[ADMINAPI-743] Claimset endpoint inconsistencies, fix to enable ODS/API v6 updates

Application/EdFi.Ods.AdminApi.DBTests/Database/QueryTests/GetAllClaimSetsQueryTests.cs → Application/EdFi.Ods.AdminApi.DBTests/ClaimSetEditorTests/GetAllClaimSetsQueryV53ServiceTests.cs

@@ -5,17 +5,19 @@
 
 using System;
 using System.Linq;
-using EdFi.Ods.AdminApi.Infrastructure.Database.Queries;
-using EdFi.Security.DataAccess.Models;
+using EdFi.Ods.AdminApi.Infrastructure.Services.ClaimSetEditor;
 using NUnit.Framework;
 using Shouldly;
 
-namespace EdFi.Ods.AdminApi.DBTests.Database.QueryTests;
+using ClaimSet = EdFi.SecurityCompatiblity53.DataAccess.Models.ClaimSet;
+using Application = EdFi.SecurityCompatiblity53.DataAccess.Models.Application;
+
+namespace EdFi.Ods.AdminApi.DBTests.ClaimSetEditorTests;
 
 [TestFixture]
-public class GetAllClaimSetsQueryTests : SecurityDataTestBase
+public class GetAllClaimSetsQueryV53ServiceTests : SecurityData53TestBase
 {
-    public GetAllClaimSetsQueryTests()
+    public GetAllClaimSetsQueryV53ServiceTests()
     {
         SeedSecurityContextOnFixtureSetup = true;
     }
@@ -35,7 +37,7 @@ public void Should_Retrieve_ClaimSetNames()
 
         var claimSetNames = Transaction<string[]>(securityContext =>
         {
-            var query = new GetAllClaimSetsQuery(securityContext);
+            var query = new GetAllClaimSetsQueryV53Service(securityContext);
             return query.Execute().Select(x => x.Name).ToArray();
         });
 

Application/EdFi.Ods.AdminApi.DBTests/ClaimSetEditorTests/GetAllClaimSetsQueryV6ServiceTests.cs

@@ -0,0 +1,80 @@
+// SPDX-License-Identifier: Apache-2.0
+// Licensed to the Ed-Fi Alliance under one or more agreements.
+// The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0.
+// See the LICENSE and NOTICES files in the project root for more information.
+
+using System;
+using System.Linq;
+using EdFi.Ods.AdminApi.Infrastructure.Services.ClaimSetEditor;
+using EdFi.Security.DataAccess.Models;
+using NUnit.Framework;
+using Shouldly;
+using ClaimSetModel = EdFi.Security.DataAccess.Models.ClaimSet;
+
+namespace EdFi.Ods.AdminApi.DBTests.ClaimSetEditorTests;
+
+[TestFixture]
+public class GetAllClaimSetsQueryV6ServiceTests : SecurityDataTestBase
+{
+    public GetAllClaimSetsQueryV6ServiceTests()
+    {
+        SeedSecurityContextOnFixtureSetup = true;
+    }
+
+    [Test]
+    public void Should_Retrieve_ClaimSetNames()
+    {
+        var application = new Application
+        {
+            ApplicationName = $"Test Application {DateTime.Now:O}"
+        };
+        Save(application);
+
+        var claimSet1 = GetClaimSet(application);
+        var claimSet2 = GetClaimSet(application);
+        Save(claimSet1, claimSet2);
+
+        var claimSetNames = Transaction<string[]>(securityContext =>
+        {
+            var query = new GetAllClaimSetsQueryV6Service(securityContext);
+            return query.Execute().Select(x => x.Name).ToArray();
+        });
+
+        claimSetNames.ShouldContain(claimSet1.ClaimSetName);
+        claimSetNames.ShouldContain(claimSet2.ClaimSetName);
+    }
+
+    [Test]
+    public void Should_Retrieve_EdfiPreset_ClaimSet()
+    {
+        var application = new Application
+        {
+            ApplicationName = $"Test Application {DateTime.Now:O}"
+        };
+        Save(application);
+
+        var claimSet1 = GetClaimSet(application, true);
+        var claimSet2 = GetClaimSet(application);
+        Save(claimSet1, claimSet2);
+
+        var claimSets = Transaction(securityContext =>
+        {
+            var query = new GetAllClaimSetsQueryV6Service(securityContext);
+            return query.Execute().ToArray();
+        });
+
+        var edfiPresetClaimSet = claimSets.Where( x=> x.Name.Equals(claimSet1.ClaimSetName) && x.IsEditable == false).ToList();
+        edfiPresetClaimSet.Count().ShouldBe(1);
+    }
+
+    private static int _claimSetId = 0;
+    private static ClaimSetModel GetClaimSet(Application application, bool IsEdfiPreset = false)
+    {
+        return new ClaimSetModel
+        {
+            Application = application,
+            ClaimSetName = $"Test Claim Set {_claimSetId++} - {DateTime.Now:O}",
+            IsEdfiPreset= IsEdfiPreset
+        };
+    }
+}

Application/EdFi.Ods.AdminApi/Features/ClaimSets/AddClaimSet.cs

@@ -8,6 +8,7 @@
 using EdFi.Ods.AdminApi.Infrastructure.ClaimSetEditor;
 using EdFi.Ods.AdminApi.Infrastructure.Database.Queries;
 using EdFi.Ods.AdminApi.Infrastructure.JsonContractResolvers;
+using EdFi.Ods.AdminApi.Infrastructure.Services.ClaimSetEditor;
 using FluentValidation;
 using Newtonsoft.Json;
 using Swashbuckle.AspNetCore.Annotations;

Application/EdFi.Ods.AdminApi/Features/ClaimSets/EditClaimSet.cs

@@ -9,6 +9,7 @@
 using EdFi.Ods.AdminApi.Infrastructure.Database.Queries;
 using EdFi.Ods.AdminApi.Infrastructure.ErrorHandling;
 using EdFi.Ods.AdminApi.Infrastructure.JsonContractResolvers;
+using EdFi.Ods.AdminApi.Infrastructure.Services.ClaimSetEditor;
 using FluentValidation;
 using FluentValidation.Results;
 using Newtonsoft.Json;

Application/EdFi.Ods.AdminApi/Features/ClaimSets/ReadClaimSets.cs

@@ -6,9 +6,9 @@
 using AutoMapper;
 using EdFi.Ods.AdminApi.Infrastructure;
 using EdFi.Ods.AdminApi.Infrastructure.ClaimSetEditor;
-using EdFi.Ods.AdminApi.Infrastructure.Database.Queries;
 using EdFi.Ods.AdminApi.Infrastructure.ErrorHandling;
 using EdFi.Ods.AdminApi.Infrastructure.JsonContractResolvers;
+using EdFi.Ods.AdminApi.Infrastructure.Services.ClaimSetEditor;
 using Newtonsoft.Json;
 
 namespace EdFi.Ods.AdminApi.Features.ClaimSets;
@@ -30,12 +30,11 @@ public void MapEndpoints(IEndpointRouteBuilder endpoints)
 
     internal Task<IResult> GetClaimSets(IGetAllClaimSetsQuery getClaimSetsQuery, IGetApplicationsByClaimSetIdQuery getApplications, IMapper mapper)
     {
-        var claimSets = getClaimSetsQuery.Execute().Where(x => !Constants.SystemReservedClaimSets.Contains(x.Name)).ToList();
+        var claimSets = getClaimSetsQuery.Execute().ToList();
         var model = mapper.Map<List<ClaimSetModel>>(claimSets);
         foreach (var claimSet in model)
         {
-            claimSet.ApplicationsCount = getApplications.ExecuteCount(claimSet.Id);
-            claimSet.IsSystemReserved = Constants.DefaultClaimSets.Contains(claimSet.Name);
+            claimSet.ApplicationsCount = getApplications.ExecuteCount(claimSet.Id);           
         }
         return Task.FromResult(AdminApiResponse<List<ClaimSetModel>>.Ok(model));
     }

Application/EdFi.Ods.AdminApi/Infrastructure/AutoMapper/AdminApiMappingProfile.cs

@@ -55,7 +55,8 @@ public AdminApiMappingProfile()
 
         CreateMap<ClaimSetEditor.ClaimSet, ClaimSetModel>()
             .ForMember(dst => dst.Id, opt => opt.MapFrom(src => src.Id))
-            .ForMember(dst => dst.Name, opt => opt.MapFrom(src => src.Name));
+            .ForMember(dst => dst.Name, opt => opt.MapFrom(src => src.Name))
+            .ForMember(dst => dst.IsSystemReserved, opt => opt.MapFrom(src => !src.IsEditable));
 
         CreateMap<ClaimSetEditor.ResourceClaim, ResourceClaimModel>()
             .ForMember(dst => dst.Name, opt => opt.MapFrom(src => src.Name))

Application/EdFi.Ods.AdminApi/Infrastructure/Services/ClaimSetEditor/GetAllClaimSetsQuery.cs

@@ -0,0 +1,41 @@
+// SPDX-License-Identifier: Apache-2.0
+// Licensed to the Ed-Fi Alliance under one or more agreements.
+// The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0.
+// See the LICENSE and NOTICES files in the project root for more information.
+
+using ClaimSet = EdFi.Ods.AdminApi.Infrastructure.ClaimSetEditor.ClaimSet;
+
+namespace EdFi.Ods.AdminApi.Infrastructure.Services.ClaimSetEditor;
+
+public interface IGetAllClaimSetsQuery
+{
+    IReadOnlyList<ClaimSet> Execute();
+}
+
+public class GetAllClaimSetsQuery : IGetAllClaimSetsQuery
+{
+    private readonly IOdsSecurityModelVersionResolver _resolver;
+    private readonly GetAllClaimSetsQueryV53Service _v53Service;
+    private readonly GetAllClaimSetsQueryV6Service _v6Service;
+
+    public GetAllClaimSetsQuery(IOdsSecurityModelVersionResolver resolver,
+        GetAllClaimSetsQueryV53Service v53Service,
+        GetAllClaimSetsQueryV6Service v6Service)
+    {
+        _resolver = resolver;
+        _v53Service = v53Service;
+        _v6Service = v6Service;
+    }
+
+    public IReadOnlyList<ClaimSet> Execute()
+    {
+        var securityModel = _resolver.DetermineSecurityModel();
+
+        return securityModel switch
+        {
+            EdFiOdsSecurityModelCompatibility.ThreeThroughFive or EdFiOdsSecurityModelCompatibility.FiveThreeCqe => _v53Service.Execute(),
+            EdFiOdsSecurityModelCompatibility.Six => _v6Service.Execute(),
+            _ => throw new EdFiOdsSecurityModelCompatibilityException(securityModel),
+        };        
+    }
+}

Application/EdFi.Ods.AdminApi.DBTests/ClaimSetEditorTests/GetAllClaimSets53Query.cs → Application/EdFi.Ods.AdminApi/Infrastructure/Services/ClaimSetEditor/GetAllClaimSetsQueryV53Service.cs

@@ -3,26 +3,16 @@
 // The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0.
 // See the LICENSE and NOTICES files in the project root for more information.
 
-using System.Collections.Generic;
-using System.Linq;
-using EdFi.Ods.AdminApi.Infrastructure.Database.Queries;
 using EdFi.SecurityCompatiblity53.DataAccess.Contexts;
 using ClaimSet = EdFi.Ods.AdminApi.Infrastructure.ClaimSetEditor.ClaimSet;
 
-namespace EdFi.Ods.AdminApi.DBTests.ClaimSetEditorTests;
+namespace EdFi.Ods.AdminApi.Infrastructure.Services.ClaimSetEditor;
 
-/// <summary>
-/// Compatibility copy of EdFi.Ods.AdminApi.Infrastructure.ClaimSetEditor.GetAllClaimSetsQuery
-///
-/// Since the projected ClaimSet does not include the new columns from v6.1, this query does not
-/// require multiple versions. However, in order to preserve consistent test results, we must
-/// construct dependent services using a query against the same database.
-/// </summary>
-internal class GetAllClaimSets53Query : IGetAllClaimSetsQuery
+public class GetAllClaimSetsQueryV53Service
 {
     private readonly ISecurityContext _securityContext;
 
-    public GetAllClaimSets53Query(ISecurityContext securityContext)
+    public GetAllClaimSetsQueryV53Service(ISecurityContext securityContext)
     {
         _securityContext = securityContext;
     }
@@ -33,11 +23,12 @@ public IReadOnlyList<ClaimSet> Execute()
             .Select(x => new ClaimSet
             {
                 Id = x.ClaimSetId,
-                Name = x.ClaimSetName
+                Name = x.ClaimSetName,
+                IsEditable = !Constants.DefaultClaimSets.Contains(x.ClaimSetName) &&
+                !Constants.SystemReservedClaimSets.Contains(x.ClaimSetName)
             })
             .Distinct()
             .OrderBy(x => x.Name)
             .ToList();
     }
 }
-

Application/EdFi.Ods.AdminApi/Infrastructure/Database/Queries/GetAllClaimSetsQuery.cs → Application/EdFi.Ods.AdminApi/Infrastructure/Services/ClaimSetEditor/GetAllClaimSetsQueryV6Service.cs

@@ -3,23 +3,17 @@
 // The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0.
 // See the LICENSE and NOTICES files in the project root for more information.
 
-using System.Collections.Generic;
-using System.Linq;
 using EdFi.Security.DataAccess.Contexts;
 using ClaimSet = EdFi.Ods.AdminApi.Infrastructure.ClaimSetEditor.ClaimSet;
 
-namespace EdFi.Ods.AdminApi.Infrastructure.Database.Queries;
+namespace EdFi.Ods.AdminApi.Infrastructure.Services.ClaimSetEditor;
 
-public interface IGetAllClaimSetsQuery
-{
-    IReadOnlyList<ClaimSet> Execute();
-}
 
-public class GetAllClaimSetsQuery : IGetAllClaimSetsQuery
+public class GetAllClaimSetsQueryV6Service
 {
     private readonly ISecurityContext _securityContext;
 
-    public GetAllClaimSetsQuery(ISecurityContext securityContext)
+    public GetAllClaimSetsQueryV6Service(ISecurityContext securityContext)
     {
         _securityContext = securityContext;
     }
@@ -30,7 +24,9 @@ public IReadOnlyList<ClaimSet> Execute()
             .Select(x => new ClaimSet
             {
                 Id = x.ClaimSetId,
-                Name = x.ClaimSetName
+                Name = x.ClaimSetName,
+                IsEditable = !x.ForApplicationUseOnly && !x.IsEdfiPreset &&
+                !Constants.SystemReservedClaimSets.Contains(x.ClaimSetName)
             })
             .Distinct()
             .OrderBy(x => x.Name)

Application/EdFi.Ods.AdminApi/Infrastructure/Services/ClaimSetEditor/GetResourcesByClaimSetIdQueryV6Service.cs

@@ -5,7 +5,6 @@
 
 using System.Data.Entity;
 using AutoMapper;
-using EdFi.Ods.AdminApi.Infrastructure.ClaimSetEditor.Extensions;
 using EdFi.Security.DataAccess.Contexts;
 using EdFi.Security.DataAccess.Models;
 using SecurityResourceClaim = EdFi.Security.DataAccess.Models.ResourceClaim;
@@ -156,30 +155,25 @@ void AddStrategyToParentResource(IEnumerable<SecurityAuthorizationStrategy>? def
                                        x.ResourceClaim.ResourceClaimId == resourceClaim.ParentResourceClaimId &&
                                        x.Action.ActionName == action.Value)?.AuthorizationStrategies.Select(x => x.AuthorizationStrategy);
 
-                            // SingleOrDefault means we could get a null back,
-                            // and the next line is written to assume we'll
-                            // never get a null. This needs to be refactored to
-                            // be more defensive.
-                            var mappedStrategies = defaultStrategies!.Select(x =>
+                            if (defaultStrategies != null)
                             {
-                                var value = _mapper.Map<AuthorizationStrategy>(x);
-                                if (value != null)
-                                    value.IsInheritedFromParent = true;
-                                return value;
-                            });
-
-                            actions.Add(new ClaimSetResourceClaimActionAuthStrategies()
-                            {
-                                AuthorizationStrategies = mappedStrategies.ToArray()
-                            });
+                                var mappedStrategies = defaultStrategies.Select(x =>
+                                {
+                                    var value = _mapper.Map<AuthorizationStrategy>(x);
+                                    if (value != null)
+                                        value.IsInheritedFromParent = true;
+                                    return value;
+                                });
+
+                                actions.Add(new ClaimSetResourceClaimActionAuthStrategies()
+                                {
+                                    AuthorizationStrategies = mappedStrategies.ToArray()
+                                });
+                            }
                         }
                         else
                         {
-                            var mappedStrategies = defaultStrategies!.Select(x =>
-                            {
-                                var value = _mapper.Map<AuthorizationStrategy>(x);
-                                return value;
-                            });
+                            var mappedStrategies = defaultStrategies.Select(x => _mapper.Map<AuthorizationStrategy>(x));                           
                             actions.Add(new ClaimSetResourceClaimActionAuthStrategies()
                             {
                                 AuthorizationStrategies = mappedStrategies.ToArray()