add removal of idp-entities, remove multiple idps

eclipse-tractusx · Dec 15, 2023 · cc3c917 · cc3c917
1 parent 7f7a79b
commit cc3c917
Show file tree

Hide file tree

Showing 6 changed files with 63 additions and 21 deletions.
diff --git a/src/administration/Administration.Service/BusinessLogic/RegistrationBusinessLogic.cs b/src/administration/Administration.Service/BusinessLogic/RegistrationBusinessLogic.cs
@@ -425,10 +425,6 @@ public async Task DeclineRegistrationVerification(Guid applicationId, string com
         }
 
         var (companyId, companyName, processId, idps, companyUserIds) = result;
-        if (idps.Count() != 1)
-        {
-            throw new ConflictException($"There should only be one idp for application {applicationId}");
-        }
 
         var context = await _checklistService
             .VerifyChecklistEntryAndProcessSteps(
@@ -452,12 +448,21 @@ public async Task DeclineRegistrationVerification(Guid applicationId, string com
             },
             null);
 
-        var (idpAlias, idpType) = idps.Single();
-        if (idpType == IdentityProviderTypeId.SHARED)
+        var identityProviderRepository = _portalRepositories.GetInstance<IIdentityProviderRepository>();
+        foreach (var (idpId, idpAlias, idpType) in idps)
         {
-            await _provisioningManager.DeleteSharedIdpRealmAsync(idpAlias).ConfigureAwait(false);
+            if (idpType == IdentityProviderTypeId.SHARED)
+            {
+                await _provisioningManager.DeleteSharedIdpRealmAsync(idpAlias).ConfigureAwait(false);
+            }
+            identityProviderRepository.DeleteCompanyIdentityProvider(companyId, idpId);
+            if (idpType == IdentityProviderTypeId.OWN || idpType == IdentityProviderTypeId.SHARED)
+            {
+                await _provisioningManager.DeleteCentralIdentityProviderAsync(idpAlias).ConfigureAwait(false);
+                identityProviderRepository.DeleteIamIdentityProvider(idpAlias);
+                identityProviderRepository.DeleteIdentityProvider(idpId);
+            }
         }
-        await _provisioningManager.DeleteCentralIdentityProviderAsync(idpAlias).ConfigureAwait(false);
 
         _portalRepositories.GetInstance<IApplicationRepository>().AttachAndModifyCompanyApplication(applicationId, application =>
         {

diff --git a/src/portalbackend/PortalBackend.DBAccess/Repositories/ApplicationRepository.cs b/src/portalbackend/PortalBackend.DBAccess/Repositories/ApplicationRepository.cs
@@ -424,15 +424,15 @@ public IAsyncEnumerable<Guid> GetSubmittedApplicationIdsByBpn(string bpn) =>
     /// </summary>
     /// <param name="applicationId">Id of the application</param>
     /// <returns>Returns the company id</returns>
-    public Task<(Guid CompanyId, string CompanyName, Guid? NetworkRegistrationProcessId, IEnumerable<(string IamAlias, IdentityProviderTypeId TypeId)> Idps, IEnumerable<Guid> CompanyUserIds)> GetCompanyIdNameForSubmittedApplication(Guid applicationId) =>
+    public Task<(Guid CompanyId, string CompanyName, Guid? NetworkRegistrationProcessId, IEnumerable<(Guid IdentityProviderId, string IamAlias, IdentityProviderTypeId TypeId)> Idps, IEnumerable<Guid> CompanyUserIds)> GetCompanyIdNameForSubmittedApplication(Guid applicationId) =>
         _dbContext.CompanyApplications
             .AsSplitQuery()
             .Where(x => x.Id == applicationId && x.ApplicationStatusId == CompanyApplicationStatusId.SUBMITTED)
-            .Select(x => new ValueTuple<Guid, string, Guid?, IEnumerable<(string, IdentityProviderTypeId)>, IEnumerable<Guid>>(
+            .Select(x => new ValueTuple<Guid, string, Guid?, IEnumerable<(Guid, string, IdentityProviderTypeId)>, IEnumerable<Guid>>(
                 x.CompanyId,
                 x.Company!.Name,
                 x.Company.NetworkRegistration!.ProcessId,
-                x.Company.IdentityProviders.Where(idp => idp.IdentityProviderTypeId != IdentityProviderTypeId.MANAGED).Select(idp => new ValueTuple<string, IdentityProviderTypeId>(idp.IamIdentityProvider!.IamIdpAlias, idp.IdentityProviderTypeId)),
+                x.Company.IdentityProviders.Select(idp => new ValueTuple<Guid, string, IdentityProviderTypeId>(idp.Id, idp.IamIdentityProvider!.IamIdpAlias, idp.IdentityProviderTypeId)),
                 x.Company.Identities.Where(i => i.IdentityTypeId == IdentityTypeId.COMPANY_USER && i.UserStatusId != UserStatusId.DELETED).Select(i => i.Id)))
             .SingleOrDefaultAsync();
 

diff --git a/src/portalbackend/PortalBackend.DBAccess/Repositories/IApplicationRepository.cs b/src/portalbackend/PortalBackend.DBAccess/Repositories/IApplicationRepository.cs
@@ -96,7 +96,7 @@ public interface IApplicationRepository
     /// </summary>
     /// <param name="applicationId">Id of the application</param>
     /// <returns>The id of the company for the given application</returns>
-    Task<(Guid CompanyId, string CompanyName, Guid? NetworkRegistrationProcessId, IEnumerable<(string IamAlias, IdentityProviderTypeId TypeId)> Idps, IEnumerable<Guid> CompanyUserIds)> GetCompanyIdNameForSubmittedApplication(Guid applicationId);
+    Task<(Guid CompanyId, string CompanyName, Guid? NetworkRegistrationProcessId, IEnumerable<(Guid IdentityProviderId, string IamAlias, IdentityProviderTypeId TypeId)> Idps, IEnumerable<Guid> CompanyUserIds)> GetCompanyIdNameForSubmittedApplication(Guid applicationId);
 
     Task<bool> IsValidApplicationForCompany(Guid applicationId, Guid companyId);
 }
diff --git a/src/portalbackend/PortalBackend.DBAccess/Repositories/IIdentityProviderRepository.cs b/src/portalbackend/PortalBackend.DBAccess/Repositories/IIdentityProviderRepository.cs
@@ -29,8 +29,11 @@ namespace Org.Eclipse.TractusX.Portal.Backend.PortalBackend.DBAccess.Repositorie
 public interface IIdentityProviderRepository
 {
     IdentityProvider CreateIdentityProvider(IdentityProviderCategoryId identityProviderCategory, IdentityProviderTypeId identityProviderTypeId, Guid owner, Action<IdentityProvider>? setOptionalFields);
+    void DeleteIdentityProvider(Guid identityProviderId);
     IamIdentityProvider CreateIamIdentityProvider(Guid identityProviderId, string idpAlias);
+    void DeleteIamIdentityProvider(string idpAlias);
     CompanyIdentityProvider CreateCompanyIdentityProvider(Guid companyId, Guid identityProviderId);
+    void DeleteCompanyIdentityProvider(Guid companyId, Guid identityProviderId);
     void CreateCompanyIdentityProviders(IEnumerable<(Guid CompanyId, Guid IdentityProviderId)> companyIdIdentityProviderIds);
     Task<string?> GetSharedIdentityProviderIamAliasDataUntrackedAsync(Guid companyId);
     Task<(string? Alias, bool IsValidUser)> GetIdpCategoryIdByUserIdAsync(Guid companyUserId, Guid userCompanyId);

diff --git a/src/portalbackend/PortalBackend.DBAccess/Repositories/IdentityProviderRepository.cs b/src/portalbackend/PortalBackend.DBAccess/Repositories/IdentityProviderRepository.cs
@@ -53,13 +53,19 @@ public IdentityProvider CreateIdentityProvider(IdentityProviderCategoryId identi
             .Add(idp).Entity;
     }
 
+    public void DeleteIdentityProvider(Guid identityProviderId) =>
+        _context.IdentityProviders.Remove(new IdentityProvider(identityProviderId, default, default, Guid.Empty, default));
+
     public CompanyIdentityProvider CreateCompanyIdentityProvider(Guid companyId, Guid identityProviderId) =>
         _context.CompanyIdentityProviders
             .Add(new CompanyIdentityProvider(
                 companyId,
                 identityProviderId
             )).Entity;
 
+    public void DeleteCompanyIdentityProvider(Guid companyId, Guid identityProviderId) =>
+        _context.Remove(new CompanyIdentityProvider(companyId, identityProviderId));
+
     public void CreateCompanyIdentityProviders(IEnumerable<(Guid CompanyId, Guid IdentityProviderId)> companyIdIdentityProviderIds) =>
         _context.CompanyIdentityProviders
             .AddRange(companyIdIdentityProviderIds.Select(x => new CompanyIdentityProvider(
@@ -74,6 +80,9 @@ public IamIdentityProvider CreateIamIdentityProvider(Guid identityProviderId, st
                 idpAlias,
                 identityProviderId)).Entity;
 
+    public void DeleteIamIdentityProvider(string idpAlias) =>
+        _context.IamIdentityProviders.Remove(new IamIdentityProvider(idpAlias, Guid.Empty));
+
     public Task<string?> GetSharedIdentityProviderIamAliasDataUntrackedAsync(Guid companyId) =>
         _context.IdentityProviders
             .AsNoTracking()

diff --git a/...dministration/Administration.Service.Tests/BusinessLogic/RegistrationBusinessLogicTest.cs b/...dministration/Administration.Service.Tests/BusinessLogic/RegistrationBusinessLogicTest.cs
@@ -48,6 +48,7 @@ public class RegistrationBusinessLogicTest
     private const string ValidBpn = "BPNL123698762345";
     private const string CompanyName = "TestCompany";
     private const string IamAliasId = "idp1";
+    private static readonly Guid IdpId = Guid.NewGuid();
     private static readonly Guid IdWithBpn = new("c244f79a-7faf-4c59-bb85-fbfdf72ce46f");
     private static readonly Guid NotExistingApplicationId = new("9f0cfd0d-c512-438e-a07e-3198bce873bf");
     private static readonly Guid ActiveApplicationCompanyId = new("045abf01-7762-468b-98fb-84a30c39b7c7");
@@ -59,6 +60,7 @@ public class RegistrationBusinessLogicTest
 
     private readonly IPortalRepositories _portalRepositories;
     private readonly IApplicationRepository _applicationRepository;
+    private readonly IIdentityProviderRepository _identityProviderRepository;
     private readonly IProcessStepRepository _processStepRepository;
     private readonly IUserRepository _userRepository;
     private readonly IFixture _fixture;
@@ -80,6 +82,7 @@ public RegistrationBusinessLogicTest()
 
         _portalRepositories = A.Fake<IPortalRepositories>();
         _applicationRepository = A.Fake<IApplicationRepository>();
+        _identityProviderRepository = A.Fake<IIdentityProviderRepository>();
         _documentRepository = A.Fake<IDocumentRepository>();
         _processStepRepository = A.Fake<IProcessStepRepository>();
         _userRepository = A.Fake<IUserRepository>();
@@ -97,6 +100,7 @@ public RegistrationBusinessLogicTest()
         _provisioningManager = A.Fake<IProvisioningManager>();
 
         A.CallTo(() => _portalRepositories.GetInstance<IApplicationRepository>()).Returns(_applicationRepository);
+        A.CallTo(() => _portalRepositories.GetInstance<IIdentityProviderRepository>()).Returns(_identityProviderRepository);
         A.CallTo(() => _portalRepositories.GetInstance<IDocumentRepository>()).Returns(_documentRepository);
         A.CallTo(() => _portalRepositories.GetInstance<IUserRepository>()).Returns(_userRepository);
         A.CallTo(() => _portalRepositories.GetInstance<ICompanyRepository>()).Returns(_companyRepository);
@@ -501,7 +505,7 @@ public async Task DeclineRegistrationVerification_WithApplicationNotFound_Throws
         // Arrange
         var applicationId = Guid.NewGuid();
         A.CallTo(() => _applicationRepository.GetCompanyIdNameForSubmittedApplication(applicationId))
-            .Returns(default((Guid, string, Guid?, IEnumerable<(string, IdentityProviderTypeId)>, IEnumerable<Guid>)));
+            .Returns(default((Guid, string, Guid?, IEnumerable<(Guid, string, IdentityProviderTypeId)>, IEnumerable<Guid>)));
         async Task Act() => await _logic.DeclineRegistrationVerification(applicationId, "test", CancellationToken.None).ConfigureAwait(false);
 
         // Act
@@ -513,28 +517,49 @@ public async Task DeclineRegistrationVerification_WithApplicationNotFound_Throws
     }
 
     [Fact]
-    public async Task DeclineRegistrationVerification_WithMultipleIdps_ThrowsUnexpectedConditionException()
+    public async Task DeclineRegistrationVerification_WithMultipleIdps_CallsExpected()
     {
         // Arrange
         var applicationId = Guid.NewGuid();
+        var companyId = Guid.NewGuid();
+        var sharedIdpId = Guid.NewGuid();
+        var managedIdpId = Guid.NewGuid();
+        var ownIdpId = Guid.NewGuid();
+
         A.CallTo(() => _applicationRepository.GetCompanyIdNameForSubmittedApplication(applicationId))
             .Returns((
-                Guid.NewGuid(),
+                companyId,
                 "test",
                 null,
                 new[]
                 {
-                    ("idp1", IdentityProviderTypeId.SHARED),
-                    ("idp2", IdentityProviderTypeId.SHARED)
+                    (sharedIdpId, "idp1", IdentityProviderTypeId.SHARED),
+                    (managedIdpId, "idp2", IdentityProviderTypeId.MANAGED),
+                    (ownIdpId, "idp3", IdentityProviderTypeId.OWN),
                 },
                 Enumerable.Empty<Guid>()));
-        async Task Act() => await _logic.DeclineRegistrationVerification(applicationId, "test", CancellationToken.None).ConfigureAwait(false);
 
         // Act
-        var ex = await Assert.ThrowsAsync<UnexpectedConditionException>(Act);
+        await _logic.DeclineRegistrationVerification(applicationId, "test", CancellationToken.None).ConfigureAwait(false);
 
         // Assert
-        ex.Message.Should().Be($"There should only be one idp for application {applicationId}");
+        A.CallTo(() => _identityProviderRepository.DeleteCompanyIdentityProvider(companyId, sharedIdpId)).MustHaveHappenedOnceExactly();
+        A.CallTo(() => _identityProviderRepository.DeleteIamIdentityProvider("idp1")).MustHaveHappenedOnceExactly();
+        A.CallTo(() => _identityProviderRepository.DeleteIdentityProvider(sharedIdpId)).MustHaveHappenedOnceExactly();
+        A.CallTo(() => _provisioningManager.DeleteSharedIdpRealmAsync("idp1")).MustHaveHappenedOnceExactly();
+        A.CallTo(() => _provisioningManager.DeleteCentralIdentityProviderAsync("idp1")).MustHaveHappenedOnceExactly();
+
+        A.CallTo(() => _identityProviderRepository.DeleteCompanyIdentityProvider(companyId, sharedIdpId)).MustHaveHappenedOnceExactly();
+        A.CallTo(() => _identityProviderRepository.DeleteIamIdentityProvider("idp2")).MustNotHaveHappened();
+        A.CallTo(() => _identityProviderRepository.DeleteIdentityProvider(managedIdpId)).MustNotHaveHappened();
+        A.CallTo(() => _provisioningManager.DeleteSharedIdpRealmAsync("idp2")).MustNotHaveHappened();
+        A.CallTo(() => _provisioningManager.DeleteCentralIdentityProviderAsync("idp2")).MustNotHaveHappened();
+
+        A.CallTo(() => _identityProviderRepository.DeleteCompanyIdentityProvider(companyId, ownIdpId)).MustHaveHappenedOnceExactly();
+        A.CallTo(() => _identityProviderRepository.DeleteIamIdentityProvider("idp3")).MustHaveHappenedOnceExactly();
+        A.CallTo(() => _identityProviderRepository.DeleteIdentityProvider(ownIdpId)).MustHaveHappenedOnceExactly();
+        A.CallTo(() => _provisioningManager.DeleteSharedIdpRealmAsync("idp3")).MustNotHaveHappened();
+        A.CallTo(() => _provisioningManager.DeleteCentralIdentityProviderAsync("idp3")).MustHaveHappenedOnceExactly();
     }
 
     #endregion
@@ -886,7 +911,7 @@ private void SetupForDeclineRegistrationVerification(ApplicationChecklistEntry a
             }.ToImmutableDictionary(), Enumerable.Empty<ProcessStep>()));
 
         A.CallTo(() => _applicationRepository.GetCompanyIdNameForSubmittedApplication(IdWithBpn))
-            .Returns((CompanyId, CompanyName, ExistingExternalId, Enumerable.Repeat((IamAliasId, idpTypeId), 1), Enumerable.Repeat(UserId, 1)));
+            .Returns((CompanyId, CompanyName, ExistingExternalId, Enumerable.Repeat((IdpId, IamAliasId, idpTypeId), 1), Enumerable.Repeat(UserId, 1)));
 
         A.CallTo(() => _provisioningManager.GetUserByUserName(UserId.ToString()))
             .Returns("user123");