diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/TestingSupportApiTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/TestingSupportApiTest.java index 64435dd9..d2bbc317 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/TestingSupportApiTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/TestingSupportApiTest.java @@ -25,6 +25,7 @@ import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; import uk.gov.hmcts.reform.pip.account.management.Application; import uk.gov.hmcts.reform.pip.account.management.config.ClientConfiguration; +import uk.gov.hmcts.reform.pip.account.management.model.AuditLog; import uk.gov.hmcts.reform.pip.account.management.model.AzureAccount; import uk.gov.hmcts.reform.pip.account.management.model.CreationEnum; import uk.gov.hmcts.reform.pip.account.management.model.MediaApplication; @@ -33,6 +34,7 @@ import uk.gov.hmcts.reform.pip.account.management.utils.IntegrationTestBase; import uk.gov.hmcts.reform.pip.model.account.Roles; import uk.gov.hmcts.reform.pip.model.account.UserProvenances; +import uk.gov.hmcts.reform.pip.model.enums.AuditAction; import java.io.InputStream; import java.util.ArrayList; @@ -48,6 +50,7 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.multipart; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; +import static uk.gov.hmcts.reform.pip.model.enums.AuditAction.PUBLICATION_UPLOAD; @SpringBootTest(classes = {Application.class}, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @AutoConfigureMockMvc @@ -62,6 +65,7 @@ class TestingSupportApiTest extends IntegrationTestBase { private static final String TESTING_SUPPORT_ACCOUNT_URL = TESTING_SUPPORT_BASE_URL + "account/"; private static final String TESTING_SUPPORT_APPLICATION_URL = TESTING_SUPPORT_BASE_URL + "application/"; private static final String TESTING_SUPPORT_CREATE_ACCOUNT_URL = TESTING_SUPPORT_BASE_URL + "account"; + private static final String TESTING_SUPPORT_AUDIT_URL = TESTING_SUPPORT_BASE_URL + "audit/"; private static final String ACCOUNT_URL = "/account/"; private static final String ACCOUNT_ADD_USER_URL = ACCOUNT_URL + "add/pi"; @@ -75,6 +79,7 @@ class TestingSupportApiTest extends IntegrationTestBase { private static final String EMAIL = EMAIL_PREFIX + "user123@test.com"; private static final String PASSWORD = "P@55word11"; private static final String ID = "1234"; + private static final UUID USER_ID = UUID.randomUUID(); private static final String PROVENANCE_USER_ID = UUID.randomUUID().toString(); private static final UserProvenances PROVENANCE = UserProvenances.PI_AAD; @@ -86,6 +91,10 @@ class TestingSupportApiTest extends IntegrationTestBase { private static final String EMPLOYER = "Test employer"; private static final MediaApplicationStatus PENDING_STATUS = MediaApplicationStatus.PENDING; + private static final String AUDIT_URL = "/audit"; + private static final AuditAction ACTION = PUBLICATION_UPLOAD; + private static final String DETAILS = "Publication successfully uploaded"; + private static final String UNAUTHORIZED_ROLE = "APPROLE_unknown.authorized"; private static final String UNAUTHORIZED_USERNAME = "unauthorized_isAuthorized"; @@ -282,6 +291,25 @@ void testTestingSupportDeleteApplicationsWithEmailPrefix() throws Exception { .andExpect(status().isNotFound()); } + @Test + void testTestingSupportDeleteAuditLogsWithEmailPrefix() throws Exception { + AuditLog auditLog = createAuditLog(); + + mockMvc.perform(get(AUDIT_URL + "/" + auditLog.getId())) + .andExpect(status().isOk()); + + MvcResult deleteResponse = mockMvc.perform(delete(TESTING_SUPPORT_AUDIT_URL + EMAIL_PREFIX)) + .andExpect(status().isOk()) + .andReturn(); + + assertThat(deleteResponse.getResponse().getContentAsString()) + .as("Audit Log delete response does not match") + .isEqualTo("1 audit log(s) deleted with user email starting with " + EMAIL_PREFIX); + + mockMvc.perform(get(AUDIT_URL + "/" + auditLog.getId())) + .andExpect(status().isNotFound()); + } + @Test @WithMockUser(username = UNAUTHORIZED_USERNAME, authorities = {UNAUTHORIZED_ROLE}) void testUnauthorisedTestingSupportDeleteAccounts() throws Exception { @@ -296,6 +324,13 @@ void testUnauthorisedTestingSupportDeleteApplications() throws Exception { .andExpect(status().isForbidden()); } + @Test + @WithMockUser(username = UNAUTHORIZED_USERNAME, authorities = {UNAUTHORIZED_ROLE}) + void testUnauthorisedTestingSupportDeleteAudits() throws Exception { + mockMvc.perform(delete(TESTING_SUPPORT_AUDIT_URL + EMAIL_PREFIX)) + .andExpect(status().isForbidden()); + } + private PiUser createUser() { PiUser user = new PiUser(); user.setEmail(EMAIL); @@ -318,7 +353,6 @@ private AzureAccount createAccount(String password) { return newAccount; } - @SuppressWarnings("PMD.SignatureDeclareThrowsException") private MediaApplication createApplication() throws Exception { MediaApplication application = new MediaApplication(); @@ -346,4 +380,28 @@ private MediaApplication createApplication() throws Exception { return OBJECT_MAPPER.readValue(mvcResult.getResponse().getContentAsString(), MediaApplication.class); } } + + private AuditLog createAuditLog() throws Exception { + AuditLog auditLog = new AuditLog(); + auditLog.setId(USER_ID); + auditLog.setUserId(ID); + auditLog.setUserEmail(EMAIL); + auditLog.setRoles(ROLE); + auditLog.setUserProvenance(PROVENANCE); + auditLog.setAction(ACTION); + auditLog.setDetails(DETAILS); + + MockHttpServletRequestBuilder postRequest = MockMvcRequestBuilders + .post(AUDIT_URL) + .content(OBJECT_MAPPER.writeValueAsString(auditLog)) + .header(ISSUER_HEADER, ISSUER_ID) + .contentType(MediaType.APPLICATION_JSON); + + MvcResult mvcResult = mockMvc.perform(postRequest) + .andExpect(status().isOk()) + .andReturn(); + + return OBJECT_MAPPER.readValue(mvcResult.getResponse().getContentAsString(), AuditLog.class); + } + }