From c50859d63dc307950ad209604df2022e20bf0e85 Mon Sep 17 00:00:00 2001 From: Md Majid Akhter <101315579+qxz2mqe@users.noreply.github.com> Date: Mon, 21 Aug 2023 13:13:56 +0530 Subject: [PATCH] feat:(apps and services) technical user creation in autosetup (#188) check whether serviceAccountProfile has roles assigned before creating the serviceAccount --------- Refs: CPLP-2829 Co-authored-by: Phil Schneider Reviewed-by: Phil Schneider --- .../Service/OfferSetupService.cs | 2 +- .../Service/OfferSetupServiceTests.cs | 51 ++++++++++++++++++- 2 files changed, 50 insertions(+), 3 deletions(-) diff --git a/src/marketplace/Offers.Library/Service/OfferSetupService.cs b/src/marketplace/Offers.Library/Service/OfferSetupService.cs index 36a38b0199..b1f986357b 100644 --- a/src/marketplace/Offers.Library/Service/OfferSetupService.cs +++ b/src/marketplace/Offers.Library/Service/OfferSetupService.cs @@ -147,7 +147,7 @@ public async Task AutoSetupOfferAsync(OfferAutoSetup throw new UnexpectedConditionException($"There should only be one or none technical user profile configured for {subscriptionId}"); } - if (serviceAccountCreationInfo == null) + if (serviceAccountCreationInfo == null || !serviceAccountCreationInfo.UserRoleIds.Any()) { return null; } diff --git a/tests/marketplace/Offers.Library.Tests/Service/OfferSetupServiceTests.cs b/tests/marketplace/Offers.Library.Tests/Service/OfferSetupServiceTests.cs index fa27a5eeb6..1c4dc6ad4a 100644 --- a/tests/marketplace/Offers.Library.Tests/Service/OfferSetupServiceTests.cs +++ b/tests/marketplace/Offers.Library.Tests/Service/OfferSetupServiceTests.cs @@ -130,6 +130,7 @@ public async Task AutoSetup_WithValidData_ReturnsExpectedNotificationAndSecret(O var appInstances = new List(); var appSubscriptionDetails = new List(); var notifications = new List(); + var roleIds = _fixture.CreateMany().AsEnumerable(); A.CallTo(() => _clientRepository.CreateClient(A._)) .Invokes((string clientName) => { @@ -140,7 +141,7 @@ public async Task AutoSetup_WithValidData_ReturnsExpectedNotificationAndSecret(O if (technicalUserRequired) { A.CallTo(() => _technicalUserProfileService.GetTechnicalUserProfilesForOfferSubscription(A._)) - .Returns(new ServiceAccountCreationInfo[] { new(Guid.NewGuid().ToString(), "test", IamClientAuthMethod.SECRET, Enumerable.Empty()) }); + .Returns(new ServiceAccountCreationInfo[] { new(Guid.NewGuid().ToString(), "test", IamClientAuthMethod.SECRET, roleIds) }); } var serviceManagerRoles = new[] { @@ -285,6 +286,51 @@ public async Task AutoSetup_WithMultipleTechnicalUsers_ThrowsException() ex.Message.Should().Be($"There should only be one or none technical user profile configured for {data.RequestId}"); } + [Fact] + public async Task AutoSetup_WithNoTechnicalUsersRole_ThrowsException() + { + // Arrange + var offerSubscription = new OfferSubscription(Guid.NewGuid(), Guid.Empty, Guid.Empty, OfferSubscriptionStatusId.PENDING, Guid.Empty); + var companyServiceAccount = new CompanyServiceAccount(Guid.NewGuid(), "test", "test", CompanyServiceAccountTypeId.OWN); + SetupAutoSetup(OfferTypeId.APP, offerSubscription, false, companyServiceAccount); + var clientId = Guid.NewGuid(); + var appInstanceId = Guid.NewGuid(); + var clients = new List(); + A.CallTo(() => _clientRepository.CreateClient(A._)) + .Invokes((string clientName) => + { + var client = new IamClient(clientId, clientName); + clients.Add(client); + }) + .Returns(new IamClient(clientId, "cl1")); + A.CallTo(() => _technicalUserProfileService.GetTechnicalUserProfilesForOfferSubscription(A._)) + .Returns(new ServiceAccountCreationInfo[] + { + new(Guid.NewGuid().ToString(), "test", IamClientAuthMethod.SECRET, Enumerable.Empty()) + }); + + A.CallTo(() => _appInstanceRepository.CreateAppInstance(A._, A._)) + .Returns(new AppInstance(appInstanceId, _existingServiceId, clientId)); + + var companyAdminRoles = new[] + { + new UserRoleConfig("Cl2-CX-Portal", new[] { "IT Admin" }) + }; + var serviceManagerAdminRoles = new[] + { + new UserRoleConfig("Cl2-CX-Portal", new[] { "Service Manager" }) + }; + + var data = new OfferAutoSetupData(_pendingSubscriptionId, "https://new-url.com/"); + + // Act + //async Task Act() => await _sut.AutoSetupOfferAsync(data, companyAdminRoles, (_identity.UserId, _identity.CompanyId), OfferTypeId.APP, "https://base-address.com", serviceManagerAdminRoles).ConfigureAwait(false); + var result = await _sut.AutoSetupOfferAsync(data, companyAdminRoles, (_identity.UserId, _identity.CompanyId), OfferTypeId.APP, "https://base-address.com", serviceManagerAdminRoles).ConfigureAwait(false); + result.Should().NotBeNull(); + result.TechnicalUserInfo.Should().BeNull(); + A.CallTo(() => _serviceAccountCreation.CreateServiceAccountAsync(A._, A._, A>._, CompanyServiceAccountTypeId.MANAGED, false, A>._)).MustNotHaveHappened(); + } + [Fact] public async Task AutoSetup_WithValidDataAndUserWithoutMail_NoMailIsSend() { @@ -1051,12 +1097,13 @@ public async Task CreateTechnicalUser_WithTechnicalUserNeeded_ReturnsExpected(st var companyServiceAccount = _fixture.Build() .With(x => x.OfferSubscriptionId, (Guid?)null) .Create(); + var roleIds = _fixture.CreateMany().AsEnumerable(); A.CallTo(() => _offerSubscriptionsRepository.GetTechnicalUserCreationData(offerSubscriptionId)) .Returns(data); A.CallTo(() => _userRolesRepository.GetUserRoleDataUntrackedAsync(A>._)) .Returns(userRoleData.ToAsyncEnumerable()); A.CallTo(() => _technicalUserProfileService.GetTechnicalUserProfilesForOfferSubscription(A._)) - .Returns(new ServiceAccountCreationInfo[] { new(Guid.NewGuid().ToString(), "test", IamClientAuthMethod.SECRET, new List()) }); + .Returns(new ServiceAccountCreationInfo[] { new(Guid.NewGuid().ToString(), "test", IamClientAuthMethod.SECRET, roleIds) }); A.CallTo(() => _serviceAccountCreation.CreateServiceAccountAsync(A._, CompanyUserCompanyId, A>.That.Matches(x => x.Count() == 1 && x.Single() == Bpn), CompanyServiceAccountTypeId.MANAGED, false, A>._)) .Invokes((ServiceAccountCreationInfo _, Guid _, IEnumerable _, CompanyServiceAccountTypeId _, bool _, Action? setOptionalParameter) => {