Merge pull request #1090 from bprize15/fix-token-renewed-on-update-user

Only renew tokens when activating user for PUT endpoint

src/main/java/org/mskcc/cbio/oncokb/service/UserService.java

@@ -376,7 +376,7 @@ public User createUser(UserDTO userDTO, Optional<Integer> tokenValidDays, Option
         return user;
     }
 
-    private Optional<UserDTO> updateUserFromUserDTO(UserDTO userDTO) {
+    public Optional<UserDTO> updateUserFromUserDTO(UserDTO userDTO) {
         Optional<UserDTO> updatedUserDTO = Optional.of(userRepository
         .findById(userDTO.getId()))
         .filter(Optional::isPresent)
@@ -423,7 +423,7 @@ private Optional<UserDTO> updateUserFromUserDTO(UserDTO userDTO) {
      * @param userDTO user to update.
      * @return updated user.
      */
-    public Optional<UserDTO> updateUser(UserDTO userDTO) {
+    public Optional<UserDTO> updateUserAndTokens(UserDTO userDTO) {
         Optional<UserDTO> updatedUserDTO = updateUserFromUserDTO(userDTO);
 
         if (updatedUserDTO.isPresent()) {
@@ -579,7 +579,7 @@ public Optional<UserDTO> approveUser(UserDTO userDTO, Boolean isTrial) {
         if (!userDTO.isActivated()) {
             userDTO.setActivated(true);
         }
-        Optional<UserDTO> updatedUserDTO = updateUser(userDTO);
+        Optional<UserDTO> updatedUserDTO = updateUserAndTokens(userDTO);
         if (updatedUserDTO.isPresent()) {
             List<Token> tokens =
                 generateTokenForUserIfNotExist(
@@ -616,7 +616,7 @@ public void convertUserToRegular(UserDTO userDTO) {
             userDTO.setActivated(true);
         }
 
-        Optional<UserDTO> updatedUserDTO = updateUser(userDTO);
+        Optional<UserDTO> updatedUserDTO = updateUserAndTokens(userDTO);
         if (!updatedUserDTO.isPresent()) {
             return;
         }
@@ -723,7 +723,7 @@ public Optional<UserDTO> updateUserWithCompanyLicense(UserDTO userDTO, Company c
         userDTO.setCompanyName(company.getName());
         userDTO.setCompany(companyMapper.toDto(company));
         userDTO.setLicenseType(company.getLicenseType());
-        Optional<UserDTO> updatedUserDTO = updateUser(userDTO);
+        Optional<UserDTO> updatedUserDTO = updateUserAndTokens(userDTO);
 
         if (updatedUserDTO.isPresent()) {
             // Update the user with the company's license
@@ -747,7 +747,7 @@ public Optional<UserDTO> updateUserWithCompanyLicense(UserDTO userDTO, Company c
                         if (!isAccountCreation) {
                             mailService.sendActiveTrialMail(userMapper.userToUserDTO(updatedUser.get()), false);
                         }
-                        updatedUserDTO = updateUser(userMapper.userToUserDTO(updatedUser.get()));
+                        updatedUserDTO = updateUserAndTokens(userMapper.userToUserDTO(updatedUser.get()));
                     }
                 }
             }else if (companyLicenseStatus.equals(LicenseStatus.TRIAL_EXPIRED) || companyLicenseStatus.equals(LicenseStatus.EXPIRED)) {
@@ -765,7 +765,7 @@ public Optional<UserDTO> updateUserWithCompanyLicense(UserDTO userDTO, Company c
     private void expireUserAccount(UserDTO userDTO) {
         if(userDTO.isActivated()) {
             userDTO.setActivated(false);
-            updateUser(userDTO);
+            updateUserAndTokens(userDTO);
         } else {
             if (userHasUnactivatedTrial(userDTO)) {
                 clearTrialAccountInformation(userDTO);
@@ -897,7 +897,7 @@ public void sendUserToRocReview(UserDTO userDTO) throws MessagingException {
             userDTO.setAdditionalInfo(new AdditionalInfoDTO());
         }
         userDTO.getAdditionalInfo().setSentToRocReview(true);
-        updateUser(userDTO);
+        updateUserAndTokens(userDTO);
     }
 
     public boolean isAdmin(String userLogin) {

src/main/java/org/mskcc/cbio/oncokb/service/impl/CompanyServiceImpl.java

@@ -95,7 +95,7 @@ public CompanyDTO updateCompany(CompanyVM companyVm) {
         if(isLicenseUpdateRequired){
             companyUsers.forEach(userDTO -> userService.updateUserWithCompanyLicense(userDTO, company, false, false));
         }else{
-            companyUsers.forEach(userDTO -> userService.updateUser(userDTO));
+            companyUsers.forEach(userDTO -> userService.updateUserAndTokens(userDTO));
         }
 
         // Update the licenses for new users being added to this company

src/main/java/org/mskcc/cbio/oncokb/web/rest/AccountResource.java

@@ -257,7 +257,7 @@ public void saveAccount(@Valid @RequestBody UserDTO userDTO) {
         if (!user.isPresent()) {
             throw new CustomMessageRuntimeException("User could not be found");
         }
-        userService.updateUser(userDTO);
+        userService.updateUserAndTokens(userDTO);
     }
 
     /**

src/main/java/org/mskcc/cbio/oncokb/web/rest/CompanyResource.java

@@ -112,7 +112,7 @@ public ResponseEntity<CompanyDTO> updateCompany(@Valid @RequestBody CompanyVM co
                 Set<String> userAuthorities = user.getAuthorities();
                 if (!userAuthorities.contains(AuthoritiesConstants.API)) {
                     userAuthorities.add(AuthoritiesConstants.API);
-                    userService.updateUser(user);
+                    userService.updateUserAndTokens(user);
                 }
             }
         }

src/main/java/org/mskcc/cbio/oncokb/web/rest/SlackController.java

@@ -120,7 +120,7 @@ public ResponseEntity<String> approveUser(@RequestParam("payload") String action
 
                         updateUserWithRoleApiIfRequested(userDTO);
 
-                        Optional<UserDTO> updatedUser = userService.updateUser(userDTO);
+                        Optional<UserDTO> updatedUser = userService.updateUserAndTokens(userDTO);
                         if (updatedUser.isPresent() && updatedUser.get().isActivated() && !userAlreadyHasRoleApi) {
                             mailService.sendApiAccessApprovalEmail(userDTO);
                         }
@@ -142,7 +142,7 @@ public ResponseEntity<String> approveUser(@RequestParam("payload") String action
                         String value = action.getSelectedOption().getValue();
                         LicenseType newLicenseType = LicenseType.valueOf(this.slackService.getOptionValueArgument(value));
                         userDTO.setLicenseType(newLicenseType);
-                        this.userService.updateUser(userDTO);
+                        this.userService.updateUserAndTokens(userDTO);
                         break;
                     case CONVERT_TO_REGULAR_ACCOUNT:
                         userService.convertUserToRegular(userDTO);

src/main/java/org/mskcc/cbio/oncokb/web/rest/UserResource.java

@@ -180,7 +180,12 @@ public ResponseEntity<UserDTO> updateUser(
             userDTO.setCompany(null);
         }
 
-        Optional<UserDTO> updatedUser = userService.updateUser(userDTO);
+        Optional<UserDTO> updatedUser;
+        if (existingUser.isPresent() && !existingUser.get().getActivated() && userDTO.isActivated()) {
+            updatedUser = userService.updateUserAndTokens(userDTO);
+        } else {
+            updatedUser = userService.updateUserFromUserDTO(userDTO);
+        }
 
         if(updatedUser.isPresent() && sendEmail && updatedUser.get().isActivated()) {
             mailService.sendApprovalEmail(updatedUser.get());

src/test/java/org/mskcc/cbio/oncokb/service/CompanyServiceIT.java

@@ -416,7 +416,7 @@ public void assertThatExpiredUserStatusWillChangeToTrialAfterLinkedWithTrialComp
         User user = userService.createUser(userDTO, Optional.of(DEFAULT_TOKEN_EXPIRATION_IN_DAYS), Optional.of(Boolean.TRUE));
         userDTO = userMapper.userToUserDTO(user);
         userDTO.setActivated(false);
-        userService.updateUser(userDTO);
+        userService.updateUserAndTokens(userDTO);
         // The user expired at this moment
 
         // Create ta trial company

src/test/java/org/mskcc/cbio/oncokb/service/UserServiceIT.java

@@ -133,7 +133,7 @@ public void assertThatInactivateUserWillRemoveActivationKey() {
 
         UserDTO userDTO = userMapper.userToUserDTO(user);
         userDTO.setActivated(false);
-        Optional<UserDTO> updatedUserDto = userService.updateUser(userDTO);
+        Optional<UserDTO> updatedUserDto = userService.updateUserAndTokens(userDTO);
         assertThat(updatedUserDto).isPresent();
         assertThat(updatedUserDto.get().isActivated()).isFalse();
         assertThat(updatedUserDto.get().getActivationKey()).isNullOrEmpty();
@@ -149,7 +149,7 @@ public void assertThatInactivateUserWillRemoveResetKeyAndDate() {
 
         UserDTO userDTO = userMapper.userToUserDTO(user);
         userDTO.setActivated(false);
-        Optional<UserDTO> updatedUserDto = userService.updateUser(userDTO);
+        Optional<UserDTO> updatedUserDto = userService.updateUserAndTokens(userDTO);
         assertThat(updatedUserDto).isPresent();
         assertThat(updatedUserDto.get().isActivated()).isFalse();
         assertThat(updatedUserDto.get().getResetKey()).isNullOrEmpty();
@@ -365,13 +365,13 @@ public void assertThatUserTokenStatusIsExpected() {
         User savedUser = userService.createUser(userDTO, Optional.empty(), Optional.of(Boolean.TRUE));
         userDTO = userMapper.userToUserDTO(savedUser);
         userDTO.setActivated(false);
-        userDTO = userService.updateUser(userDTO).get();
+        userDTO = userService.updateUserAndTokens(userDTO).get();
 
         assertThat(tokenService.findByUser(savedUser).get(0).getExpiration()).isBefore(Instant.now());
         assertThat(tokenService.findByUser(savedUser).get(0).isRenewable()).isTrue();
 
         userDTO.setActivated(true);
-        userService.updateUser(userDTO);
+        userService.updateUserAndTokens(userDTO);
 
         assertThat(tokenService.findByUser(savedUser).get(0).getExpiration()).isAfter(Instant.now());
         assertThat(tokenService.findByUser(savedUser).get(0).isRenewable()).isTrue();