From 1609b4eaebef5864a372d5b6b22bd3a0a9ba12c3 Mon Sep 17 00:00:00 2001
From: Martin Stockhammer <martin_s@apache.org>
Date: Tue, 4 Aug 2020 18:42:58 +0200
Subject: [PATCH] Updating and testing lock methods V2 REST user service

---
 .../rest/api/services/v2/UserService.java     | 22 ++++-
 .../rest/services/v2/DefaultUserService.java  | 52 ++++++++---
 .../services/v2/NativeUserServiceTest.java    | 86 ++++++++++++++++++-
 3 files changed, 142 insertions(+), 18 deletions(-)

diff --git a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
index 0af69195..87c2665a 100644
--- a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
+++ b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
@@ -173,16 +173,32 @@ public interface UserService
     @POST
     @Produces( { MediaType.APPLICATION_JSON } )
     @RedbackAuthorization( permissions = RedbackRoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION )
-    ActionStatus lockUser( @PathParam( "userId" ) String userId )
+    @io.swagger.v3.oas.annotations.Operation( summary = "Creates a user",
+        responses = {
+            @ApiResponse( responseCode = "200",
+                description = "If locking was successful"
+            ),
+            @ApiResponse( responseCode = "404", description = "User does not exist" ),
+        }
+    )
+    void lockUser( @PathParam( "userId" ) String userId )
         throws RedbackServiceException;
 
     /**
      */
     @Path( "{userId}/unlock" )
-    @GET
+    @POST
     @Produces( { MediaType.APPLICATION_JSON } )
     @RedbackAuthorization( permissions = RedbackRoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION )
-    ActionStatus unlockUser( @PathParam( "userId" ) String userId )
+    @io.swagger.v3.oas.annotations.Operation( summary = "Creates a user",
+        responses = {
+            @ApiResponse( responseCode = "200",
+                description = "If locking was successful"
+            ),
+            @ApiResponse( responseCode = "404", description = "User does not exist" ),
+        }
+    )
+    void unlockUser( @PathParam( "userId" ) String userId )
         throws RedbackServiceException;
 
 
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
index 8b90071d..c3da00f1 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
@@ -1035,31 +1035,55 @@ public class DefaultUserService
     }
 
     @Override
-    public ActionStatus unlockUser( String userId )
+    public void unlockUser( String userId )
         throws RedbackServiceException
     {
-        User user = getUser( userId );
-        if ( user != null )
+        try
         {
-            user.setLocked( false );
-            updateUser( user.getUserId(),  user );
-            return ActionStatus.SUCCESS;
+            org.apache.archiva.redback.users.User rawUser = userManager.findUser( userId, false );
+            if ( rawUser != null )
+            {
+                rawUser.setLocked( false );
+                userManager.updateUser( rawUser, false );
+            } else {
+                throw new RedbackServiceException( ErrorMessage.of( ERR_USER_NOT_FOUND, userId ), 404 );
+            }
         }
-        return ActionStatus.FAIL;
+        catch ( UserNotFoundException e )
+        {
+            throw new RedbackServiceException( ErrorMessage.of( ERR_USER_NOT_FOUND ), 404 );
+        }
+        catch ( UserManagerException e )
+        {
+            throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
+        }
+        httpServletResponse.setStatus( 200 );
     }
 
     @Override
-    public ActionStatus lockUser( String userId )
+    public void lockUser( String userId )
         throws RedbackServiceException
     {
-        User user = getUser( userId );
-        if ( user != null )
+        try
         {
-            user.setLocked( true );
-            updateUser( user.getUserId(), user );
-            return ActionStatus.SUCCESS;
+            org.apache.archiva.redback.users.User rawUser = userManager.findUser( userId, false );
+            if ( rawUser != null )
+            {
+                rawUser.setLocked( true );
+                userManager.updateUser( rawUser, false );
+            } else {
+                throw new RedbackServiceException( ErrorMessage.of( ERR_USER_NOT_FOUND, userId ), 404 );
+            }
         }
-        return ActionStatus.FAIL;
+        catch ( UserNotFoundException e )
+        {
+            throw new RedbackServiceException( ErrorMessage.of( ERR_USER_NOT_FOUND ), 404 );
+        }
+        catch ( UserManagerException e )
+        {
+            throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
+        }
+        httpServletResponse.setStatus( 200 );
     }
 
     @Override
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
index e2870c44..9289d3ef 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
@@ -380,7 +380,7 @@ public class NativeUserServiceTest extends AbstractNativeRestServices
     }
 
     @Test
-    void updateUserPasswordViolation() {
+    void updateUserWithPasswordViolation() {
         String token = getAdminToken( );
         Map<String, Object> jsonAsMap = new HashMap<>( );
         jsonAsMap.put( "user_id", "aragorn" );
@@ -415,4 +415,88 @@ public class NativeUserServiceTest extends AbstractNativeRestServices
         }
     }
 
+    @Test
+    void lockUser() {
+        String token = getAdminToken( );
+        Map<String, Object> jsonAsMap = new HashMap<>( );
+        jsonAsMap.put( "user_id", "aragorn" );
+        jsonAsMap.put( "email", "aragorn@lordoftherings.org" );
+        jsonAsMap.put( "fullName", "Aragorn King of Gondor" );
+        jsonAsMap.put( "locked", false );
+        jsonAsMap.put( "password", "pAssw0rD" );
+        given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+            .body( jsonAsMap )
+            .when( )
+            .post( )
+            .then( ).statusCode( 201 );
+        try
+        {
+            given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+                .post( "aragorn/lock" )
+                .then( ).statusCode( 200 );
+            Response response = given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+                .get( "aragorn" )
+                .then( ).statusCode( 200 ).extract( ).response( );
+            assertTrue( response.getBody( ).jsonPath( ).getBoolean( "locked" ) );
+        } finally
+        {
+            given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+                .delete( "aragorn" )
+                .then( ).statusCode( 200 );
+        }
+    }
+
+    @Test
+    void lockUnknownUser() {
+        String token = getAdminToken( );
+        given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+                .post( "aragorn/lock" )
+                .then( ).statusCode( 404 );
+    }
+
+    @Test
+    void unlockUser() {
+        String token = getAdminToken( );
+        Map<String, Object> jsonAsMap = new HashMap<>( );
+        jsonAsMap.put( "user_id", "aragorn" );
+        jsonAsMap.put( "email", "aragorn@lordoftherings.org" );
+        jsonAsMap.put( "fullName", "Aragorn King of Gondor" );
+        jsonAsMap.put( "locked", true );
+        jsonAsMap.put( "password", "pAssw0rD" );
+        given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+            .body( jsonAsMap )
+            .when( )
+            .post( )
+            .then( ).statusCode( 201 );
+        Response response = given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+            .get( "aragorn" )
+            .then( ).statusCode( 200 ).extract( ).response( );
+        assertTrue( response.getBody( ).jsonPath( ).getBoolean( "locked" ) );
+        try
+        {
+            given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+                .post( "aragorn/unlock" )
+                .then( ).statusCode( 200 );
+            response = given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+                .get( "aragorn" )
+                .then( ).statusCode( 200 ).extract( ).response( );
+            assertFalse( response.getBody( ).jsonPath( ).getBoolean( "locked" ) );
+        } finally
+        {
+            given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+                .delete( "aragorn" )
+                .then( ).statusCode( 200 );
+        }
+
+    }
+
+    @Test
+    void unlockUnknownUser() {
+        String token = getAdminToken( );
+        given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+            .post( "aragorn/unlock" )
+            .then( ).statusCode( 404 );
+    }
+
+
 }