From 9767f7e90f4d8ce33e1247d3c7d38f032280f795 Mon Sep 17 00:00:00 2001
From: Kavin Prathaban <kavin@entgra.io>
Date: Tue, 17 Oct 2023 04:20:12 +0000
Subject: [PATCH] Add validation for user deletion (#244)

## Purpose
* Fixes https://roadmap.entgra.net/issues/10337

## Description
* Add validation to check whether the user has enrolled devices

Co-authored-by: prathabanKavin <kavinprathaban025@gmail.com>
Reviewed-on: https://repository.entgra.net/community/device-mgt-core/pulls/244
Co-authored-by: Kavin Prathaban <kavin@entgra.io>
Co-committed-by: Kavin Prathaban <kavin@entgra.io>
---
 .../impl/UserManagementServiceImpl.java       | 35 ++++++++++++-------
 .../impl/UserManagementServiceImplTest.java   |  5 +--
 2 files changed, 26 insertions(+), 14 deletions(-)

diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/UserManagementServiceImpl.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/UserManagementServiceImpl.java
index 6d24ee6aa3..cdf3fb8342 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/UserManagementServiceImpl.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/UserManagementServiceImpl.java
@@ -19,6 +19,7 @@ package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl;
 
 import com.google.gson.JsonArray;
 import com.google.gson.JsonObject;
+import io.entgra.device.mgt.core.device.mgt.common.Device;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -320,32 +321,42 @@ public class UserManagementServiceImpl implements UserManagementService {
     @Consumes(MediaType.WILDCARD)
     @Override
     public Response removeUser(@QueryParam("username") String username, @QueryParam("domain") String domain) {
+        boolean nameWithDomain = false;
         if (domain != null && !domain.isEmpty()) {
             username = domain + '/' + username;
+            nameWithDomain = true;
         }
         try {
+            int deviceCount;
             UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
             if (!userStoreManager.isExistingUser(username)) {
                 if (log.isDebugEnabled()) {
-                    log.debug("User by username: " + username + " does not exist for removal.");
+                    log.debug("User by user: " + username + " does not exist for removal.");
                 }
-                String msg = "User by username: " + username + " does not exist for removal.";
+                String msg = "User by user: " + username + " does not exist for removal.";
                 return Response.status(Response.Status.NOT_FOUND).entity(msg).build();
             }
-            // Un-enroll all devices for the user
             DeviceManagementProviderService deviceManagementService = DeviceMgtAPIUtils.getDeviceManagementService();
-            deviceManagementService.setStatus(username, EnrolmentInfo.Status.REMOVED);
-
-            userStoreManager.deleteUser(username);
-            if (log.isDebugEnabled()) {
-                log.debug("User '" + username + "' was successfully removed.");
+            if (nameWithDomain) {
+                deviceCount = deviceManagementService.getDeviceCount(username.split("/")[1]);
+            } else {
+                deviceCount = deviceManagementService.getDeviceCount(username);
+            }
+            if (deviceCount == 0) {
+                userStoreManager.deleteUser(username);
+                if (log.isDebugEnabled()) {
+                    log.debug("User '" + username + "' was successfully removed.");
+                }
+                return Response.status(Response.Status.OK).build();
+            } else {
+                String msg = "There are enrolled devices for user: " + username + ". Please remove them before deleting the user.";
+                log.error(msg);
+                return Response.status(400).entity(msg).build();
             }
-            return Response.status(Response.Status.OK).build();
         } catch (DeviceManagementException | UserStoreException e) {
-            String msg = "Exception in trying to remove user by username: " + username;
+            String msg = "Exception in trying to remove user by user: " + username;
             log.error(msg, e);
-            return Response.serverError().entity(
-                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
+            return Response.status(400).entity(msg).build();
         }
     }
 
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/test/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/UserManagementServiceImplTest.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/test/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/UserManagementServiceImplTest.java
index e517561279..d032194a1f 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/test/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/UserManagementServiceImplTest.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/test/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/UserManagementServiceImplTest.java
@@ -18,6 +18,7 @@
 
 package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl;
 
+import io.entgra.device.mgt.core.device.mgt.common.Device;
 import org.mockito.Mockito;
 import org.mockito.invocation.InvocationOnMock;
 import org.mockito.stubbing.Answer;
@@ -272,7 +273,7 @@ public class UserManagementServiceImplTest {
                 .toReturn(this.userStoreManager);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
                 .toReturn(this.deviceManagementProviderService);
-        Mockito.doReturn(true).when(deviceManagementProviderService).setStatus(Mockito.anyString(), Mockito.any());
+        Mockito.doReturn(0).when(deviceManagementProviderService).getDeviceCount(TEST_USERNAME);
         Mockito.doNothing().when(userStoreManager).deleteUser(Mockito.anyString());
         Response response = userManagementService.removeUser(TEST_USERNAME, null);
         Assert.assertEquals(response.getStatus(), Response.Status.OK.getStatusCode(),
@@ -337,7 +338,7 @@ public class UserManagementServiceImplTest {
         Assert.assertEquals(response.getStatus(), Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
                 "Response returned successful for a user updating request with problematic inputs");
         response = userManagementService.removeUser(TEST3_USERNAME, null);
-        Assert.assertEquals(response.getStatus(), Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
+        Assert.assertEquals(response.getStatus(), Response.Status.BAD_REQUEST.getStatusCode(),
                 "Response returned successful for a user removal request with problematic inputs");
         response = userManagementService.getRolesOfUser(TEST3_USERNAME, null);
         Assert.assertEquals(response.getStatus(), Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),