From 7a4b022eb21b8ab37dad583174479707c09a8fe1 Mon Sep 17 00:00:00 2001 From: veltrup Date: Fri, 2 Feb 2024 10:52:22 +0100 Subject: [PATCH] feat: check if user exists for personal token --- .../exception/AccessTokenDegistException.java | 18 +++++++++ .../exception/UserRepositoryException.java | 3 ++ .../usecase/CreateImpersonationToken.java | 12 +++++- .../usecase/CreateImpersonationTokenTest.java | 37 ++++++++++++++++++- 4 files changed, 67 insertions(+), 3 deletions(-) create mode 100644 src/main/java/com/sitepark/ies/userrepository/core/domain/exception/AccessTokenDegistException.java diff --git a/src/main/java/com/sitepark/ies/userrepository/core/domain/exception/AccessTokenDegistException.java b/src/main/java/com/sitepark/ies/userrepository/core/domain/exception/AccessTokenDegistException.java new file mode 100644 index 0000000..9ea3501 --- /dev/null +++ b/src/main/java/com/sitepark/ies/userrepository/core/domain/exception/AccessTokenDegistException.java @@ -0,0 +1,18 @@ +package com.sitepark.ies.userrepository.core.domain.exception; + +/** + * The AccessTokenDegistException exception is thrown if + * the access token could't be digest. + */ +public class AccessTokenDegistException extends UserRepositoryException { + + private static final long serialVersionUID = 1L; + + public AccessTokenDegistException(String message) { + super(message); + } + + public AccessTokenDegistException(String message, Throwable t) { + super(message); + } +} \ No newline at end of file diff --git a/src/main/java/com/sitepark/ies/userrepository/core/domain/exception/UserRepositoryException.java b/src/main/java/com/sitepark/ies/userrepository/core/domain/exception/UserRepositoryException.java index 719b369..8e5922b 100644 --- a/src/main/java/com/sitepark/ies/userrepository/core/domain/exception/UserRepositoryException.java +++ b/src/main/java/com/sitepark/ies/userrepository/core/domain/exception/UserRepositoryException.java @@ -15,4 +15,7 @@ public UserRepositoryException() { public UserRepositoryException(String message) { super(message); } + public UserRepositoryException(String message, Throwable t) { + super(message); + } } diff --git a/src/main/java/com/sitepark/ies/userrepository/core/usecase/CreateImpersonationToken.java b/src/main/java/com/sitepark/ies/userrepository/core/usecase/CreateImpersonationToken.java index 13f0e7e..76acd9e 100644 --- a/src/main/java/com/sitepark/ies/userrepository/core/usecase/CreateImpersonationToken.java +++ b/src/main/java/com/sitepark/ies/userrepository/core/usecase/CreateImpersonationToken.java @@ -7,8 +7,10 @@ import com.sitepark.ies.userrepository.core.domain.entity.AccessToken; import com.sitepark.ies.userrepository.core.domain.exception.AccessDeniedException; +import com.sitepark.ies.userrepository.core.domain.exception.UserNotFoundException; import com.sitepark.ies.userrepository.core.port.AccessControl; import com.sitepark.ies.userrepository.core.port.AccessTokenRepository; +import com.sitepark.ies.userrepository.core.port.UserRepository; public class CreateImpersonationToken { @@ -16,14 +18,18 @@ public class CreateImpersonationToken { private final AccessControl accessControl; + private final UserRepository userRepository; + private static Logger LOGGER = LogManager.getLogger(); @Inject protected CreateImpersonationToken( AccessTokenRepository repository, - AccessControl accessControl) { + AccessControl accessControl, + UserRepository userRepository) { this.repository = repository; this.accessControl = accessControl; + this.userRepository = userRepository; } public AccessToken createPersonalAccessToken(AccessToken accessToken) { @@ -36,6 +42,10 @@ public AccessToken createPersonalAccessToken(AccessToken accessToken) { throw new AccessDeniedException("Not allowed manage impersonation tokens"); } + if (this.userRepository.get(accessToken.getUser()).isEmpty()) { + throw new UserNotFoundException(accessToken.getUser()); + } + if (LOGGER.isInfoEnabled()) { LOGGER.info("create: {}", accessTokenToCreate); } diff --git a/src/test/java/com/sitepark/ies/userrepository/core/usecase/CreateImpersonationTokenTest.java b/src/test/java/com/sitepark/ies/userrepository/core/usecase/CreateImpersonationTokenTest.java index bfcdea4..a2330a4 100644 --- a/src/test/java/com/sitepark/ies/userrepository/core/usecase/CreateImpersonationTokenTest.java +++ b/src/test/java/com/sitepark/ies/userrepository/core/usecase/CreateImpersonationTokenTest.java @@ -2,16 +2,22 @@ import static org.junit.jupiter.api.Assertions.assertThrows; import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyLong; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; +import java.util.Optional; + import org.junit.jupiter.api.Test; import com.sitepark.ies.userrepository.core.domain.entity.AccessToken; +import com.sitepark.ies.userrepository.core.domain.entity.User; import com.sitepark.ies.userrepository.core.domain.exception.AccessDeniedException; +import com.sitepark.ies.userrepository.core.domain.exception.UserNotFoundException; import com.sitepark.ies.userrepository.core.port.AccessControl; import com.sitepark.ies.userrepository.core.port.AccessTokenRepository; +import com.sitepark.ies.userrepository.core.port.UserRepository; class CreateImpersonationTokenTest { @@ -21,12 +27,14 @@ void testAccessDenied() { AccessTokenRepository accessTokenRepository = mock(); AccessControl accessControl = mock(AccessControl.class); when(accessControl.isImpersonationTokensManageable()).thenReturn(false); + UserRepository userRepository = mock(UserRepository.class); AccessToken accessToken = AccessToken.builder().user(123).name("Test Token").build(); var createImpersonationToken = new CreateImpersonationToken( accessTokenRepository, - accessControl); + accessControl, + userRepository); assertThrows(AccessDeniedException.class, () -> { createImpersonationToken.createPersonalAccessToken(accessToken); @@ -35,18 +43,43 @@ void testAccessDenied() { verify(accessControl).isImpersonationTokensManageable(); } + @Test + void testUserNotFound() { + + AccessTokenRepository accessTokenRepository = mock(); + AccessControl accessControl = mock(AccessControl.class); + when(accessControl.isImpersonationTokensManageable()).thenReturn(true); + UserRepository userRepository = mock(UserRepository.class); + when(userRepository.get(anyLong())).thenReturn(Optional.empty()); + + AccessToken accessToken = AccessToken.builder().user(123).name("Test Token").build(); + + var createImpersonationToken = new CreateImpersonationToken( + accessTokenRepository, + accessControl, + userRepository); + + assertThrows(UserNotFoundException.class, () -> { + createImpersonationToken.createPersonalAccessToken(accessToken); + }); + } + @Test void testCreate() { AccessTokenRepository accessTokenRepository = mock(); AccessControl accessControl = mock(AccessControl.class); when(accessControl.isImpersonationTokensManageable()).thenReturn(true); + UserRepository userRepository = mock(UserRepository.class); + User user = mock(User.class); + when(userRepository.get(anyLong())).thenReturn(Optional.of(user)); AccessToken accessToken = AccessToken.builder().user(123).name("Test Token").build(); var createImpersonationToken = new CreateImpersonationToken( accessTokenRepository, - accessControl); + accessControl, + userRepository); createImpersonationToken.createPersonalAccessToken(accessToken);