Merge pull request #20 from OpenLMIS/OLMIS-8065

OLMIS-8065: Added batch APIs needed for user import functionality

Author: druchniewicz

package-lock.json

@@ -32,6 +32,8 @@
 import static org.mockito.BDDMockito.willThrow;
 import static org.mockito.Mockito.doAnswer;
 import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
 import static org.openlmis.auth.i18n.MessageKeys.ERROR_NO_FOLLOWING_PERMISSION;
 import static org.openlmis.auth.i18n.MessageKeys.USER_NOT_FOUND;
 import static org.openlmis.auth.service.ExpirationTokenNotifier.TOKEN_VALIDITY_HOURS;
@@ -42,6 +44,10 @@
 import com.jayway.restassured.response.ValidatableResponse;
 import guru.nidi.ramltester.junit.RamlMatchers;
 import java.time.ZonedDateTime;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
 import java.util.UUID;
 import org.junit.Before;
 import org.junit.Test;
@@ -51,6 +57,7 @@
 import org.openlmis.auth.domain.PasswordResetToken;
 import org.openlmis.auth.domain.User;
 import org.openlmis.auth.dto.PasswordResetRequestDto;
+import org.openlmis.auth.dto.UserAuthDetailsResponseDto;
 import org.openlmis.auth.dto.UserDto;
 import org.openlmis.auth.dto.referencedata.UserMainDetailsDto;
 import org.openlmis.auth.exception.PermissionMessageException;
@@ -78,6 +85,7 @@
 public class UserControllerIntegrationTest extends BaseWebIntegrationTest {
 
   private static final String RESOURCE_URL = "/api/users/auth";
+  private static final String BATCH_RESOURCE_URL = RESOURCE_URL + "/batch";
   private static final String ID_URL = RESOURCE_URL + "/{id}";
   private static final String RESET_PASS_URL = RESOURCE_URL + "/passwordReset";
   private static final String FORGOT_PASS_URL = RESOURCE_URL + "/forgotPassword";
@@ -365,7 +373,93 @@ public void shouldNotCreatePasswordResetTokenWhenUserHasNoPermission() {
         .statusCode(403)
         .body(Fields.MESSAGE, equalTo(getMessage(ex.asMessage())));
   }
-  
+
+  @Test
+  public void shouldSaveUsers() {
+    UserDto user1 = new UserDto();
+    user1.setId(UUID.randomUUID());
+    user1.setUsername("john1");
+
+    UserDto user2 = new UserDto();
+    user2.setId(UUID.randomUUID());
+    user2.setUsername("john2");
+
+    when(userReferenceDataService.findOne(any())).thenReturn(new UserMainDetailsDto());
+
+    List<UserDto> requestBody = Arrays.asList(user1, user2);
+
+    UserAuthDetailsResponseDto response = startRequest(USER_TOKEN)
+        .header("Content-Type", "application/json")
+        .body(requestBody)
+        .given()
+        .post(BATCH_RESOURCE_URL)
+            .then()
+            .statusCode(200)
+            .extract()
+            .as(UserAuthDetailsResponseDto.class);
+
+    verify(permissionService).canManageUsers(any());
+    assertEquals(2, response.getSuccessfulResults().size());
+    assertEquals(0, response.getFailedResults().size());
+  }
+
+  @Test
+  public void shouldNotSaveUsersWithEmptyUsername() {
+    UserDto user1 = new UserDto();
+    user1.setId(UUID.randomUUID());
+    user1.setUsername("john3");
+    userRepository.save(User.newInstance(user1));
+
+    UserDto user2 = new UserDto();
+    user2.setId(UUID.randomUUID());
+    user2.setUsername("john4");
+    userRepository.save(User.newInstance(user2));
+
+    when(userReferenceDataService.findOne(any())).thenReturn(new UserMainDetailsDto());
+
+    User savedUser1 = userRepository.findOneByUsernameIgnoreCase("john3");
+    savedUser1.setUsername(null);
+    User savedUser2 = userRepository.findOneByUsernameIgnoreCase("john4");
+
+    List<UserDto> requestBody = Arrays.asList(convertToDto(savedUser1), convertToDto(savedUser2));
+
+    UserAuthDetailsResponseDto response = startRequest(USER_TOKEN)
+        .header("Content-Type", "application/json")
+        .body(requestBody)
+        .given()
+        .post(BATCH_RESOURCE_URL)
+          .then()
+          .statusCode(200)
+          .extract()
+          .as(UserAuthDetailsResponseDto.class);
+
+    verify(permissionService).canManageUsers(any());
+    assertEquals(1, response.getSuccessfulResults().size());
+    assertEquals(1, response.getFailedResults().size());
+  }
+
+  @Test
+  public void shouldDeleteAuthDetails() {
+    User userToCreate = new User();
+    userToCreate.setUsername("john");
+    User savedUser = userRepository.save(userToCreate);
+
+    User user = userRepository.findOneByUsernameIgnoreCase("john");
+    assertNotNull(user);
+
+    Set<UUID> idsToRemove = new HashSet<>();
+    idsToRemove.add(savedUser.getId());
+
+    startRequest(USER_TOKEN)
+        .header("Content-Type", "application/json")
+        .body(idsToRemove)
+        .given()
+        .delete(BATCH_RESOURCE_URL);
+
+    User userAfterRemoving = userRepository.findOneByUsernameIgnoreCase("john");
+    assertNull(userAfterRemoving);
+  }
+
   private ValidatableResponse passwordReset(String password, String token) {
     return passwordReset(DummyUserMainDetailsDto.USERNAME, password, token);
   }
@@ -443,4 +537,11 @@ private Object mockBindingResults(InvocationOnMock invocation) {
             + "be between 8 and 16.");
     return bindingResult;
   }
+
+  private UserDto convertToDto(User user) {
+    UserDto dto = new UserDto();
+    dto.setId(user.getId());
+    dto.setUsername(user.getUsername());
+    return dto;
+  }
 }

src/integration-test/java/org/openlmis/auth/web/UserControllerIntegrationTest.java

@@ -0,0 +1,29 @@
+/*
+ * This program is part of the OpenLMIS logistics management information system platform software.
+ * Copyright © 2017 VillageReach
+ *
+ * This program is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU Affero General Public License as published by the Free Software Foundation, either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
+ * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU Affero General Public License for more details. You should have received a copy of
+ * the GNU Affero General Public License along with this program. If not, see
+ * http://www.gnu.org/licenses.  For additional information contact info@OpenLMIS.org.
+ */
+
+package org.openlmis.auth.dto;
+
+import java.util.List;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@NoArgsConstructor
+@AllArgsConstructor
+@Getter
+public class SaveBatchResultDto<T> {
+  private List<T> successfulResults;
+  private List<T> failedResults;
+}

src/main/java/org/openlmis/auth/dto/SaveBatchResultDto.java

@@ -0,0 +1,55 @@
+/*
+ * This program is part of the OpenLMIS logistics management information system platform software.
+ * Copyright © 2017 VillageReach
+ *
+ * This program is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU Affero General Public License as published by the Free Software Foundation, either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
+ * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU Affero General Public License for more details. You should have received a copy of
+ * the GNU Affero General Public License along with this program. If not, see
+ * http://www.gnu.org/licenses.  For additional information contact info@OpenLMIS.org.
+ */
+
+package org.openlmis.auth.dto;
+
+import java.util.List;
+import java.util.UUID;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@NoArgsConstructor
+@AllArgsConstructor
+@Getter
+@Setter
+public class UserAuthDetailsResponseDto {
+  private List<UserAuthResponse> successfulResults;
+
+  private List<UserAuthResponse> failedResults;
+
+  @NoArgsConstructor
+  @AllArgsConstructor
+  @Getter
+  @Setter
+  public static class UserAuthResponse {
+    private UUID referenceDataUserId;
+  }
+
+  @NoArgsConstructor
+  @AllArgsConstructor
+  @Getter
+  @Setter
+  public static class FailedUserDetailsResponse extends UserAuthResponse {
+    private List<String> errors;
+
+    public FailedUserDetailsResponse(UUID referenceDataUserId, List<String> errors) {
+      super(referenceDataUserId);
+      this.errors = errors;
+    }
+  }
+}

src/main/java/org/openlmis/auth/dto/UserAuthDetailsResponseDto.java

@@ -83,6 +83,9 @@ public abstract class MessageKeys {
   public static final String ERROR_SIZE_NOT_POSITIVE =
        ERROR_PREFIX + ".pageable.size.notPositive";
 
+  public static final String ERROR_SAVING_BATCH_AUTH_DETAILS =
+      ERROR_PREFIX + ".save.batch.auth.details";
+
   private MessageKeys() {
     throw new UnsupportedOperationException();
   }

src/main/java/org/openlmis/auth/i18n/MessageKeys.java

@@ -15,13 +15,21 @@
 
 package org.openlmis.auth.repository;
 
+import java.util.Set;
 import java.util.UUID;
 import org.openlmis.auth.domain.User;
+import org.springframework.data.jpa.repository.Modifying;
+import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.CrudRepository;
 import org.springframework.data.repository.query.Param;
 
 public interface UserRepository extends CrudRepository<User, UUID> {
 
   User findOneByUsernameIgnoreCase(@Param("username") String username);
 
+  @Modifying
+  @Query(value = "DELETE FROM auth.auth_users au "
+      + "WHERE au.id IN (:userIds)",
+      nativeQuery = true)
+  void deleteByUserIds(@Param("userIds") Set<UUID> userIds);
 }

src/main/java/org/openlmis/auth/repository/UserRepository.java

@@ -15,19 +15,36 @@
 
 package org.openlmis.auth.service;
 
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
 import java.util.Optional;
+import java.util.Set;
+import java.util.UUID;
+import java.util.stream.Collectors;
 import org.openlmis.auth.domain.User;
+import org.openlmis.auth.dto.SaveBatchResultDto;
+import org.openlmis.auth.dto.UserAuthDetailsResponseDto;
 import org.openlmis.auth.dto.UserDto;
+import org.openlmis.auth.i18n.MessageKeys;
 import org.openlmis.auth.repository.UserRepository;
+import org.openlmis.auth.web.UserDtoValidator;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.support.DefaultMessageSourceResolvable;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.validation.BeanPropertyBindingResult;
+import org.springframework.validation.BindingResult;
 
 @Service
 public class UserService {
 
   @Autowired
   private UserRepository userRepository;
 
+  @Autowired
+  private UserDtoValidator userDtoValidator;
+
   /**
    * Creates a new user or updates an existing one.
    *
@@ -48,6 +65,51 @@ public UserDto saveUser(UserDto request) {
     return toDto(userRepository.save(savedUser));
   }
 
+  /**
+   * Saves auth user details.
+   *
+   * @param userDto user contact details object
+   * @return {@link SaveBatchResultDto} object with saving results
+   */
+  public SaveBatchResultDto<UserAuthDetailsResponseDto.UserAuthResponse> saveAuthUserDetails(
+      UserDto userDto) {
+    List<UserAuthDetailsResponseDto.UserAuthResponse> successfulResults = new ArrayList<>();
+    List<UserAuthDetailsResponseDto.UserAuthResponse> failedResults = new ArrayList<>();
+    try {
+      BindingResult bindingResult = new BeanPropertyBindingResult(userDto, "userDto");
+      userDtoValidator.validate(userDto, bindingResult);
+      List<String> errors;
+      if (bindingResult.hasErrors()) {
+        errors = bindingResult.getAllErrors().stream()
+            .map(DefaultMessageSourceResolvable::getDefaultMessage)
+            .collect(Collectors.toList());
+        failedResults.add(
+            new UserAuthDetailsResponseDto.FailedUserDetailsResponse(userDto.getId(), errors));
+      } else {
+        saveUser(userDto);
+        successfulResults.add(new UserAuthDetailsResponseDto.UserAuthResponse(userDto.getId()));
+      }
+    } catch (Exception ex) {
+      String errorMessage = String.format("%s: %s", MessageKeys.ERROR_SAVING_BATCH_AUTH_DETAILS,
+          ex.getMessage());
+      failedResults.add(new UserAuthDetailsResponseDto.FailedUserDetailsResponse(
+          userDto.getId(),
+          Collections.singletonList(errorMessage)));
+    }
+
+    return new SaveBatchResultDto<>(successfulResults, failedResults);
+  }
+
+  /**
+   * Deletes user auth details.
+   *
+   * @param userIds user ids for whom auth details will be removed
+   */
+  @Transactional
+  public void deleteByUserIds(Set<UUID> userIds) {
+    userRepository.deleteByUserIds(userIds);
+  }
+
   private UserDto toDto(User existing) {
     UserDto dto = new UserDto();
     existing.export(dto);