fix(users): enable to change your status

Signed-off-by: Rodney Osodo <[email protected]>
absmach · Jun 27, 2024 · e6102f4 · e6102f4
1 parent 1854625
commit e6102f4
Show file tree

Hide file tree

Showing 5 changed files with 75 additions and 145 deletions.
diff --git a/auth/events/streams.go b/auth/events/streams.go
@@ -227,6 +227,10 @@ func (es *eventStore) DeletePolicyFilter(ctx context.Context, pr auth.PolicyReq)
 	return es.svc.DeletePolicyFilter(ctx, pr)
 }
 
+func (es *eventStore) DeleteEntityPolicies(ctx context.Context, entityType, id string) error {
+	return es.svc.DeleteEntityPolicies(ctx, entityType, id)
+}
+
 func (es *eventStore) DeletePolicies(ctx context.Context, prs []auth.PolicyReq) error {
 	return es.svc.DeletePolicies(ctx, prs)
 }

diff --git a/pkg/sdk/go/setup_test.go b/pkg/sdk/go/setup_test.go
@@ -65,12 +65,6 @@ func generateUUID(t *testing.T) string {
 	return ulid
 }
 
-func convertClientsPage(cp sdk.UsersPage) mgclients.ClientsPage {
-	return mgclients.ClientsPage{
-		Clients: convertClients(cp.Users),
-	}
-}
-
 func convertThingsPage(cp sdk.ThingsPage) mgclients.ClientsPage {
 	return mgclients.ClientsPage{
 		Clients: convertThings(cp.Things...),

diff --git a/pkg/sdk/go/users_test.go b/pkg/sdk/go/users_test.go
@@ -1051,59 +1051,6 @@ func TestEnableClient(t *testing.T) {
 		repoCall2.Unset()
 		repoCall3.Unset()
 	}
-
-	cases2 := []struct {
-		desc     string
-		token    string
-		status   string
-		metadata sdk.Metadata
-		response sdk.UsersPage
-		size     uint64
-	}{
-		{
-			desc:   "list enabled clients",
-			status: mgclients.EnabledStatus.String(),
-			size:   2,
-			response: sdk.UsersPage{
-				Users: []sdk.User{enabledClient1, endisabledClient1},
-			},
-		},
-		{
-			desc:   "list disabled clients",
-			status: mgclients.DisabledStatus.String(),
-			size:   1,
-			response: sdk.UsersPage{
-				Users: []sdk.User{disabledClient1},
-			},
-		},
-		{
-			desc:   "list enabled and disabled clients",
-			status: mgclients.AllStatus.String(),
-			size:   3,
-			response: sdk.UsersPage{
-				Users: []sdk.User{enabledClient1, disabledClient1, endisabledClient1},
-			},
-		},
-	}
-
-	for _, tc := range cases2 {
-		pm := sdk.PageMetadata{
-			Total:  100,
-			Offset: 0,
-			Limit:  100,
-			Status: tc.status,
-		}
-		repoCall := auth.On("Identify", mock.Anything, &magistrala.IdentityReq{Token: validToken}).Return(&magistrala.IdentityRes{UserId: validID}, nil)
-		repoCall1 := auth.On("Authorize", mock.Anything, mock.Anything).Return(&magistrala.AuthorizeRes{Authorized: true}, nil)
-		repoCall2 := crepo.On("RetrieveAll", mock.Anything, mock.Anything).Return(convertClientsPage(tc.response), nil)
-		clientsPage, err := mgsdk.Users(pm, validToken)
-		assert.Nil(t, err, fmt.Sprintf("unexpected error: %s", err))
-		size := uint64(len(clientsPage.Users))
-		assert.Equal(t, tc.size, size, fmt.Sprintf("%s: expected size %d got %d\n", tc.desc, tc.size, size))
-		repoCall.Unset()
-		repoCall1.Unset()
-		repoCall2.Unset()
-	}
 }
 
 func TestDisableClient(t *testing.T) {
@@ -1180,93 +1127,79 @@ func TestDisableClient(t *testing.T) {
 		repoCall2.Unset()
 		repoCall3.Unset()
 	}
+}
+
+func TestDeleteUser(t *testing.T) {
+	ts, crepo, _, auth := setupUsers()
+	defer ts.Close()
+
+	conf := sdk.Config{
+		UsersURL: ts.URL,
+	}
+	mgsdk := sdk.NewSDK(conf)
 
-	cases2 := []struct {
+	enabledClient1 := sdk.User{ID: testsutil.GenerateUUID(t), Credentials: sdk.Credentials{Identity: "[email protected]", Secret: "password"}, Status: mgclients.EnabledStatus.String()}
+	deletedClient1 := sdk.User{ID: testsutil.GenerateUUID(t), Credentials: sdk.Credentials{Identity: "[email protected]", Secret: "password"}, Status: mgclients.DeletedStatus.String()}
+	deletedenabledClient1 := enabledClient1
+	deletedenabledClient1.Status = mgclients.DisabledStatus.String()
+	deletedenabledClient1.ID = testsutil.GenerateUUID(t)
+
+	cases := []struct {
 		desc     string
+		id       string
 		token    string
-		status   string
-		metadata sdk.Metadata
-		response sdk.UsersPage
-		size     uint64
+		client   sdk.User
+		response sdk.User
+		repoErr  error
+		err      errors.SDKError
 	}{
 		{
-			desc:   "list enabled clients",
-			status: mgclients.EnabledStatus.String(),
-			size:   2,
-			response: sdk.UsersPage{
-				Users: []sdk.User{enabledClient1, disenabledClient1},
-			},
+			desc:     "delete enabled client",
+			id:       enabledClient1.ID,
+			token:    validToken,
+			client:   enabledClient1,
+			response: deletedenabledClient1,
+			err:      nil,
+			repoErr:  nil,
 		},
 		{
-			desc:   "list disabled clients",
-			status: mgclients.DisabledStatus.String(),
-			size:   1,
-			response: sdk.UsersPage{
-				Users: []sdk.User{disabledClient1},
-			},
+			desc:     "delete disabled client",
+			id:       deletedClient1.ID,
+			token:    validToken,
+			client:   deletedClient1,
+			response: sdk.User{},
+			repoErr:  sdk.ErrFailedDisable,
+			err:      errors.NewSDKErrorWithStatus(svcerr.ErrViewEntity, http.StatusBadRequest),
 		},
 		{
-			desc:   "list enabled and disabled clients",
-			status: mgclients.AllStatus.String(),
-			size:   3,
-			response: sdk.UsersPage{
-				Users: []sdk.User{enabledClient1, disabledClient1, disenabledClient1},
-			},
+			desc:     "delete non-existing client",
+			id:       wrongID,
+			client:   sdk.User{},
+			token:    validToken,
+			response: sdk.User{},
+			repoErr:  sdk.ErrFailedDisable,
+			err:      errors.NewSDKErrorWithStatus(svcerr.ErrViewEntity, http.StatusBadRequest),
 		},
 	}
 
-	for _, tc := range cases2 {
-		pm := sdk.PageMetadata{
-			Total:  100,
-			Offset: 0,
-			Limit:  100,
-			Status: tc.status,
-		}
+	for _, tc := range cases {
 		repoCall := auth.On("Identify", mock.Anything, &magistrala.IdentityReq{Token: validToken}).Return(&magistrala.IdentityRes{UserId: validID}, nil)
 		repoCall1 := auth.On("Authorize", mock.Anything, mock.Anything).Return(&magistrala.AuthorizeRes{Authorized: true}, nil)
-		repoCall2 := crepo.On("RetrieveAll", mock.Anything, mock.Anything).Return(convertClientsPage(tc.response), nil)
-		page, err := mgsdk.Users(pm, validToken)
-		assert.Nil(t, err, fmt.Sprintf("unexpected error: %s", err))
-		size := uint64(len(page.Users))
-		assert.Equal(t, tc.size, size, fmt.Sprintf("%s: expected size %d got %d\n", tc.desc, tc.size, size))
+		repoCall2 := crepo.On("RetrieveByID", mock.Anything, tc.id).Return(convertClient(tc.client), tc.repoErr)
+		repoCall3 := crepo.On("ChangeStatus", mock.Anything, mock.Anything).Return(convertClient(tc.response), tc.repoErr)
+		err := mgsdk.DeleteUser(tc.id, tc.token)
+		assert.Equal(t, tc.err, err, fmt.Sprintf("%s: expected error %s, got %s", tc.desc, tc.err, err))
+		if tc.err == nil {
+			ok := repoCall.Parent.AssertCalled(t, "Identify", mock.Anything, mock.Anything)
+			assert.True(t, ok, fmt.Sprintf("Identify was not called on %s", tc.desc))
+			ok = repoCall2.Parent.AssertCalled(t, "RetrieveByID", mock.Anything, tc.id)
+			assert.True(t, ok, fmt.Sprintf("RetrieveByID was not called on %s", tc.desc))
+			ok = repoCall3.Parent.AssertCalled(t, "ChangeStatus", mock.Anything, mock.Anything)
+			assert.True(t, ok, fmt.Sprintf("ChangeStatus was not called on %s", tc.desc))
+		}
 		repoCall.Unset()
 		repoCall1.Unset()
 		repoCall2.Unset()
+		repoCall3.Unset()
 	}
 }
-
-func TestDeleteUser(t *testing.T) {
-	ts, crepo, _, auth := setupUsers()
-	defer ts.Close()
-
-	conf := sdk.Config{
-		UsersURL: ts.URL,
-	}
-	mgsdk := sdk.NewSDK(conf)
-
-	repoCall := auth.On("Identify", mock.Anything, &magistrala.IdentityReq{Token: validToken}).Return(&magistrala.IdentityRes{Id: validID, DomainId: testsutil.GenerateUUID(t)}, nil)
-	repoCall1 := auth.On("Authorize", mock.Anything, mock.Anything).Return(&magistrala.AuthorizeRes{Authorized: false}, nil)
-	repoCall2 := crepo.On("CheckSuperAdmin", mock.Anything, mock.Anything).Return(nil)
-	repoCall3 := crepo.On("Delete", mock.Anything, mock.Anything).Return(nil)
-	err := mgsdk.DeleteUser("wrongID", validToken)
-	assert.Equal(t, err, errors.NewSDKErrorWithStatus(svcerr.ErrAuthorization, http.StatusForbidden), fmt.Sprintf("Delete user with wrong id: expected %v got %v", svcerr.ErrNotFound, err))
-	repoCall.Unset()
-	repoCall1.Unset()
-	repoCall2.Unset()
-	repoCall3.Unset()
-
-	repoCall = auth.On("DeleteEntityPolicies", mock.Anything, mock.Anything, mock.Anything).Return(&magistrala.DeletePolicyRes{Deleted: true}, nil)
-	repoCall1 = auth.On("Identify", mock.Anything, &magistrala.IdentityReq{Token: validToken}).Return(&magistrala.IdentityRes{Id: validID, DomainId: testsutil.GenerateUUID(t)}, nil)
-	repoCall2 = auth.On("Authorize", mock.Anything, mock.Anything).Return(&magistrala.AuthorizeRes{Authorized: true}, nil)
-	repoCall3 = crepo.On("CheckSuperAdmin", mock.Anything, mock.Anything).Return(nil)
-	repoCall4 := crepo.On("Delete", mock.Anything, mock.Anything).Return(nil)
-	err = mgsdk.DeleteUser(validID, validToken)
-	assert.Nil(t, err, fmt.Sprintf("Delete user with correct id: expected %v got %v", nil, err))
-	ok := repoCall4.Parent.AssertCalled(t, "Delete", mock.Anything, mock.Anything)
-	assert.True(t, ok, "Delete was not called on deleting user with correct id")
-	repoCall.Unset()
-	repoCall1.Unset()
-	repoCall2.Unset()
-	repoCall3.Unset()
-	repoCall4.Unset()
-}
diff --git a/users/service.go b/users/service.go
@@ -435,8 +435,10 @@ func (svc service) changeClientStatus(ctx context.Context, token string, client
 	if err != nil {
 		return mgclients.Client{}, err
 	}
-	if err := svc.checkSuperAdmin(ctx, tokenUserID); err != nil {
-		return mgclients.Client{}, err
+	if tokenUserID != client.ID {
+		if err := svc.checkSuperAdmin(ctx, tokenUserID); err != nil {
+			return mgclients.Client{}, err
+		}
 	}
 	dbClient, err := svc.clients.RetrieveByID(ctx, client.ID)
 	if err != nil {

diff --git a/users/service_test.go b/users/service_test.go
@@ -1374,17 +1374,14 @@ func TestEnableClient(t *testing.T) {
 			err:              svcerr.ErrAuthentication,
 		},
 		{
-			desc:                 "enable disabled client with failed to authorize",
-			id:                   disabledClient1.ID,
-			token:                validToken,
-			client:               disabledClient1,
-			identifyResponse:     &magistrala.IdentityRes{UserId: disabledClient1.ID},
-			authorizeResponse:    &magistrala.AuthorizeRes{Authorized: false},
-			retrieveByIDResponse: mgclients.Client{},
-			changeStatusResponse: mgclients.Client{},
-			response:             mgclients.Client{},
-			identifyErr:          svcerr.ErrAuthorization,
-			err:                  svcerr.ErrAuthorization,
+			desc:              "enable disabled client with failed to authorize",
+			id:                disabledClient1.ID,
+			token:             validToken,
+			client:            disabledClient1,
+			identifyResponse:  &magistrala.IdentityRes{UserId: disabledClient1.ID},
+			authorizeResponse: &magistrala.AuthorizeRes{Authorized: false},
+			identifyErr:       svcerr.ErrAuthorization,
+			err:               svcerr.ErrAuthorization,
 		},
 		{
 			desc:               "enable disabled client with normal user token",
@@ -1515,7 +1512,7 @@ func TestDisableClient(t *testing.T) {
 			id:                 enabledClient1.ID,
 			token:              validToken,
 			client:             enabledClient1,
-			identifyResponse:   &magistrala.IdentityRes{UserId: enabledClient1.ID},
+			identifyResponse:   &magistrala.IdentityRes{UserId: validID},
 			authorizeResponse:  &magistrala.AuthorizeRes{Authorized: false},
 			checkSuperAdminErr: svcerr.ErrAuthorization,
 			err:                svcerr.ErrAuthorization,
@@ -1638,7 +1635,7 @@ func TestDeleteClient(t *testing.T) {
 			id:                 enabledClient1.ID,
 			token:              validToken,
 			client:             enabledClient1,
-			identifyResponse:   &magistrala.IdentityRes{UserId: enabledClient1.ID},
+			identifyResponse:   &magistrala.IdentityRes{UserId: validID},
 			authorizeResponse:  &magistrala.AuthorizeRes{Authorized: false},
 			checkSuperAdminErr: svcerr.ErrAuthorization,
 			err:                svcerr.ErrAuthorization,