Skip to content

Commit

Permalink
Merge pull request #138 from virtualidentityag/VIC-2398_When_updating…
Browse files Browse the repository at this point in the history 
…_tenant_admin-tsys-release

fix: vic-2398 add validation on tenantId when creating agency admin
  • Loading branch information
@idrissnaji
idrissnaji authored Jan 23, 2023
2 parents e8d41b9 + 97f6646 commit 2dd7960
Show file tree
Hide file tree
Showing 4 changed files with 165 additions and 2 deletions.
3 changes: 2 additions & 1 deletion ...in/java/de/caritas/cob/userservice/api/admin/service/admin/create/CreateAdminService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,13 @@ public class CreateAdminService {
private final @NonNull AdminRepository adminRepository;

public Admin createNewAdmin(final CreateAgencyAdminDTO createAgencyAdminDTO) {
createAgencyAdminDTO.setTenantId(null);
assignCurrentTenantContext(createAgencyAdminDTO);
final String keycloakUserId = createKeycloakUser(createAgencyAdminDTO);
final String password = userHelper.getRandomPassword();
identityClient.updatePassword(keycloakUserId, password);
identityClient.updateRole(keycloakUserId, UserRole.RESTRICTED_AGENCY_ADMIN);
identityClient.updateRole(keycloakUserId, UserRole.USER_ADMIN);
assignCurrentTenantContext(createAgencyAdminDTO);

return adminRepository.save(buildAdmin(createAgencyAdminDTO, keycloakUserId));
}
Expand Down
7 changes: 7 additions & 0 deletions ...in/java/de/caritas/cob/userservice/api/admin/service/admin/update/UpdateAdminService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ public class UpdateAdminService {
public Admin updateAgencyAdmin(
final String adminId, final UpdateAgencyAdminDTO updateAgencyAdminDTO) {
final Admin admin = retrieveAdminService.findAgencyAdmin(adminId);
assertAdminHasTenantIdGreaterThanZero(admin);
final UserDTO userDTO = buildValidatedUserDTO(updateAgencyAdminDTO, admin);
this.identityClient.updateUserData(
admin.getId(),
Expand All @@ -33,6 +34,12 @@ public Admin updateAgencyAdmin(
return this.adminRepository.save(buildAdmin(updateAgencyAdminDTO, admin));
}

private void assertAdminHasTenantIdGreaterThanZero(Admin admin) {
if (admin.getTenantId() != null && admin.getTenantId() == 0) {
throw new IllegalArgumentException("Admin has tenant id 0");
}
}

private UserDTO buildValidatedUserDTO(
final UpdateAgencyAdminDTO updateAgencyAdminDTO, final Admin admin) {
UserDTO userDTO = new UserDTO();
Expand Down
60 changes: 59 additions & 1 deletion .../java/de/caritas/cob/userservice/api/admin/service/admin/create/CreateAdminServiceIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.notNullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.fail;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString;
Expand All @@ -16,20 +19,26 @@
import de.caritas.cob.userservice.api.UserServiceApplication;
import de.caritas.cob.userservice.api.adapters.keycloak.dto.KeycloakCreateUserResponseDTO;
import de.caritas.cob.userservice.api.adapters.web.dto.CreateAgencyAdminDTO;
import de.caritas.cob.userservice.api.adapters.web.dto.UserDTO;
import de.caritas.cob.userservice.api.exception.httpresponses.CustomValidationHttpStatusException;
import de.caritas.cob.userservice.api.model.Admin;
import de.caritas.cob.userservice.api.model.Admin.AdminType;
import de.caritas.cob.userservice.api.port.out.IdentityClient;
import de.caritas.cob.userservice.api.tenant.TenantContext;
import org.jeasy.random.EasyRandom;
import org.junit.Test;
import org.junit.jupiter.api.AfterEach;
import org.junit.runner.RunWith;
import org.mockito.ArgumentCaptor;
import org.mockito.Captor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase;
import org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase.Replace;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.util.ReflectionTestUtils;

@RunWith(SpringRunner.class)
@SpringBootTest(classes = UserServiceApplication.class)
Expand All @@ -42,11 +51,55 @@ public class CreateAdminServiceIT {

@Autowired private CreateAdminService createAdminService;
@MockBean private IdentityClient identityClient;
@Captor private ArgumentCaptor<UserDTO> userDTOArgumentCaptor;
private final EasyRandom easyRandom = new EasyRandom();

@AfterEach
public void afterTests() {
TenantContext.clear();
}

@Test
public void
createNewAdminAgency_Should_returnExpectedCreatedAdmin_When_inputDataIsCorrectAndMultitenancyDisabled() {
// given
ReflectionTestUtils.setField(createAdminService, "multiTenancyEnabled", false);
when(identityClient.createKeycloakUser(any(), anyString(), any()))
.thenReturn(easyRandom.nextObject(KeycloakCreateUserResponseDTO.class));
CreateAgencyAdminDTO createAgencyAdminDTO =
this.easyRandom.nextObject(CreateAgencyAdminDTO.class);
createAgencyAdminDTO.setUsername(VALID_USERNAME);
createAgencyAdminDTO.setEmail(VALID_EMAIL_ADDRESS);

// when
Admin admin = this.createAdminService.createNewAdmin(createAgencyAdminDTO);

// then
verify(identityClient)
.createKeycloakUser(userDTOArgumentCaptor.capture(), anyString(), anyString());
assertNull(userDTOArgumentCaptor.getValue().getTenantId());

verify(identityClient).updatePassword(anyString(), anyString());
verify(identityClient).updateRole(anyString(), eq(RESTRICTED_AGENCY_ADMIN));
verify(identityClient).updateRole(anyString(), eq(USER_ADMIN));

assertThat(admin, notNullValue());
assertThat(admin.getId(), notNullValue());
assertThat(admin.getType(), is(AdminType.AGENCY));
assertThat(admin.getUsername(), notNullValue());
assertThat(admin.getFirstName(), notNullValue());
assertThat(admin.getLastName(), notNullValue());
assertThat(admin.getEmail(), notNullValue());
assertThat(admin.getCreateDate(), notNullValue());
assertThat(admin.getUpdateDate(), notNullValue());
}

@Test
public void createNewAdminAgency_Should_returnExpectedCreatedAdmin_When_inputDataIsCorrect() {
public void
createNewAdminAgency_Should_returnExpectedCreatedAdmin_When_inputDataIsCorrectAndMultitenancyEnabled() {
// given
ReflectionTestUtils.setField(createAdminService, "multiTenancyEnabled", true);
TenantContext.setCurrentTenant(1L);
when(identityClient.createKeycloakUser(any(), anyString(), any()))
.thenReturn(easyRandom.nextObject(KeycloakCreateUserResponseDTO.class));
CreateAgencyAdminDTO createAgencyAdminDTO =
Expand All @@ -58,6 +111,11 @@ public void createNewAdminAgency_Should_returnExpectedCreatedAdmin_When_inputDat
Admin admin = this.createAdminService.createNewAdmin(createAgencyAdminDTO);

// then
verify(identityClient)
.createKeycloakUser(userDTOArgumentCaptor.capture(), anyString(), anyString());
assertNotNull(userDTOArgumentCaptor.getValue().getTenantId());
assertEquals(1L, (long) userDTOArgumentCaptor.getValue().getTenantId());

verify(identityClient).updatePassword(anyString(), anyString());
verify(identityClient).updateRole(anyString(), eq(RESTRICTED_AGENCY_ADMIN));
verify(identityClient).updateRole(anyString(), eq(USER_ADMIN));
Expand Down
97 changes: 97 additions & 0 deletions ...ava/de/caritas/cob/userservice/api/admin/service/admin/update/UpdateAdminServiceTest.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
package de.caritas.cob.userservice.api.admin.service.admin.update;

import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;

import de.caritas.cob.userservice.api.adapters.web.dto.UpdateAgencyAdminDTO;
import de.caritas.cob.userservice.api.adapters.web.dto.UserDTO;
import de.caritas.cob.userservice.api.admin.service.admin.search.RetrieveAdminService;
import de.caritas.cob.userservice.api.admin.service.consultant.validation.UserAccountInputValidator;
import de.caritas.cob.userservice.api.model.Admin;
import de.caritas.cob.userservice.api.port.out.AdminRepository;
import de.caritas.cob.userservice.api.port.out.IdentityClient;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.ArgumentCaptor;
import org.mockito.Captor;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;

@ExtendWith(MockitoExtension.class)
class UpdateAdminServiceTest {

@Mock private IdentityClient identityClient;
@Mock private UserAccountInputValidator userAccountInputValidator;
@Mock private AdminRepository adminRepository;
@Mock private RetrieveAdminService retrieveAdminService;
@Captor private ArgumentCaptor<UserDTO> userDTOCaptor;

private UpdateAdminService updateAdminService;

@BeforeEach
void setUp() {
updateAdminService =
new UpdateAdminService(
identityClient, userAccountInputValidator, adminRepository, retrieveAdminService);
}

@Test
void updateAgencyAdmin_Should_notUpdateAdmin_When_adminEntityHasTenantIdEqualZero() {
// given
Admin admin = mock(Admin.class);
when(admin.getTenantId()).thenReturn(0L);
when(retrieveAdminService.findAgencyAdmin(anyString())).thenReturn(admin);

// when, then
Exception exception =
assertThrows(
IllegalArgumentException.class,
() -> updateAdminService.updateAgencyAdmin("adminId", null));

assertEquals("Admin has tenant id 0", exception.getMessage());
verify(identityClient, never()).updateUserData(any(), any(), any(), any());
verify(adminRepository, never()).save(any());
}

@Test
void updateAgencyAdmin_Should_updateAdmin_When_adminEntityHasTenantIdNull() {
// given
UpdateAgencyAdminDTO updateAgencyAdminDTO = mock(UpdateAgencyAdminDTO.class);
Admin admin = mock(Admin.class);
when(admin.getTenantId()).thenReturn(null);
when(retrieveAdminService.findAgencyAdmin(anyString())).thenReturn(admin);

// when
updateAdminService.updateAgencyAdmin("adminId", updateAgencyAdminDTO);

// then
verify(identityClient).updateUserData(any(), userDTOCaptor.capture(), any(), any());
assertNull(userDTOCaptor.getValue().getTenantId());
verify(adminRepository).save(admin);
}

@Test
void updateAgencyAdmin_Should_updateAdmin_When_adminEntityHasTenantDifferentFromZero() {
// given
UpdateAgencyAdminDTO updateAgencyAdminDTO = mock(UpdateAgencyAdminDTO.class);
Admin admin = mock(Admin.class);
when(admin.getTenantId()).thenReturn(2L);
when(retrieveAdminService.findAgencyAdmin(anyString())).thenReturn(admin);

// when
updateAdminService.updateAgencyAdmin("adminId", updateAgencyAdminDTO);

// then
verify(identityClient).updateUserData(any(), userDTOCaptor.capture(), any(), any());
assertEquals(2, userDTOCaptor.getValue().getTenantId());
verify(adminRepository).save(admin);
}
}

0 comments on commit 2dd7960

Please sign in to comment.