2024-10-23 - feedback - external reviewer - server-side

Luch76 · Luch76 · commit 227899ecd868 · 2024-10-23T14:49:36.000-04:00
diff --git a/server/src/main/java/com/objectcomputing/checkins/services/feedback_external_recipient/FeedbackExternalRecipientController.java b/server/src/main/java/com/objectcomputing/checkins/services/feedback_external_recipient/FeedbackExternalRecipientController.java
@@ -51,6 +51,22 @@ public List<FeedbackRequestResponseDTO> findByValues(@Nullable UUID creatorId, @
                 .toList();
     }
 
+    /**
+     * Update a feedback request
+     *
+     * @param requestBody {@link FeedbackRequestUpdateDTO} The updated feedback request
+     * @return {@link FeedbackRequestResponseDTO}
+     */
+    @Put
+    public HttpResponse<FeedbackRequestResponseDTO> update(@Body @Valid @NotNull FeedbackRequestUpdateDTO requestBody) {
+        if (requestBody.getExternalRecipientId() == null) {
+            throw new BadArgException("Missing required parameter: externalRecipientId");
+        }
+        FeedbackRequest savedFeedback = feedbackReqServices.update(requestBody);
+        return HttpResponse.ok(fromEntity(savedFeedback))
+                .headers(headers -> headers.location(URI.create("/feedback_request/" + savedFeedback.getId())));
+    }
+
     private FeedbackRequestResponseDTO fromEntity(FeedbackRequest feedbackRequest) {
         FeedbackRequestResponseDTO dto = new FeedbackRequestResponseDTO();
         dto.setId(feedbackRequest.getId());
diff --git a/server/src/main/java/com/objectcomputing/checkins/services/feedback_request/FeedbackRequestServicesImpl.java b/server/src/main/java/com/objectcomputing/checkins/services/feedback_request/FeedbackRequestServicesImpl.java
@@ -425,8 +425,19 @@ private boolean reassignIsPermitted(FeedbackRequest feedbackRequest) {
 
     private boolean isCurrentUserAdminOrOwner(FeedbackRequest feedbackRequest) {
         boolean isAdmin = currentUserServices.isAdmin();
-        UUID currentUserId = currentUserServices.getCurrentUser().getId();
-        return isAdmin || currentUserId.equals(feedbackRequest.getCreatorId());
+        boolean currentUserIsSameAsCreator = false;
+        UUID currentUserId;
+        MemberProfile currentUser;
+        try {
+            currentUser = currentUserServices.getCurrentUser();
+        } catch (NotFoundException notFoundException) {
+            currentUser = null;
+        }
+        if (currentUser != null) {
+            currentUserId = currentUserServices.getCurrentUser().getId();
+            currentUserIsSameAsCreator = currentUserId.equals(feedbackRequest.getCreatorId());
+        }
+        return isAdmin || currentUserIsSameAsCreator;
     }
 
     private boolean updateSubmitDateIsPermitted(FeedbackRequest feedbackRequest) {
diff --git a/server/src/test/java/com/objectcomputing/checkins/services/feedback_request/FeedbackRequestControllerTest.java b/server/src/test/java/com/objectcomputing/checkins/services/feedback_request/FeedbackRequestControllerTest.java
@@ -1520,7 +1520,39 @@ void testGetEveryAllTimeAdminToRecipients() {
     }
 
     @Test
-    void testUpdateDueDateAuthorized() {
+    void testGetEveryAllTimeAdminToExternalRecipients() {
+        MemberProfile admin = createADefaultMemberProfile();
+        assignAdminRole(admin);
+        MemberProfile pdlMemberProfile = createASecondDefaultMemberProfile();
+        MemberProfile memberOne = createADefaultMemberProfileForPdl(pdlMemberProfile);
+        final FeedbackExternalRecipient externalRecipient01 = createADefaultFeedbackExternalRecipient();
+        final FeedbackExternalRecipient externalRecipient02 = createASecondDefaultFeedbackExternalRecipient();
+
+        LocalDate now = LocalDate.now();
+        LocalDate oldestDate = LocalDate.of(2010, 10, 10);
+        LocalDate withinLastFewMonths = now.minusMonths(2);
+        LocalDate outOfRange = now.minusMonths(10);
+
+        // create sample feedback requests with different send dates
+        final FeedbackRequest feedbackReq = saveFeedbackRequest(pdlMemberProfile, memberOne, externalRecipient01, now);
+        final FeedbackRequest feedbackReqTwo = saveFeedbackRequest(pdlMemberProfile, memberOne, externalRecipient02, withinLastFewMonths);
+        final FeedbackRequest feedbackReqThree = saveFeedbackRequest(pdlMemberProfile, memberOne, externalRecipient02, outOfRange);
+
+        final HttpRequest<?> request = HttpRequest.GET(String.format("/?oldestDate=%s", oldestDate))
+                .basicAuth(admin.getWorkEmail(), RoleType.Constants.ADMIN_ROLE);
+        final HttpResponse<List<FeedbackRequestResponseDTO>> response = client.toBlocking()
+                .exchange(request, Argument.listOf(FeedbackRequestResponseDTO.class));
+
+        assertEquals(HttpStatus.OK, response.getStatus());
+        assertTrue(response.getBody().isPresent());
+        assertEquals(3, response.getBody().get().size());
+        assertResponseEqualsEntity(feedbackReq, response.getBody().get().get(0));
+        assertResponseEqualsEntity(feedbackReqTwo, response.getBody().get().get(1));
+        assertResponseEqualsEntity(feedbackReqThree, response.getBody().get().get(2));
+    }
+
+    @Test
+    void testUpdateDueDateAuthorizedToRecipient() {
         MemberProfile pdlMemberProfile = createADefaultMemberProfile();
         assignPdlRole(pdlMemberProfile);
         MemberProfile employeeMemberProfile = createADefaultMemberProfileForPdl(pdlMemberProfile);
@@ -1540,7 +1572,27 @@ void testUpdateDueDateAuthorized() {
     }
 
     @Test
-    void testUpdateDueDateToBeforeSendDate() {
+    void testUpdateDueDateAuthorizedToExternalRecipient() {
+        MemberProfile pdlMemberProfile = createADefaultMemberProfile();
+        assignPdlRole(pdlMemberProfile);
+        MemberProfile employeeMemberProfile = createADefaultMemberProfileForPdl(pdlMemberProfile);
+        final FeedbackExternalRecipient externalRecipient01 = createADefaultFeedbackExternalRecipient();
+
+        final FeedbackRequest feedbackReq = saveFeedbackRequest(pdlMemberProfile, employeeMemberProfile, externalRecipient01);
+        feedbackReq.setDueDate(LocalDate.now());
+        final FeedbackRequestUpdateDTO dto = updateDTO(feedbackReq);
+
+        final HttpRequest<?> request = HttpRequest.PUT("", dto)
+                .basicAuth(pdlMemberProfile.getWorkEmail(), RoleType.Constants.PDL_ROLE);
+        final HttpResponse<FeedbackRequestResponseDTO> response = client.toBlocking().exchange(request, FeedbackRequestResponseDTO.class);
+
+        assertEquals(HttpStatus.OK, response.getStatus());
+        assertTrue(response.getBody().isPresent());
+        assertResponseEqualsEntity(feedbackReq, response.getBody().get());
+    }
+
+    @Test
+    void testUpdateDueDateToBeforeSendDateToRecipient() {
         MemberProfile pdlMemberProfile = createADefaultMemberProfile();
         assignPdlRole(pdlMemberProfile);
         MemberProfile employeeMemberProfile = createADefaultMemberProfileForPdl(pdlMemberProfile);
@@ -1561,7 +1613,28 @@ void testUpdateDueDateToBeforeSendDate() {
     }
 
     @Test
-    void testUpdateDueDateUnauthorized() {
+    void testUpdateDueDateToBeforeSendDateToExternalRecipient() {
+        MemberProfile pdlMemberProfile = createADefaultMemberProfile();
+        assignPdlRole(pdlMemberProfile);
+        MemberProfile employeeMemberProfile = createADefaultMemberProfileForPdl(pdlMemberProfile);
+        final FeedbackExternalRecipient externalRecipient01 = createADefaultFeedbackExternalRecipient();
+
+        final FeedbackRequest feedbackReq = saveFeedbackRequest(pdlMemberProfile, employeeMemberProfile, externalRecipient01);
+        feedbackReq.setSendDate(LocalDate.of(1111, 11, 2));
+        feedbackReq.setDueDate(LocalDate.of(1111, 11, 1));
+        final FeedbackRequestUpdateDTO dto = updateDTO(feedbackReq);
+
+        final HttpRequest<?> request = HttpRequest.PUT("", dto)
+                .basicAuth(pdlMemberProfile.getWorkEmail(), RoleType.Constants.PDL_ROLE);
+        final HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () ->
+                client.toBlocking().exchange(request, Map.class));
+
+        assertEquals(HttpStatus.BAD_REQUEST, responseException.getStatus());
+        assertEquals("Send date of feedback request must be before the due date.", responseException.getMessage());
+    }
+
+    @Test
+    void testUpdateDueDateUnauthorizedToRecipient() {
         MemberProfile pdlMemberProfile = createADefaultMemberProfile();
         assignPdlRole(pdlMemberProfile);
         MemberProfile employeeMemberProfile = createADefaultMemberProfileForPdl(pdlMemberProfile);
@@ -1579,6 +1652,24 @@ void testUpdateDueDateUnauthorized() {
         assertUnauthorized(responseException);
     }
 
+    @Test
+    void testUpdateDueDateUnauthorizedToExternalRecipient() {
+        MemberProfile pdlMemberProfile = createADefaultMemberProfile();
+        assignPdlRole(pdlMemberProfile);
+        MemberProfile employeeMemberProfile = createADefaultMemberProfileForPdl(pdlMemberProfile);
+        final FeedbackExternalRecipient externalRecipient01 = createADefaultFeedbackExternalRecipient();
+
+        final FeedbackRequest feedbackReq = saveFeedbackRequest(pdlMemberProfile, employeeMemberProfile, externalRecipient01);
+        feedbackReq.setDueDate(Util.MAX.toLocalDate());
+        final FeedbackRequestUpdateDTO dto = updateDTO(feedbackReq);
+
+        final HttpRequest<?> request = HttpRequest.PUT("", dto);
+        final HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () ->
+                clientExternalRecipient.toBlocking().exchange(request, Map.class));
+
+        assertUnauthorized(responseException);
+    }
+
     @Test
     void testUpdateStatusAndSubmitDateAuthorizedByRecipient() {
         MemberProfile pdlMemberProfile = createADefaultMemberProfile();
