Merge pull request #291 from hmcts/RDCC-2390

RDCC-2390: Delete API - Delete Users by Email Pattern or User ID

charts/rd-caseworker-ref-api/Chart.yaml

@@ -3,7 +3,7 @@ appVersion: "1.0"
 description: A Helm chart for rd-caseworker-ref-api
 name: rd-caseworker-ref-api
 home: https://github.com/hmcts/rd-caseworker-ref-api
-version: 0.0.15
+version: 0.0.16
 maintainers:
   - name: Reference Data Team
 dependencies:

charts/rd-caseworker-ref-api/values.preview.template.yaml

@@ -13,6 +13,7 @@ java:
     CWRD_MQ_TRUST_ALL_CERTS: false
     CWRD_DATA_PER_MESSAGE: 50
     LAUNCH_DARKLY_ENV: "preview"
+    ENVIRONMENT_NAME: "preview"
   postgresql:
     enabled: true
     postgresqlUsername: dbrdcaseworker

charts/rd-caseworker-ref-api/values.yaml

@@ -15,6 +15,7 @@ java:
     CWRD_MQ_TRUST_ALL_CERTS: false
     CWRD_DATA_PER_MESSAGE: 50
     LAUNCH_DARKLY_ENV: "{{ .Values.global.environment }}"
+    ENVIRONMENT_NAME: "{{ .Values.global.environment }}"
     IDAM_URL: https://idam-api.{{ .Values.global.environment }}.platform.hmcts.net
     USER_PROFILE_URL: http://rd-user-profile-api-{{ .Values.global.environment }}.service.core-compute-{{ .Values.global.environment }}.internal
     OIDC_ISSUER_URL: https://forgerock-am.service.core-compute-idam-{{ .Values.global.environment }}.internal:8443/openam/oauth2/hmcts

src/contractTest/java/uk/gov/hmcts/reform/cwrdapi/FetchCaseworkersByIdProviderTest.java

@@ -75,7 +75,7 @@ void beforeCreate(PactVerificationContext context) {
         MockMvcTestTarget testTarget = new MockMvcTestTarget();
         testTarget.setControllers(
                 new CaseWorkerRefUsersController(
-                        "RD-Caseworker-Ref-Api", caseWorkerServiceImpl));
+                        "RD-Caseworker-Ref-Api", "preview", caseWorkerServiceImpl));
         if (context != null) {
             context.setTarget(testTarget);
         }

src/functionalTest/java/uk/gov/hmcts/reform/cwrdapi/AuthorizationFunctionalTest.java

@@ -160,4 +160,4 @@ public UserProfileResponse getUserProfileFromUp(String email) {
                 "/v1/userprofile/roles?email=" + email, UserProfileResponse.class, baseUrlUserProfile);
     }
 
-}
+}

src/functionalTest/java/uk/gov/hmcts/reform/cwrdapi/CaseWorkerRefFunctionalTest.java

@@ -37,9 +37,12 @@
 
 import static java.lang.String.format;
 import static org.apache.commons.collections.CollectionUtils.isEmpty;
+import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
+import static org.springframework.http.HttpStatus.FORBIDDEN;
+import static org.springframework.http.HttpStatus.NO_CONTENT;
 import static org.springframework.util.ResourceUtils.getFile;
 import static uk.gov.hmcts.reform.cwrdapi.util.CaseWorkerConstants.IDAM_ROLE_MAPPINGS_SUCCESS;
 import static uk.gov.hmcts.reform.cwrdapi.util.CaseWorkerConstants.RECORDS_UPLOADED;
@@ -58,8 +61,10 @@ public class CaseWorkerRefFunctionalTest extends AuthorizationFunctionalTest {
 
     public static final String CREATE_CASEWORKER_PROFILE = "CaseWorkerRefUsersController.createCaseWorkerProfiles";
     public static final String FETCH_BY_CASEWORKER_ID = "CaseWorkerRefUsersController.fetchCaseworkersById";
-    public static List<String> caseWorkerIds = new ArrayList<>();
     public static final String CASEWORKER_FILE_UPLOAD = "CaseWorkerRefController.caseWorkerFileUpload";
+    public static final String DELETE_CASEWORKER_BY_ID_OR_EMAILPATTERN =
+            "CaseWorkerRefUsersController.deleteCaseWorkerProfileByIdOrEmailPattern";
+    public static List<String> caseWorkerIds = new ArrayList<>();
 
     @Test
     @ToggleEnable(mapKey = CREATE_CASEWORKER_PROFILE, withFeature = true)
@@ -161,7 +166,7 @@ public void should_retrieve_403_when_Api_toggled_off() {
     }
 
     @Test
-    // this test verifies User profile are fetched from CWR when id matched what given in request rest should be ignored
+    //this test verifies User profile are fetched from CWR when id matched what given in request rest should be ignored
     @ToggleEnable(mapKey = FETCH_BY_CASEWORKER_ID, withFeature = true)
     public void shouldGetOnlyFewCaseWorkerDetails() {
         if (isEmpty(caseWorkerIds)) {
@@ -315,6 +320,76 @@ public void shouldReturn403WhenUploadFileApiToggledOff() throws IOException {
                 TYPE_XLSX, ROLE_CWD_ADMIN);
     }
 
+    @Test
+    @ToggleEnable(mapKey = DELETE_CASEWORKER_BY_ID_OR_EMAILPATTERN, withFeature = true)
+    //this test verifies that a User Profile is deleted by ID
+    public void deleteCaseworkerById() {
+        List<CaseWorkersProfileCreationRequest> caseWorkersProfileCreationRequests =
+                caseWorkerApiClient.createCaseWorkerProfiles();
+
+        // create user
+        Response createResponse = caseWorkerApiClient.createUserProfiles(caseWorkersProfileCreationRequests);
+
+        CaseWorkerProfileCreationResponse caseWorkerProfileCreationResponse =
+                createResponse.getBody().as(CaseWorkerProfileCreationResponse.class);
+
+        List<String> caseWorkerIds = caseWorkerProfileCreationResponse.getCaseWorkerIds();
+        assertEquals(caseWorkersProfileCreationRequests.size(), caseWorkerIds.size());
+
+        //delete user
+        caseWorkerApiClient.deleteCaseworkerByIdOrEmailPattern(
+                "/refdata/case-worker/users?userId=" + caseWorkerIds.get(0), NO_CONTENT);
+
+        //search for deleted user
+        Response fetchResponse = caseWorkerApiClient.getMultipleAuthHeadersInternal(ROLE_CWD_SYSTEM_USER)
+                .body(UserRequest.builder().userIds(caseWorkerIds).build())
+                .post("/refdata/case-worker/users/fetchUsersById/")
+                .andReturn();
+
+        //assert that delete user is not found
+        assertThat(fetchResponse.getStatusCode()).isEqualTo(404);
+    }
+
+    @Test
+    @ToggleEnable(mapKey = DELETE_CASEWORKER_BY_ID_OR_EMAILPATTERN, withFeature = true)
+    //this test verifies that a User Profile is deleted by Email Pattern
+    public void deleteCaseworkerByEmailPattern() {
+        String emailPattern = "deleteTest1234";
+        String email = format(EMAIL_TEMPLATE, randomAlphanumeric(10) + emailPattern).toLowerCase();
+
+        List<CaseWorkersProfileCreationRequest> caseWorkersProfileCreationRequests =
+                caseWorkerApiClient.createCaseWorkerProfiles(email);
+
+        // create user with email pattern
+        Response createResponse = caseWorkerApiClient.createUserProfiles(caseWorkersProfileCreationRequests);
+
+        CaseWorkerProfileCreationResponse caseWorkerProfileCreationResponse =
+                createResponse.getBody().as(CaseWorkerProfileCreationResponse.class);
+
+        List<String> caseWorkerIds = caseWorkerProfileCreationResponse.getCaseWorkerIds();
+        assertEquals(caseWorkersProfileCreationRequests.size(), caseWorkerIds.size());
+
+        //delete user by email pattern
+        caseWorkerApiClient.deleteCaseworkerByIdOrEmailPattern(
+                "/refdata/case-worker/users?emailPattern=" + emailPattern, NO_CONTENT);
+
+        //search for deleted user
+        Response fetchResponse = caseWorkerApiClient.getMultipleAuthHeadersInternal(ROLE_CWD_SYSTEM_USER)
+                .body(UserRequest.builder().userIds(caseWorkerIds).build())
+                .post("/refdata/case-worker/users/fetchUsersById/")
+                .andReturn();
+
+        //assert that delete user is not found
+        assertThat(fetchResponse.getStatusCode()).isEqualTo(404);
+    }
+
+    @Test
+    @ToggleEnable(mapKey = DELETE_CASEWORKER_BY_ID_OR_EMAILPATTERN, withFeature = false)
+    public void deleteCaseworkerReturns403WhenToggledOff() {
+        caseWorkerApiClient.deleteCaseworkerByIdOrEmailPattern(
+                "/refdata/case-worker/users?emailPattern=ForbiddenException", FORBIDDEN);
+    }
+
     private ExtractableResponse<Response> uploadCaseWorkerFile(String filePath,
                                                                int statusCode,
                                                                String messageBody,

src/functionalTest/java/uk/gov/hmcts/reform/cwrdapi/client/CaseWorkerApiClient.java

@@ -5,6 +5,7 @@
 import io.restassured.specification.RequestSpecification;
 import lombok.extern.slf4j.Slf4j;
 import net.serenitybdd.rest.SerenityRest;
+import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.stereotype.Component;
 import uk.gov.hmcts.reform.cwrdapi.controllers.request.CaseWorkerLocationRequest;
@@ -182,4 +183,18 @@ public Response createUserProfiles(List<CaseWorkersProfileCreationRequest> caseW
 
         return response;
     }
+
+    public Response deleteCaseworkerByIdOrEmailPattern(String path, HttpStatus statusCode) {
+        Response response = getMultipleAuthHeadersInternal()
+                .delete(path)
+                .andReturn();
+
+        log.info(":: delete user profile response status code :: " + response.statusCode());
+
+        response.then()
+                .assertThat()
+                .statusCode(statusCode.value());
+
+        return response;
+    }
 }

src/integrationTest/java/uk/gov/hmcts/reform/cwrdapi/DeleteCaseWorkerProfilesIntegrationTest.java

@@ -0,0 +1,127 @@
+package uk.gov.hmcts.reform.cwrdapi;
+
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
+import org.junit.Before;
+import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import uk.gov.hmcts.reform.cwrdapi.controllers.request.CaseWorkerLocationRequest;
+import uk.gov.hmcts.reform.cwrdapi.controllers.request.CaseWorkerRoleRequest;
+import uk.gov.hmcts.reform.cwrdapi.controllers.request.CaseWorkerWorkAreaRequest;
+import uk.gov.hmcts.reform.cwrdapi.controllers.request.CaseWorkersProfileCreationRequest;
+import uk.gov.hmcts.reform.cwrdapi.domain.CaseWorkerProfile;
+import uk.gov.hmcts.reform.cwrdapi.repository.CaseWorkerProfileRepository;
+import uk.gov.hmcts.reform.cwrdapi.util.AuthorizationEnabledIntegrationTest;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.Set;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class DeleteCaseWorkerProfilesIntegrationTest extends AuthorizationEnabledIntegrationTest {
+
+    List<CaseWorkersProfileCreationRequest> caseWorkersProfileCreationRequests;
+
+    @Autowired
+    CaseWorkerProfileRepository caseWorkerProfileRepository;
+
+    @Before
+    public void setUp() {
+
+        super.setUpClient();
+
+        //Set up Case worker data
+        Set<String> roles = ImmutableSet.of(" tribunal_case_worker ");
+        List<CaseWorkerRoleRequest> caseWorkerRoleRequests =
+                ImmutableList.of(CaseWorkerRoleRequest.caseWorkerRoleRequest()
+                        .role(" role ").isPrimaryFlag(true).build());
+
+        List<CaseWorkerLocationRequest> caseWorkerLocationRequests = ImmutableList.of(CaseWorkerLocationRequest
+                .caseWorkersLocationRequest()
+                .isPrimaryFlag(true).locationId(1)
+                .location(" location ").build());
+
+        List<CaseWorkerWorkAreaRequest> caseWorkerAreaRequests = ImmutableList.of(CaseWorkerWorkAreaRequest
+                .caseWorkerWorkAreaRequest()
+                .areaOfWork(" areaOfWork ").serviceCode(" serviceCode ")
+                .build());
+
+        caseWorkersProfileCreationRequests = ImmutableList.of(CaseWorkersProfileCreationRequest
+                .caseWorkersProfileCreationRequest()
+                .firstName(" firstName ").lastName(" lastName ").emailId("test.inttest@hmcts.gov.uk")
+                .regionId(1).userType("CTSC")
+                .region("region").suspended(false).roles(caseWorkerRoleRequests).idamRoles(roles)
+                .baseLocations(caseWorkerLocationRequests).workerWorkAreaRequests(caseWorkerAreaRequests).build());
+    }
+
+    @Test
+    public void deleteCaseWorkerProfileById() {
+        userProfileCreateUserWireMock(HttpStatus.CREATED);
+
+        //Create User
+        Map<String, Object> createResponse = caseworkerReferenceDataClient
+                .createCaseWorkerProfile(caseWorkersProfileCreationRequests, "cwd-admin");
+
+        assertThat(createResponse).containsEntry("http_status", "201 CREATED");
+
+        CaseWorkerProfile createdProfile = caseWorkerProfileRepository.findByEmailId("test.inttest@hmcts.gov.uk");
+
+        //Check Created User Exists
+        assertThat(createdProfile).isNotNull();
+
+        userProfileDeleteUserWireMock();
+
+        //Delete User By User ID
+        Map<String, Object> deleteResponse = caseworkerReferenceDataClient
+                .deleteCaseWorker("/users?userId=" + createdProfile.getCaseWorkerId());
+
+        assertThat(deleteResponse).containsEntry("status", "204 NO_CONTENT");
+
+        Optional<CaseWorkerProfile> deletedProfile =
+                caseWorkerProfileRepository.findByCaseWorkerId(createdProfile.getCaseWorkerId());
+
+        //Check Deleted User Does Not Exist
+        assertThat(deletedProfile).isEmpty();
+    }
+
+    @Test
+    public void deleteCaseWorkerProfileByEmailPattern() {
+        userProfileCreateUserWireMock(HttpStatus.CREATED);
+
+        //Create User
+        Map<String, Object> createResponse = caseworkerReferenceDataClient
+                .createCaseWorkerProfile(caseWorkersProfileCreationRequests, "cwd-admin");
+
+        assertThat(createResponse).containsEntry("http_status", "201 CREATED");
+
+        CaseWorkerProfile createdProfile = caseWorkerProfileRepository.findByEmailId("test.inttest@hmcts.gov.uk");
+
+        //Check Created User Exists
+        assertThat(createdProfile).isNotNull();
+
+        userProfileDeleteUserWireMock();
+
+        //Delete User By Email Pattern
+        Map<String, Object> deleteResponse = caseworkerReferenceDataClient
+                .deleteCaseWorker("/users?emailPattern=" + "test.inttest");
+
+        assertThat(deleteResponse).containsEntry("status", "204 NO_CONTENT");
+
+        CaseWorkerProfile deletedProfile = caseWorkerProfileRepository.findByEmailId("test.inttest@hmcts.gov.uk");
+
+        //Check Deleted User Does Not Exist
+        assertThat(deletedProfile).isNull();
+    }
+
+    @Test
+    public void deleteCaseWorkerProfileByEmailPattern_Returns404WhenNoUsersFoundWithGivenEmailPattern() {
+        //Delete User By Email Pattern
+        Map<String, Object> deleteResponse = caseworkerReferenceDataClient
+                .deleteCaseWorker("/users?emailPattern=" + "INVALID");
+
+        assertThat(deleteResponse).containsEntry("http_status", "404");
+    }
+}

src/integrationTest/java/uk/gov/hmcts/reform/cwrdapi/util/AuthorizationEnabledIntegrationTest.java

@@ -37,6 +37,7 @@
 import java.util.UUID;
 
 import static com.github.tomakehurst.wiremock.client.WireMock.aResponse;
+import static com.github.tomakehurst.wiremock.client.WireMock.delete;
 import static com.github.tomakehurst.wiremock.client.WireMock.get;
 import static com.github.tomakehurst.wiremock.client.WireMock.post;
 import static com.github.tomakehurst.wiremock.client.WireMock.put;
@@ -166,6 +167,17 @@ public void userProfileGetUserWireMock(String idamStatus, String roles) {
                     + "}")));
     }
 
+    public void userProfileDeleteUserWireMock() {
+        userProfileService.stubFor(delete(urlPathMatching("/v1/userprofile/users.*"))
+                .willReturn(aResponse()
+                        .withHeader("Content-Type", "application/json")
+                        .withStatus(204)
+                        .withBody("{"
+                                + "  \"response\": \"UserProfile Successfully Deleted.\""
+                                + "}")));
+
+    }
+
     public void modifyUserRoles() throws Exception {
 
         UserProfileRolesResponse userProfileRolesResponse = new UserProfileRolesResponse();