Merge pull request #673 from Onlineberatung/OB-5394-validate-that-age…

…ncy-and-tenant-id-match Ob 5394 validate that agency and tenant id match
Onlineberatung · Sep 20, 2023 · 1b3f626 · 1b3f626
2 parents 551b83c + b544f13
commit 1b3f626
Show file tree

Hide file tree

Showing 3 changed files with 159 additions and 0 deletions.
diff --git a/...main/java/de/caritas/cob/userservice/api/adapters/web/controller/UserAdminController.java b/...main/java/de/caritas/cob/userservice/api/adapters/web/controller/UserAdminController.java
@@ -140,6 +140,7 @@ public ResponseEntity<Void> setConsultantAgencies(
       String consultantId, List<CreateConsultantAgencyDTO> agencyList) {
     var notFilteredAgencyList = new ArrayList<>(agencyList);
     consultantAdminFacade.checkPermissionsToAssignedAgencies(agencyList);
+    consultantAdminFacade.checkAssignedAgenciesMatchConsultantTenant(consultantId, agencyList);
     appointmentService.syncAgencies(consultantId, notFilteredAgencyList);
     var agencyIdsForDeletions =
         consultantAdminFacade.filterAgencyListForDeletion(consultantId, agencyList);

diff --git a/src/main/java/de/caritas/cob/userservice/api/admin/facade/ConsultantAdminFacade.java b/src/main/java/de/caritas/cob/userservice/api/admin/facade/ConsultantAdminFacade.java
@@ -23,18 +23,21 @@
 import de.caritas.cob.userservice.api.admin.service.consultant.ConsultantAdminService;
 import de.caritas.cob.userservice.api.admin.service.consultant.create.agencyrelation.ConsultantAgencyRelationCreatorService;
 import de.caritas.cob.userservice.api.admin.service.consultant.create.agencyrelation.CreateConsultantAgencyDTOInputAdapter;
+import de.caritas.cob.userservice.api.exception.httpresponses.BadRequestException;
 import de.caritas.cob.userservice.api.exception.httpresponses.ForbiddenException;
 import de.caritas.cob.userservice.api.helper.AuthenticatedUser;
 import de.caritas.cob.userservice.api.model.Consultant;
 import de.caritas.cob.userservice.api.model.ConsultantAgency;
 import de.caritas.cob.userservice.api.service.LogService;
+import de.caritas.cob.userservice.api.service.agency.AgencyService;
 import java.util.List;
 import java.util.function.Predicate;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 import lombok.NonNull;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 
 /** Facade to encapsulate admin functions for consultants. */
@@ -53,6 +56,11 @@ public class ConsultantAdminFacade {
 
   private final @NonNull AuthenticatedUser authenticatedUser;
 
+  private final @NonNull AgencyService agencyService;
+
+  @Value("${multitenancy.enabled}")
+  private boolean multiTenancyEnabled;
+
   /**
    * Finds a consultant by given consultant id.
    *
@@ -305,4 +313,48 @@ public void checkPermissionsToAssignedAgencies(List<CreateConsultantAgencyDTO> a
       }
     }
   }
+
+  public void checkAssignedAgenciesMatchConsultantTenant(
+      String consultantId, List<CreateConsultantAgencyDTO> agencyList) {
+
+    if (multiTenancyEnabled) {
+      ConsultantAdminResponseDTO consultantById =
+          consultantAdminService.findConsultantById(consultantId);
+      validateConsultantExistsAndHasTenantAssigned(consultantId, consultantById);
+      Long consultantTenantId = consultantById.getEmbedded().getTenantId().longValue();
+      checkAssignedAgenciesMatchConsultantTenant(agencyList, consultantTenantId);
+    }
+  }
+
+  private void checkAssignedAgenciesMatchConsultantTenant(
+      List<CreateConsultantAgencyDTO> agencyList, Long consultantTenantId) {
+    agencyList.stream()
+        .map(a -> agencyService.getAgency(a.getAgencyId()))
+        .map(a -> a.getTenantId())
+        .filter(agencyTenantId -> !agencyTenantId.equals(consultantTenantId))
+        .findAny()
+        .ifPresent(
+            agencyTenantId -> {
+              log.warn(
+                  "Tenant of the consultant does not match tenant of the agency. "
+                      + "Consultant tenant {}, agency tenant {}. Requested agencies to  update: {}",
+                  consultantTenantId,
+                  agencyTenantId,
+                  agencyList);
+              throw new BadRequestException(
+                  "Tenant of the consultant does not match tenant of the agency");
+            });
+  }
+
+  private void validateConsultantExistsAndHasTenantAssigned(
+      String consultantId, ConsultantAdminResponseDTO consultantById) {
+    if (consultantById == null || consultantById.getEmbedded() == null) {
+      log.warn("Consultant with id {} not found", consultantId);
+      throw new BadRequestException("Consultant not found");
+    }
+    if (consultantById.getEmbedded().getTenantId() == null) {
+      log.warn("Consultant has no tenant assigned ", consultantId);
+      throw new BadRequestException("Consultant has no tenant assigned");
+    }
+  }
 }
diff --git a/src/test/java/de/caritas/cob/userservice/api/admin/facade/ConsultantAdminFacadeTest.java b/src/test/java/de/caritas/cob/userservice/api/admin/facade/ConsultantAdminFacadeTest.java
@@ -5,11 +5,15 @@
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
 import com.google.common.collect.Lists;
+import de.caritas.cob.userservice.api.adapters.web.dto.AgencyDTO;
 import de.caritas.cob.userservice.api.adapters.web.dto.AgencyTypeDTO;
+import de.caritas.cob.userservice.api.adapters.web.dto.ConsultantAdminResponseDTO;
+import de.caritas.cob.userservice.api.adapters.web.dto.ConsultantDTO;
 import de.caritas.cob.userservice.api.adapters.web.dto.ConsultantFilter;
 import de.caritas.cob.userservice.api.adapters.web.dto.CreateConsultantAgencyDTO;
 import de.caritas.cob.userservice.api.adapters.web.dto.Sort;
@@ -18,18 +22,25 @@
 import de.caritas.cob.userservice.api.admin.service.consultant.ConsultantAdminFilterService;
 import de.caritas.cob.userservice.api.admin.service.consultant.ConsultantAdminService;
 import de.caritas.cob.userservice.api.admin.service.consultant.create.agencyrelation.ConsultantAgencyRelationCreatorService;
+import de.caritas.cob.userservice.api.exception.httpresponses.BadRequestException;
 import de.caritas.cob.userservice.api.exception.httpresponses.ForbiddenException;
 import de.caritas.cob.userservice.api.helper.AuthenticatedUser;
+import de.caritas.cob.userservice.api.service.agency.AgencyService;
 import java.util.ArrayList;
+import java.util.List;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
+import org.mockito.Mockito;
 import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.test.util.ReflectionTestUtils;
 
 @ExtendWith(MockitoExtension.class)
 class ConsultantAdminFacadeTest {
 
+  public static final Long AGENCY_ID_1 = 1L;
+  public static final Long AGENCY_ID_2 = 2L;
   @InjectMocks private ConsultantAdminFacade consultantAdminFacade;
 
   @Mock private ConsultantAdminService consultantAdminService;
@@ -44,6 +55,8 @@ class ConsultantAdminFacadeTest {
 
   @Mock private AdminUserFacade adminUserFacade;
 
+  @Mock private AgencyService agencyService;
+
   @Test
   void findConsultant_Should_useConsultantAdminService() {
     this.consultantAdminFacade.findConsultant("");
@@ -165,4 +178,97 @@ void checkPermissionsToUpdateAgencies_Should_PassIfUserDoesntHaveRestrictedPermi
         ForbiddenException.class,
         () -> consultantAdminFacade.checkPermissionsToAssignedAgencies(agencyList));
   }
+
+  @Test
+  void
+      checkAssignedAgenciesMatchConsultantTenant_Should_Throw_BadRequestException_When_TenantDoesNotMatch() {
+    // given
+    ReflectionTestUtils.setField(consultantAdminFacade, "multiTenancyEnabled", true);
+    ConsultantAdminResponseDTO consultant =
+        new ConsultantAdminResponseDTO().embedded(new ConsultantDTO());
+    consultant.getEmbedded().setTenantId(1);
+
+    when(consultantAdminService.findConsultantById("consultantId")).thenReturn(consultant);
+
+    List<CreateConsultantAgencyDTO> agencyList = new ArrayList<>();
+    CreateConsultantAgencyDTO agency1 = new CreateConsultantAgencyDTO();
+    agency1.setAgencyId(AGENCY_ID_1);
+    agencyList.add(agency1);
+
+    CreateConsultantAgencyDTO agency2 = new CreateConsultantAgencyDTO();
+    agency2.setAgencyId(AGENCY_ID_2);
+    agencyList.add(agency2);
+
+    when(agencyService.getAgency(AGENCY_ID_1)).thenReturn(createAgencyWithTenant(1L));
+    when(agencyService.getAgency(AGENCY_ID_2)).thenReturn(createAgencyWithTenant(2L));
+
+    // when, then
+    assertThrows(
+        BadRequestException.class,
+        () -> {
+          consultantAdminFacade.checkAssignedAgenciesMatchConsultantTenant(
+              "consultantId", agencyList);
+        });
+
+    ReflectionTestUtils.setField(consultantAdminFacade, "multiTenancyEnabled", false);
+  }
+
+  @Test
+  void checkAssignedAgenciesMatchConsultantTenant_Should_PassCheck_When_TenantMatches() {
+    // given
+    ReflectionTestUtils.setField(consultantAdminFacade, "multiTenancyEnabled", true);
+    ConsultantAdminResponseDTO consultant =
+        new ConsultantAdminResponseDTO().embedded(new ConsultantDTO());
+    consultant.getEmbedded().setTenantId(1);
+
+    when(consultantAdminService.findConsultantById("consultantId")).thenReturn(consultant);
+
+    List<CreateConsultantAgencyDTO> agencyList = new ArrayList<>();
+    CreateConsultantAgencyDTO agency1 = new CreateConsultantAgencyDTO();
+    agency1.setAgencyId(AGENCY_ID_1);
+    agencyList.add(agency1);
+
+    CreateConsultantAgencyDTO agency2 = new CreateConsultantAgencyDTO();
+    agency2.setAgencyId(AGENCY_ID_2);
+    agencyList.add(agency2);
+
+    when(agencyService.getAgency(AGENCY_ID_1)).thenReturn(createAgencyWithTenant(1L));
+    when(agencyService.getAgency(AGENCY_ID_2)).thenReturn(createAgencyWithTenant(1L));
+
+    // when
+    consultantAdminFacade.checkAssignedAgenciesMatchConsultantTenant("consultantId", agencyList);
+
+    // then
+    Mockito.verify(agencyService, times(2)).getAgency(any());
+
+    // tear down
+    ReflectionTestUtils.setField(consultantAdminFacade, "multiTenancyEnabled", false);
+  }
+
+  @Test
+  void checkAssignedAgenciesMatchConsultantTenant_Should_PassCheck_When_MultitenancyIsDisabled() {
+    // given
+    ReflectionTestUtils.setField(consultantAdminFacade, "multiTenancyEnabled", false);
+
+    List<CreateConsultantAgencyDTO> agencyList = new ArrayList<>();
+    CreateConsultantAgencyDTO agency1 = new CreateConsultantAgencyDTO();
+    agency1.setAgencyId(AGENCY_ID_1);
+    agencyList.add(agency1);
+
+    CreateConsultantAgencyDTO agency2 = new CreateConsultantAgencyDTO();
+    agency2.setAgencyId(AGENCY_ID_2);
+    agencyList.add(agency2);
+
+    // when
+    consultantAdminFacade.checkAssignedAgenciesMatchConsultantTenant("consultantId", agencyList);
+
+    // then
+    Mockito.verifyNoInteractions(agencyService);
+  }
+
+  private AgencyDTO createAgencyWithTenant(Long tenantId) {
+    AgencyDTO agency = new AgencyDTO();
+    agency.setTenantId(tenantId);
+    return agency;
+  }
 }