From 7787311fe4fe46570df6129a9e467112858d4135 Mon Sep 17 00:00:00 2001 From: viktorKhan Date: Wed, 17 Jan 2024 23:14:06 +0100 Subject: [PATCH] [CONLUZ-43] Verified endpoint to disable a user --- .../user/disable/DisableUserController.java | 12 +++++- .../disable/DisableUserControllerTest.java | 40 ++++++++++++++++++- 2 files changed, 50 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/lucoenergia/conluz/infrastructure/admin/user/disable/DisableUserController.java b/src/main/java/org/lucoenergia/conluz/infrastructure/admin/user/disable/DisableUserController.java index 8fe4b40..6e5d398 100644 --- a/src/main/java/org/lucoenergia/conluz/infrastructure/admin/user/disable/DisableUserController.java +++ b/src/main/java/org/lucoenergia/conluz/infrastructure/admin/user/disable/DisableUserController.java @@ -33,7 +33,17 @@ public DisableUserController(DisableUserService service) { @PostMapping(path = "/users/{id}/disable") @Operation( summary = "Disables a user by ID", - description = "This endpoint is designed to disable a user within the system by specifying the user's unique identifier in the endpoint path. This operation requires proper authentication, through an authentication token, to ensure secure access. Upon a successful request, the server responds with an HTTP status code of 200, indicating that the user has been disabled. The endpoint provides an effective means to temporarily suspend user accounts or restrict access, crucial for security and user management purposes. In cases where the disablement encounters errors, the server returns an appropriate error status code along with a descriptive error message to guide clients in addressing and resolving the issue.", + description = """ + This endpoint is designed to disable a user within the system by specifying the user's unique identifier in the endpoint path. + + This operation requires proper authentication, through an authentication token, to ensure secure access. + + Upon a successful request, the server responds with an HTTP status code of 200, indicating that the user has been disabled. + + The endpoint provides an effective means to temporarily suspend user accounts or restrict access, crucial for security and user management purposes. + + In cases where the disablement encounters errors, the server returns an appropriate error status code along with a descriptive error message to guide clients in addressing and resolving the issue. + """, tags = ApiTag.USERS, operationId = "disableUser" ) diff --git a/src/test/java/org/lucoenergia/conluz/infrastructure/admin/user/disable/DisableUserControllerTest.java b/src/test/java/org/lucoenergia/conluz/infrastructure/admin/user/disable/DisableUserControllerTest.java index ffa119a..d374824 100644 --- a/src/test/java/org/lucoenergia/conluz/infrastructure/admin/user/disable/DisableUserControllerTest.java +++ b/src/test/java/org/lucoenergia/conluz/infrastructure/admin/user/disable/DisableUserControllerTest.java @@ -3,17 +3,22 @@ import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; import org.lucoenergia.conluz.domain.admin.user.User; +import org.lucoenergia.conluz.domain.admin.user.UserMother; import org.lucoenergia.conluz.domain.admin.user.create.CreateUserRepository; import org.lucoenergia.conluz.domain.admin.user.get.GetUserRepository; import org.lucoenergia.conluz.domain.shared.UserPersonalId; -import org.lucoenergia.conluz.domain.admin.user.UserMother; import org.lucoenergia.conluz.infrastructure.shared.BaseControllerTest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpHeaders; +import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.transaction.annotation.Transactional; +import java.util.UUID; + import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; +import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; @Transactional @@ -42,4 +47,37 @@ void testDisableUser() throws Exception { .andExpect(status().isOk()); Assertions.assertFalse(getUserRepository.findByPersonalId(UserPersonalId.of(user.getPersonalId())).get().isEnabled()); } + + @Test + void testWithUnknownUser() throws Exception { + + String authHeader = loginAsDefaultAdmin(); + + final String userId = UUID.randomUUID().toString(); + + mockMvc.perform(post("/api/v1/users/" + userId + "/disable") + .header(HttpHeaders.AUTHORIZATION, authHeader) + .contentType(MediaType.APPLICATION_JSON)) + .andDo(print()) + .andExpect(status().isBadRequest()) + .andExpect(jsonPath("$.timestamp").isNotEmpty()) + .andExpect(jsonPath("$.status").value(HttpStatus.BAD_REQUEST.value())) + .andExpect(jsonPath("$.message").isNotEmpty()) + .andExpect(jsonPath("$.traceId").isNotEmpty()); + } + + @Test + void testWithoutToken() throws Exception { + + final String userId = UUID.randomUUID().toString(); + + mockMvc.perform(post("/api/v1/users/" + userId + "/disable") + .contentType(MediaType.APPLICATION_JSON)) + .andDo(print()) + .andExpect(status().isUnauthorized()) + .andExpect(jsonPath("$.timestamp").isNotEmpty()) + .andExpect(jsonPath("$.status").value(HttpStatus.UNAUTHORIZED.value())) + .andExpect(jsonPath("$.message").isNotEmpty()) + .andExpect(jsonPath("$.traceId").isNotEmpty()); + } }