Revize 8a5593f0
Přidáno uživatelem Jakub Šmíd před asi 2 roky(ů)
| backend/src/main/java/cz/zcu/kiv/backendapi/user/UserServiceImpl.java | ||
|---|---|---|
| 93 | 93 |
//TODO maybe check if user is not deleting himself - or it might be ok |
| 94 | 94 |
@Override |
| 95 | 95 |
public void deleteUser(String username) {
|
| 96 |
if (!userRepository.existsById(username)) {
|
|
| 96 |
UserEntity userEntity = userRepository.findByEmail(username).orElseThrow(() -> {
|
|
| 97 | 97 |
log.error(String.format(USER_NOT_FOUND, username)); |
| 98 | 98 |
throw new UsernameNotFoundException(String.format(USER_NOT_FOUND, username)); |
| 99 |
}); |
|
| 100 |
if (userEntity.isAdmin()) {
|
|
| 101 |
log.error("User with ADMIN rights can not be deleted");
|
|
| 102 |
throw new ApiRequestException("User with ADMIN rights can not be deleted", HttpStatus.BAD_REQUEST);
|
|
| 99 | 103 |
} |
| 100 |
userRepository.deleteById(username);
|
|
| 104 |
userRepository.delete(userEntity);
|
|
| 101 | 105 |
} |
| 102 | 106 |
|
| 103 | 107 |
@Override |
| backend/src/test/java/cz/zcu/kiv/backendapi/user/UserServiceImplTest.java | ||
|---|---|---|
| 220 | 220 |
void testCanDeleteUser() {
|
| 221 | 221 |
// given |
| 222 | 222 |
String email = "test@test.com"; |
| 223 |
given(userRepository.existsById(email)).willReturn(true); |
|
| 223 |
UserEntity userEntity = new UserEntity("John Doe", email, "", (byte) 0, false);
|
|
| 224 |
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity)); |
|
| 225 |
|
|
| 224 | 226 |
// when |
| 225 | 227 |
underTest.deleteUser(email); |
| 226 | 228 |
|
| 227 | 229 |
// then |
| 228 |
verify(userRepository).deleteById(email);
|
|
| 230 |
verify(userRepository).delete(userEntity);
|
|
| 229 | 231 |
} |
| 230 | 232 |
|
| 231 | 233 |
@Test |
| 232 | 234 |
void testCanNotDeleteUser() {
|
| 233 | 235 |
// given |
| 234 | 236 |
String email = "test@test.com"; |
| 235 |
given(userRepository.existsById(email)).willReturn(false); |
|
| 237 |
given(userRepository.findByEmail(email)).willReturn(Optional.empty()); |
|
| 238 |
|
|
| 236 | 239 |
// when |
| 237 | 240 |
assertThatThrownBy(() -> underTest.deleteUser(email)) |
| 238 | 241 |
.isInstanceOf(UsernameNotFoundException.class) |
| 239 | 242 |
.hasMessageContaining("User with username " + email + " not found");
|
| 240 | 243 |
|
| 241 | 244 |
// then |
| 242 |
verify(userRepository, never()).deleteById(email); |
|
| 245 |
verify(userRepository, never()).delete(any()); |
|
| 246 |
} |
|
| 247 |
|
|
| 248 |
@Test |
|
| 249 |
void testCanNotDeleteUserAdmin() {
|
|
| 250 |
// given |
|
| 251 |
String email = "test@test.com"; |
|
| 252 |
UserEntity userEntity = new UserEntity("John Doe", email, "", (byte) 0, true);
|
|
| 253 |
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity)); |
|
| 254 |
|
|
| 255 |
// when |
|
| 256 |
assertThatThrownBy(() -> underTest.deleteUser(email)) |
|
| 257 |
.isInstanceOf(ApiRequestException.class) |
|
| 258 |
.hasMessageContaining("User with ADMIN rights can not be deleted");
|
|
| 259 |
|
|
| 260 |
// then |
|
| 261 |
verify(userRepository, never()).delete(any()); |
|
| 243 | 262 |
} |
| 244 | 263 |
|
| 245 | 264 |
@Test |
Také k dispozici: Unified diff
Changed that user with ADMIN rights can not be removed
re #9755