Refactored UserBusinessService.updateUser

open-schnick · open-schnick · commit 25b1811f9363 · 2020-11-30T11:19:02.000+01:00
diff --git a/src/main/java/de/filefighter/rest/domain/user/business/UserBusinessService.java b/src/main/java/de/filefighter/rest/domain/user/business/UserBusinessService.java
@@ -161,75 +161,90 @@ public void updateUser(long userId, UserRegisterForm userToUpdate, User authenti
             throw new UserNotUpdatedException("Only Admins are allowed to update other users.");
 
         UserEntity userEntityToUpdate = userRepository.findByUserId(userId);
+        if (null == userEntityToUpdate)
+            throw new UserNotUpdatedException("User does not exist, use register endpoint.");
+
         Update newUpdate = new Update();
-        boolean changesWereMade = false;
 
-        // username
-        String username = userToUpdate.getUsername();
-        if (null != username) {
-            if (!stringIsValid(username))
-                throw new UserNotUpdatedException("Wanted to change username, but username was not valid.");
+        boolean changesWereMade = updateUserName(newUpdate, userToUpdate.getUsername());
 
-            User user = null;
+        boolean usernameIsValid = stringIsValid(userToUpdate.getUsername());
+        String lowerCaseUsername = usernameIsValid ? userToUpdate.getUsername().toLowerCase() : userEntityToUpdate.getLowercaseUsername();
+        boolean passwordWasUpdated = updatePassword(newUpdate, userToUpdate.getPassword(), userToUpdate.getConfirmationPassword(), lowerCaseUsername);
+        changesWereMade = passwordWasUpdated || changesWereMade;
+
+        boolean userGroupsWereUpdated = updateGroups(newUpdate, userToUpdate.getGroupIds(), authenticatedUserIsAdmin);
+        changesWereMade = userGroupsWereUpdated || changesWereMade;
+
+        if (!changesWereMade)
+            throw new UserNotUpdatedException("No changes were made.");
+
+        Query query = new Query();
+        query.addCriteria(Criteria.where("userId").is(userId));
+        mongoTemplate.findAndModify(query, newUpdate, UserEntity.class);
+    }
+
+    private boolean updateGroups(Update newUpdate, long[] groupIds, boolean authenticatedUserIsAdmin) {
+        if (null != groupIds) {
             try {
-                user = this.findUserByUsername(username);
-            } catch (UserNotFoundException ignored) {
-                LOG.info("Username '{}' is free to use.", username);
+                for (Groups group : groupRepository.getGroupsByIds(groupIds)) {
+                    if (group == Groups.ADMIN && !authenticatedUserIsAdmin)
+                        throw new UserNotUpdatedException("Only admins can add users to group " + Groups.ADMIN.getDisplayName() + ".");
+                }
+            } catch (IllegalArgumentException exception) {
+                throw new UserNotUpdatedException("One or more groups do not exist.");
             }
 
-            if (null != user)
-                throw new UserNotUpdatedException("Username already taken.");
-
-            changesWereMade = true;
-            newUpdate.set("username", username);
+            newUpdate.set("groupIds", groupIds);
+            return true;
         }
+        return false;
+    }
 
-        // pw
-        if (null != userToUpdate.getPassword()) {
-            String password = userToUpdate.getPassword();
-            String confirmation = userToUpdate.getConfirmationPassword();
+    private boolean updatePassword(Update newUpdate, String password, String confirmationPassword, String lowercaseUserName) {
+        if (null != password) {
 
-            if (!stringIsValid(password) || !stringIsValid(confirmation))
+            if (!stringIsValid(password) || !stringIsValid(confirmationPassword))
                 throw new UserNotUpdatedException("Wanted to change password, but password was not valid.");
 
             if (!passwordIsValid(password))
                 throw new UserNotUpdatedException("Password needs to be at least 8 characters long and, contains at least one uppercase and lowercase letter and a number.");
 
-            if (!password.contentEquals(confirmation))
+            if (!password.contentEquals(confirmationPassword))
                 throw new UserNotUpdatedException("Passwords do not match.");
 
-            if (password.toLowerCase().contains(userEntityToUpdate.getLowercaseUsername()))
+            if (password.toLowerCase().contains(lowercaseUserName))
                 throw new UserNotUpdatedException("Username must not appear in password.");
 
-            changesWereMade = true;
             newUpdate.set("password", password);
-
             //update refreshToken
             String newRefreshToken = AccessTokenBusinessService.generateRandomTokenValue();
             newUpdate.set("refreshToken", newRefreshToken);
+
+            return true;
         }
+        return false;
+    }
+
+    private boolean updateUserName(Update update, String username) {
+        if (null != username) {
+            if (!stringIsValid(username))
+                throw new UserNotUpdatedException("Wanted to change username, but username was not valid.");
 
-        // groups
-        if (null != userToUpdate.getGroupIds()) {
+            User user = null;
             try {
-                for (Groups group : groupRepository.getGroupsByIds(userToUpdate.getGroupIds())) {
-                    if (group == Groups.ADMIN && !authenticatedUserIsAdmin)
-                        throw new UserNotUpdatedException("Only admins can add users to group " + Groups.ADMIN.getDisplayName() + ".");
-                }
-            } catch (IllegalArgumentException exception) {
-                throw new UserNotUpdatedException("One or more groups do not exist.");
+                user = this.findUserByUsername(username);
+            } catch (UserNotFoundException ignored) {
+                LOG.info("Username '{}' is free to use.", username);
             }
 
-            changesWereMade = true;
-            newUpdate.set("groupIds", userToUpdate.getGroupIds());
-        }
-
-        if (!changesWereMade)
-            throw new UserNotUpdatedException("No changes were made.");
+            if (null != user)
+                throw new UserNotUpdatedException("Username already taken.");
 
-        Query query = new Query();
-        query.addCriteria(Criteria.where("userId").is(userId));
-        mongoTemplate.findAndModify(query, newUpdate, UserEntity.class);
+            update.set("username", username);
+            return true;
+        }
+        return false;
     }
 
     public long generateRandomUserId() {
diff --git a/src/test/java/de/filefighter/rest/domain/user/business/UserBusinessServiceUnitTest.java b/src/test/java/de/filefighter/rest/domain/user/business/UserBusinessServiceUnitTest.java
@@ -27,9 +27,19 @@ class UserBusinessServiceUnitTest {
     private final MongoTemplate mongoTemplateMock = mock(MongoTemplate.class);
     private UserBusinessService userBusinessService;
 
+    private static UserEntity userEntityMock;
+
     @BeforeEach
     void setUp() {
         userBusinessService = new UserBusinessService(userRepositoryMock, userDtoServiceMock, groupRepositoryMock, mongoTemplateMock);
+        userEntityMock = UserEntity.builder()
+                .lowercaseUsername("username")
+                .userId(420)
+                .username("Username")
+                .password("password")
+                .refreshToken("refreshToken")
+                .groupIds(new long[0])
+                .build();
     }
 
     @Test
@@ -55,7 +65,7 @@ void getRefreshTokenForUserWithoutUser() {
         UserNotFoundException ex = assertThrows(UserNotFoundException.class, () ->
                 userBusinessService.getRefreshTokenForUser(dummyUser)
         );
-        assertEquals("Could not find user with userId " + userId+".", ex.getMessage());
+        assertEquals("Could not find user with userId " + userId + ".", ex.getMessage());
     }
 
     @Test
@@ -99,7 +109,7 @@ void getUserByIdThrowsExceptions() {
         UserNotFoundException ex = assertThrows(UserNotFoundException.class, () ->
                 userBusinessService.getUserById(id));
 
-        assertEquals("Could not find user with userId " + id+".", ex.getMessage());
+        assertEquals("Could not find user with userId " + id + ".", ex.getMessage());
     }
 
     @Test
@@ -274,7 +284,13 @@ void updateUserThrows() {
                 userBusinessService.updateUser(userId, userRegisterForm1, authenticatedUser));
         assertEquals("User could not get updated. Only Admins are allowed to update other users.", ex.getMessage());
 
+        //user not found with id.
         authenticatedUser.setGroups(new Groups[]{Groups.ADMIN});
+        ex = assertThrows(UserNotUpdatedException.class, () ->
+                userBusinessService.updateUser(userId, userRegisterForm1, authenticatedUser));
+        assertEquals("User could not get updated. User does not exist, use register endpoint.", ex.getMessage());
+
+        when(userRepositoryMock.findByUserId(userId)).thenReturn(userEntityMock);
         ex = assertThrows(UserNotUpdatedException.class, () ->
                 userBusinessService.updateUser(userId, userRegisterForm1, authenticatedUser));
         assertEquals("User could not get updated. No changes were made.", ex.getMessage());
@@ -287,6 +303,8 @@ void updateUserNameThrows() {
         User authenticatedUser = User.builder().id(userId).groups(new Groups[]{Groups.FAMILY}).build();
         UserEntity dummyEntity = UserEntity.builder().build();
 
+        when(userRepositoryMock.findByUserId(userId)).thenReturn(userEntityMock);
+
         userRegisterForm.setUsername("");
         UserNotUpdatedException ex = assertThrows(UserNotUpdatedException.class, () ->
                 userBusinessService.updateUser(userId, userRegisterForm, authenticatedUser));
@@ -307,6 +325,8 @@ void updateUserNameWorks() {
         long userId = 420;
         User authenticatedUser = User.builder().id(userId).groups(new Groups[]{Groups.FAMILY}).build();
 
+        when(userRepositoryMock.findByUserId(userId)).thenReturn(userEntityMock);
+
         assertDoesNotThrow(() -> userBusinessService.updateUser(userId, userRegisterForm, authenticatedUser));
     }
 
@@ -317,11 +337,14 @@ void updatePasswordThrows() {
         User authenticatedUser = User.builder().id(userId).groups(new Groups[]{Groups.FAMILY}).build();
         UserEntity dummyEntity = UserEntity.builder().userId(userId).lowercaseUsername("password").build();
 
+        when(userRepositoryMock.findByUserId(userId)).thenReturn(userEntityMock);
+
         userRegisterForm.setPassword("");
         UserNotUpdatedException ex = assertThrows(UserNotUpdatedException.class, () ->
                 userBusinessService.updateUser(userId, userRegisterForm, authenticatedUser));
         assertEquals("User could not get updated. Wanted to change password, but password was not valid.", ex.getMessage());
 
+        userRegisterForm.setPassword("somepw");
         userRegisterForm.setConfirmationPassword("");
         ex = assertThrows(UserNotUpdatedException.class, () ->
                 userBusinessService.updateUser(userId, userRegisterForm, authenticatedUser));
