PUB-2574 - Add functional tests for system admin and bulk creation

src/functionalTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/BulkAccountTest.java

@@ -0,0 +1,98 @@
+package uk.gov.hmcts.reform.pip.account.management.controllers;
+
+import com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.http.HttpHeaders;
+import io.restassured.response.Response;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.HttpStatus;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+import uk.gov.hmcts.reform.pip.account.management.utils.FunctionalTestBase;
+import uk.gov.hmcts.reform.pip.account.management.utils.OAuthClient;
+
+import java.io.BufferedWriter;
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.util.Map;
+import java.util.UUID;
+import java.util.concurrent.ThreadLocalRandom;
+
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
+@ExtendWith(SpringExtension.class)
+@ActiveProfiles(profiles = "functional")
+@SpringBootTest(classes = {OAuthClient.class})
+class BulkAccountTest extends FunctionalTestBase {
+    private static final String USER_ID = UUID.randomUUID().toString();
+    private static final String EMAIL_PREFIX = "pip-am-test-email-";
+    private static final String TEST_SUITE_PREFIX = String.format("%s-",
+        ThreadLocalRandom.current().nextInt(1000, 9999));
+    private static final String TEST_SUITE_EMAIL_PREFIX = EMAIL_PREFIX + TEST_SUITE_PREFIX;
+    private static final String BULK_UPLOAD_URL = "account/media-bulk-upload";
+    private static final String TESTING_SUPPORT_ACCOUNT_URL = "/testing-support/account/";
+    private static final String BEARER = "Bearer ";
+    private static final String ISSUER_ID = "x-issuer-id";
+
+    private String mockFile;
+    private Map<String, String> bearer;
+    private Map<String, String> issuerId;
+
+    @BeforeAll
+    void startUp() throws IOException {
+        bearer = Map.of(HttpHeaders.AUTHORIZATION, BEARER + accessToken);
+        issuerId = Map.of(ISSUER_ID, USER_ID);
+
+        StringBuilder csvContent = new StringBuilder(400);
+        csvContent.append("email,firstName,surname\n");
+
+        for (int i = 0; i < 5; i++) {
+            String email = generateTestEmail();
+            csvContent.append(email).append(",testBulkFirstName,testBulkSurname\n");
+        }
+
+        Path mockFilePath = Files.createTempFile("mock-bulk-upload", ".csv");
+        try (BufferedWriter writer = Files.newBufferedWriter(mockFilePath)) {
+            writer.write(csvContent.toString());
+        }
+
+        mockFile = mockFilePath.toString();
+    }
+
+    private String generateTestEmail() {
+        String prefix = String.format("%s", ThreadLocalRandom.current().nextInt(1000, 9999));
+        return TEST_SUITE_EMAIL_PREFIX + prefix + "@justice.gov.uk";
+    }
+
+    @AfterAll
+    public void teardown() throws IOException {
+        doDeleteRequest(TESTING_SUPPORT_ACCOUNT_URL + TEST_SUITE_EMAIL_PREFIX, bearer);
+        Files.deleteIfExists(Path.of(mockFile));
+    }
+
+    @Test
+    void createAccountsInBulk() {
+        File mockBulkUploadFile = new File(mockFile);
+
+        Response response = doPostMultipartForBulk(BULK_UPLOAD_URL, bearer, issuerId, mockBulkUploadFile);
+
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK.value());
+        assertThat(response.jsonPath().getList("CREATED_ACCOUNTS").size()).isEqualTo(5);
+        assertThat(response.jsonPath().getList("ERRORED_ACCOUNTS").isEmpty()).isTrue();
+    }
+
+    @Test
+    void shouldReturnOkButNotCreateAccountsForDuplicates() {
+        File mockBulkUploadFile = new File(mockFile);
+
+        Response response = doPostMultipartForBulk(BULK_UPLOAD_URL, bearer, issuerId, mockBulkUploadFile);
+
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK.value());
+        assertThat(response.jsonPath().getList("CREATED_ACCOUNTS").isEmpty()).isTrue();
+        assertThat(response.jsonPath().getList("ERRORED_ACCOUNTS").isEmpty()).isTrue();
+    }
+}

src/functionalTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/MediaApplicationCreationTest.java

@@ -37,7 +37,7 @@ class MediaApplicationCreationTest extends FunctionalTestBase {
     private static final String TEST_EMAIL_PREFIX = String.format(
         "pip-am-test-email-%s", ThreadLocalRandom.current().nextInt(1000, 9999));
 
-    private static final String TEST_EMAIL = String.format(TEST_EMAIL_PREFIX + "@justice.gov.uk");
+    private static final String TEST_EMAIL = TEST_EMAIL_PREFIX + "@justice.gov.uk";
     private static final String STATUS = "PENDING";
 
     private static final String TESTING_SUPPORT_APPLICATION_URL = "/testing-support/application/";

src/functionalTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/SystemAdminAccountCreationTest.java

@@ -0,0 +1,90 @@
+package uk.gov.hmcts.reform.pip.account.management.controllers;
+
+import com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.http.HttpHeaders;
+import io.restassured.response.Response;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.HttpStatus;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+import uk.gov.hmcts.reform.pip.account.management.utils.FunctionalTestBase;
+import uk.gov.hmcts.reform.pip.account.management.utils.OAuthClient;
+
+import java.util.Map;
+import java.util.UUID;
+import java.util.concurrent.ThreadLocalRandom;
+
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
+@ExtendWith(SpringExtension.class)
+@ActiveProfiles(profiles = "functional")
+@SpringBootTest(classes = {OAuthClient.class})
+class SystemAdminAccountCreationTest extends FunctionalTestBase {
+    private static final String TEST_USER_EMAIL_PREFIX = String.format(
+        "pip-am-test-email-%s", ThreadLocalRandom.current().nextInt(1000, 9999));
+    private static final String TEST_USER_EMAIL = TEST_USER_EMAIL_PREFIX + "@justice.gov.uk";
+    private static final String TEST_USER_PROVENANCE_ID = UUID.randomUUID().toString();
+
+    private static final String TESTING_SUPPORT_ACCOUNT_URL = "/testing-support/account/";
+    private static final String ACCOUNT_URL = "/account";
+    private static final String SYSTEM_ADMIN_URL = ACCOUNT_URL + "/system-admin";
+    private static final String BEARER = "Bearer ";
+
+    private Map<String, String> bearer;
+
+    @BeforeAll
+    public void startUp() {
+        bearer = Map.of(HttpHeaders.AUTHORIZATION, BEARER + accessToken);
+    }
+
+    @AfterAll
+    public void teardown() {
+        doDeleteRequest(TESTING_SUPPORT_ACCOUNT_URL + TEST_USER_EMAIL, bearer);
+    }
+
+    @Test
+    void createSystemAdminAccount() {
+        String requestBody = """
+            {
+                "email": "%s",
+                "provenanceUserId": "%s"
+            }
+            """.formatted(TEST_USER_EMAIL, TEST_USER_PROVENANCE_ID);
+
+        Response response = doPostRequest(SYSTEM_ADMIN_URL, bearer, requestBody);
+
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK.value());
+        assertThat(response.jsonPath().getString("email")).isEqualTo(TEST_USER_EMAIL);
+        assertThat(response.jsonPath().getString("provenanceUserId")).isEqualTo(TEST_USER_PROVENANCE_ID);
+    }
+
+    @Test
+    void shouldFailToCreateSystemAdminAccountWithoutEmail() {
+        String requestBody = """
+            {
+                "provenanceUserId": "%s"
+            }
+            """.formatted(TEST_USER_PROVENANCE_ID);
+
+        Response response = doPostRequest(SYSTEM_ADMIN_URL, bearer, requestBody);
+
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.BAD_REQUEST.value());
+    }
+
+    @Test
+    void shouldFailToCreateSystemAdminAccountWithoutProvenanceUserId() {
+        String requestBody = """
+            {
+                "email": "%s"
+            }
+            """.formatted(TEST_USER_EMAIL);
+
+        Response response = doPostRequest(SYSTEM_ADMIN_URL, bearer, requestBody);
+
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.BAD_REQUEST.value());
+    }
+
+}

src/functionalTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/SystemAdminB2CAccountCreationTest.java

@@ -0,0 +1,113 @@
+package uk.gov.hmcts.reform.pip.account.management.controllers;
+
+import com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.http.HttpHeaders;
+import io.restassured.response.Response;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.HttpStatus;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+import uk.gov.hmcts.reform.pip.account.management.utils.FunctionalTestBase;
+import uk.gov.hmcts.reform.pip.account.management.utils.OAuthClient;
+
+import java.util.Map;
+import java.util.UUID;
+import java.util.concurrent.ThreadLocalRandom;
+
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
+@ExtendWith(SpringExtension.class)
+@ActiveProfiles(profiles = "functional")
+@SpringBootTest(classes = {OAuthClient.class})
+class SystemAdminB2CAccountCreationTest extends FunctionalTestBase {
+    private static final String TEST_USER_EMAIL_PREFIX_1 = String.format(
+        "pip-am-test-email-%s", ThreadLocalRandom.current().nextInt(1000, 9999));
+    private static final String TEST_USER_EMAIL_PREFIX_2 = String.format(
+        "pip-am-test-email-%s", ThreadLocalRandom.current().nextInt(1000, 9999));
+    private static final String TEST_USER_EMAIL_1 = TEST_USER_EMAIL_PREFIX_1 + "@justice.gov.uk";
+    private static final String TEST_USER_EMAIL_2 = TEST_USER_EMAIL_PREFIX_2 + "@justice.gov.uk";
+    private static final String TEST_USER_PROVENANCE_ID = UUID.randomUUID().toString();
+    private static final String USER_ID = UUID.randomUUID().toString();
+
+    private static final String TESTING_SUPPORT_ACCOUNT_URL = "/testing-support/account/";
+    private static final String ACCOUNT_URL = "/account";
+    private static final String SYSTEM_ADMIN_B2C_URL = ACCOUNT_URL + "/add/system-admin";
+    private static final String BEARER = "Bearer ";
+    private static final String ISSUER_ID = "x-issuer-id";
+
+    private Map<String, String> bearer;
+    private Map<String, String> issuerId;
+
+    @BeforeAll
+    public void startUp() {
+        bearer = Map.of(HttpHeaders.AUTHORIZATION, BEARER + accessToken);
+        issuerId = Map.of(ISSUER_ID, USER_ID);
+    }
+
+    @AfterAll
+    public void teardown() {
+        doDeleteRequest(TESTING_SUPPORT_ACCOUNT_URL + TEST_USER_EMAIL_1, bearer);
+        doDeleteRequest(TESTING_SUPPORT_ACCOUNT_URL + TEST_USER_EMAIL_2, bearer);
+    }
+
+    @Test
+    void createSystemAdminB2CAccount() {
+        String requestBody = """
+            {
+                "email": "%s",
+                "provenanceUserId": "%s"
+            }
+            """.formatted(TEST_USER_EMAIL_1, TEST_USER_PROVENANCE_ID);
+
+        Response response = doPostRequestForB2C(SYSTEM_ADMIN_B2C_URL, bearer, issuerId, requestBody);
+
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK.value());
+        assertThat(response.jsonPath().getString("email")).isEqualTo(TEST_USER_EMAIL_1);
+        assertThat(response.jsonPath().getString("provenanceUserId")).isNotNull();
+    }
+
+    @Test
+    void shouldCreateSystemAdminB2CAccountWithoutProvenanceUserId() {
+        String requestBody = """
+            {
+                "email": "%s"
+            }
+            """.formatted(TEST_USER_EMAIL_2);
+
+        Response response = doPostRequestForB2C(SYSTEM_ADMIN_B2C_URL, bearer, issuerId, requestBody);
+
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK.value());
+        assertThat(response.jsonPath().getString("email")).isEqualTo(TEST_USER_EMAIL_2);
+        assertThat(response.jsonPath().getString("provenanceUserId")).isNotNull();
+    }
+
+    @Test
+    void shouldFailToCreateSystemAdminB2CAccountWithoutEmail() {
+        String requestBody = """
+            {
+                "provenanceUserId": "%s"
+            }
+            """.formatted(TEST_USER_PROVENANCE_ID);
+
+        Response response = doPostRequestForB2C(SYSTEM_ADMIN_B2C_URL, bearer, issuerId, requestBody);
+
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.BAD_REQUEST.value());
+    }
+
+    @Test
+    void shouldFailToCreateSystemAdminB2CAccountWithoutIssuerId() {
+        String requestBody = """
+            {
+                "email": "%s",
+                "provenanceUserId": "%s"
+            }
+            """.formatted(TEST_USER_EMAIL_1, TEST_USER_PROVENANCE_ID);
+
+        Response response = doPostRequest(SYSTEM_ADMIN_B2C_URL, bearer, requestBody);
+
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.BAD_REQUEST.value());
+    }
+}

src/functionalTest/java/uk/gov/hmcts/reform/pip/account/management/utils/FunctionalTestBase.java

@@ -58,8 +58,33 @@ protected Response doPostRequest(final String path, final Map<String, String> ad
             .thenReturn();
     }
 
+    protected Response doPostRequestForB2C(final String path, final Map<String, String> additionalHeaders,
+                                     final Map<String, String> issuerId, final String body) {
+        return given()
+            .relaxedHTTPSValidation()
+            .headers(getRequestHeaders(additionalHeaders))
+            .headers(getRequestHeaders(issuerId))
+            .body(body)
+            .when()
+            .post(path)
+            .thenReturn();
+    }
+
+    protected Response doPostMultipartForBulk(final String path, final Map<String, String> additionalHeaders,
+                                                     final Map<String, String> issuerId, final File mediaList) {
+        return given()
+            .relaxedHTTPSValidation()
+            .headers(additionalHeaders)
+            .headers(getRequestHeaders(issuerId))
+            .contentType("multipart/form-data")
+            .multiPart("mediaList", mediaList)
+            .when()
+            .post(path)
+            .thenReturn();
+    }
+
     protected Response doPostMultipartForApplication(final String path, final Map<String, String> additionalHeaders,
-                                      final File file, String name, String email, String employer, String status) {
+                                     final File file, String name, String email, String employer, String status) {
         return given()
             .relaxedHTTPSValidation()
             .headers(additionalHeaders)

src/main/java/uk/gov/hmcts/reform/pip/account/management/controllers/BulkAccountCreationController.java

@@ -4,7 +4,7 @@
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import org.springframework.beans.factory.annotation.Autowired;
+import lombok.AllArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -27,18 +27,14 @@
 @ApiResponse(responseCode = "403", description = "User has not been authorized")
 @Validated
 @IsAdmin
+@AllArgsConstructor
 @SecurityRequirement(name = "bearerAuth")
 public class BulkAccountCreationController {
     private static final String ISSUER_ID = "x-issuer-id";
     private static final String OK_CODE = "200";
 
     private final BulkAccountCreationService bulkAccountCreationService;
 
-    @Autowired
-    public BulkAccountCreationController(BulkAccountCreationService bulkAccountCreationService) {
-        this.bulkAccountCreationService = bulkAccountCreationService;
-    }
-
     @ApiResponse(responseCode = OK_CODE,
         description = "CREATED_ACCOUNTS:[{Created user ids}], ERRORED_ACCOUNTS: [{failed accounts}]")
     @ApiResponse(responseCode = "400", description = "Bad request")