Add tenantRoleIds and tenantRoleNames to UserSearchRequest (#213)

* Add tenantRoleIds and tenantRoleNames to UserSearchRequest and update UserServiceImpl to handle them

* Fix user search test to work with Java 8

* Fix formatting for user search test

* Fix mapToValuesObject with imports and map types

* Update UserServiceImpl.java

* Update UserServiceImpl.java

* test: enhance UserServiceImplTest with new tenant role parameter search functionality

* Update UserServiceImplTest.java

Author: talberry

src/main/java/com/descope/model/user/request/UserSearchRequest.java

@@ -43,4 +43,6 @@ public class UserSearchRequest {
   /** Retrieve only users updated before the given time. */
   @JsonSerialize(using = InstantToMillisSerializer.class)
   Instant toModifiedTime;
+  Map<String, List<String>> tenantRoleIds;
+  Map<String, List<String>> tenantRoleNames;
 }

src/main/java/com/descope/sdk/mgmt/impl/UserServiceImpl.java

@@ -62,7 +62,9 @@
 import com.descope.proxy.ApiProxy;
 import com.descope.sdk.mgmt.UserService;
 import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import java.net.URI;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import org.apache.commons.collections4.CollectionUtils;
@@ -255,9 +257,18 @@ public AllUsersResponseDetails searchAll(UserSearchRequest request) throws Desco
       throw ServerCommonException.invalidArgument("page");
     }
 
+    Map<String, Object> payload = new ObjectMapper().convertValue(request, new TypeReference<Map<String, Object>>() {});
+    
+    if (request.getTenantRoleIds() != null) {
+      payload.put("tenantRoleIds", mapToValuesObject(request.getTenantRoleIds()));
+    }
+    if (request.getTenantRoleNames() != null) {
+      payload.put("tenantRoleNames", mapToValuesObject(request.getTenantRoleNames()));
+    }
+
     URI composeSearchAllUri = composeSearchAllUri();
     ApiProxy apiProxy = getApiProxy();
-    return apiProxy.post(composeSearchAllUri, request, AllUsersResponseDetails.class);
+    return apiProxy.post(composeSearchAllUri, payload, AllUsersResponseDetails.class);
   }
 
   @Override
@@ -741,4 +752,17 @@ private URI composeExpirePasswordUri() {
   private URI composeGenerateEmbeddedLink() {
     return getUri(USER_CREATE_EMBEDDED_LINK);
   }
+
+  private static Map<String, Map<String, List<String>>> mapToValuesObject(Map<String, List<String>> inputMap) {
+    if (inputMap == null) {
+      return null;
+    }
+    Map<String, Map<String, List<String>>> result = new HashMap<>();
+    for (Map.Entry<String, List<String>> entry : inputMap.entrySet()) {
+      if (entry.getValue() != null) {
+        result.put(entry.getKey(), mapOf("values", entry.getValue()));
+      }
+    }
+    return result.isEmpty() ? null : result;
+  }
 }

src/test/java/com/descope/model/user/request/UserSearchRequestTest.java

@@ -31,9 +31,31 @@ public void testInstantSerialization() throws JsonProcessingException {
         "{\"tenantIds\":[\"tenant1\"],\"roles\":[\"role1\"],\"limit\":0,\"page\":0,\"withTestUser\":null,"
         + "\"testUsersOnly\":null,\"customAttributes\":null,\"statuses\":null,\"emails\":null,\"phones\":null,"
         + "\"loginIds\":null,\"userIds\":null,\"ssoAppIds\":null,\"fromCreatedTime\":%d,\"toCreatedTime\":%d,"
-        + "\"fromModifiedTime\":%d,\"toModifiedTime\":%d}",
+        + "\"fromModifiedTime\":%d,\"toModifiedTime\":%d,"
+        + "\"tenantRoleIds\":null,\"tenantRoleNames\":null}",
         expectedMillis, expectedMillis, expectedMillis, expectedMillis);
 
     assertEquals(expectedJson, json);
   }
+
+  @Test
+  public void testTenantRoleIdsAndNamesSerialization() throws JsonProcessingException {
+    ObjectMapper mapper = new ObjectMapper();
+    UserSearchRequest request = UserSearchRequest.builder()
+        .tenantIds(Collections.singletonList("tenant1"))
+        .roles(Collections.singletonList("role1"))
+        .tenantRoleIds(Collections.singletonMap("tenant1", Collections.singletonList("roleA")))
+        .tenantRoleNames(Collections.singletonMap("tenant2", Collections.singletonList("roleX")))
+        .build();
+
+    String json = mapper.writeValueAsString(request);
+    String expectedJson = "{\"tenantIds\":[\"tenant1\"],\"roles\":[\"role1\"],\"limit\":0,\"page\":0,"
+        + "\"withTestUser\":null,\"testUsersOnly\":null,\"customAttributes\":null,\"statuses\":null,\"emails\":null,"
+        + "\"phones\":null,\"loginIds\":null,\"userIds\":null,\"ssoAppIds\":null,\"fromCreatedTime\":null,"
+        + "\"toCreatedTime\":null,\"fromModifiedTime\":null,\"toModifiedTime\":null,"
+        + "\"tenantRoleIds\":{\"tenant1\":[\"roleA\"]},"
+        + "\"tenantRoleNames\":{\"tenant2\":[\"roleX\"]}}";
+
+    assertEquals(expectedJson, json);
+  }
 }

src/test/java/com/descope/sdk/mgmt/impl/UserServiceImplTest.java

@@ -66,6 +66,7 @@
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junitpioneer.jupiter.RetryingTest;
+import org.mockito.ArgumentCaptor;
 import org.mockito.MockedStatic;
 
 public class UserServiceImplTest {
@@ -824,6 +825,50 @@ void testSearchAllForSuccess() {
     }
   }
 
+  @Test
+  void testSearchAllWithTenantRoleParams() {
+    Map<String, List<String>> tenantRoleIds = mapOf("tenant1", Arrays.asList("roleA", "roleB"));
+    Map<String, List<String>> tenantRoleNames = mapOf("tenant1", Arrays.asList("roleA", "roleB"));
+    AllUsersResponseDetails allUsersResponse = mock(AllUsersResponseDetails.class);
+    UserSearchRequest userSearchRequest = UserSearchRequest.builder()
+        .limit(5)
+        .page(0)
+        .tenantRoleIds(tenantRoleIds)
+        .tenantRoleNames(tenantRoleNames)
+        .build();
+
+    ApiProxy apiProxy = mock(ApiProxy.class);
+    doReturn(allUsersResponse).when(apiProxy).post(any(), any(), any());
+
+    try (MockedStatic<ApiProxyBuilder> mockedApiProxyBuilder = mockStatic(ApiProxyBuilder.class)) {
+      mockedApiProxyBuilder.when(() -> ApiProxyBuilder.buildProxy(any(), any())).thenReturn(apiProxy);
+
+      userService.searchAll(userSearchRequest);
+
+      @SuppressWarnings("unchecked")
+      ArgumentCaptor<Map<String, Object>> captor = ArgumentCaptor.forClass(Map.class);
+      verify(apiProxy).post(any(), captor.capture(), any());
+
+      Map<String, Object> payload = captor.getValue();
+
+      @SuppressWarnings("unchecked")
+      Map<String, Object> wrappedIds = (Map<String, Object>) payload.get("tenantRoleIds");
+      assertTrue(wrappedIds.get("tenant1") instanceof Map);
+
+      @SuppressWarnings("unchecked")
+      Map<String, Object> tenantIdsMap = (Map<String, Object>) wrappedIds.get("tenant1");
+      assertEquals(Arrays.asList("roleA", "roleB"), (tenantIdsMap.get("values")));
+
+      @SuppressWarnings("unchecked")
+      Map<String, Object> wrappedNames = (Map<String, Object>) payload.get("tenantRoleNames");
+      assertTrue(wrappedNames.get("tenant1") instanceof Map);
+
+      @SuppressWarnings("unchecked")
+      Map<String, Object> tenantNamesMap = (Map<String, Object>) wrappedNames.get("tenant1");
+      assertEquals(Arrays.asList("roleA", "roleB"), (tenantNamesMap.get("values")));
+    }
+  }
+
   @Test
   void testSearchAllForInvalidLimit() {
     ServerCommonException thrown = assertThrows(ServerCommonException.class,
@@ -1003,6 +1048,23 @@ void testFunctionalUserWithTenantAndRole() {
     user = updateResponse.getUser();
     assertNotNull(user);
     assertThat(user.getRoleNames()).containsExactly(roleName);
+    // Patch
+    UserResponseDetails patchResponse = userService.patch(loginId,
+        PatchUserRequest.builder()
+            .userTenants(
+                Arrays.asList(AssociatedTenant.builder()
+                    .tenantId(tenantId).roleNames(Arrays.asList(roleName)).build())).build());
+    user = patchResponse.getUser();
+    assertNotNull(user);
+    assertThat(user.getUserTenants()).containsExactly(AssociatedTenant.builder().tenantId(tenantId)
+        .tenantName(tenantName).roleNames(Arrays.asList(roleName)).build());
+    // Search
+    AllUsersResponseDetails searchByTenantRoleNames = userService.searchAll(
+        UserSearchRequest.builder()
+            .tenantRoleNames(mapOf(tenantId, Arrays.asList(roleName))).build());
+    boolean foundByRoleName = searchByTenantRoleNames.getUsers().stream()
+        .anyMatch(u -> u.getUserId().equals(createResponse.getUser().getUserId()));
+    assertTrue(foundByRoleName); 
     // Delete
     userService.delete(loginId);
     tenantService.delete(tenantId);