdminController.java
@@ -2,6 +2,7 @@ package com.cameleer3.server.app.controller;

 import com.cameleer3.server.core.rbac.ClaimMappingRepository;
 import com.cameleer3.server.core.rbac.ClaimMappingRule;
+import com.cameleer3.server.core.rbac.ClaimMappingService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.http.ResponseEntity;
@@ -10,6 +11,7 @@ import org.springframework.web.bind.annotation.*;

 import java.net.URI;
 import java.util.List;
+import java.util.Map;
 import java.util.UUID;

@RestController
@@ -19,9 +21,12 @@ import java.util.UUID;
 public class ClaimMappingAdminController {

    private final ClaimMappingRepository repository;
+    private final ClaimMappingService claimMappingService;

-    public ClaimMappingAdminController(ClaimMappingRepository repository) {
+    public ClaimMappingAdminController(ClaimMappingRepository repository,
+                                       ClaimMappingService claimMappingService) {
        this.repository = repository;
+        this.claimMappingService = claimMappingService;
    }

    @GetMapping
@@ -74,4 +79,38 @@ public class ClaimMappingAdminController {
        repository.delete(id);
        return ResponseEntity.noContent().build();
    }
+
+    record MatchedRuleResponse(UUID ruleId, int priority, String claim, String matchType,
+                               String matchValue, String action, String target) {}
+
+    record TestResponse(List<MatchedRuleResponse> matchedRules, List<String> effectiveRoles,
+                        List<String> effectiveGroups, boolean fallback) {}
+
+    @PostMapping("/test")
+    @Operation(summary = "Test claim mapping rules against a set of claims")
+    public TestResponse test(@RequestBody Map<String, Object> claims) {
+        List<ClaimMappingRule> rules = repository.findAll();
+        List<ClaimMappingService.MappingResult> results = claimMappingService.evaluate(rules, claims);
+
+        List<MatchedRuleResponse> matched = results.stream()
+                .map(r -> new MatchedRuleResponse(
+                        r.rule().id(), r.rule().priority(), r.rule().claim(),
+                        r.rule().matchType(), r.rule().matchValue(),
+                        r.rule().action(), r.rule().target()))
+                .toList();
+
+        List<String> effectiveRoles = results.stream()
+                .filter(r -> "assignRole".equals(r.rule().action()))
+                .map(r -> r.rule().target())
+                .distinct()
+                .toList();
+
+        List<String> effectiveGroups = results.stream()
+                .filter(r -> "addToGroup".equals(r.rule().action()))
+                .map(r -> r.rule().target())
+                .distinct()
+                .toList();
+
+        return new TestResponse(matched, effectiveRoles, effectiveGroups, results.isEmpty());
+    }
 }