Trib 244: bug fix users may not cosign themselves

src/main/java/com/savvato/tribeapp/controllers/ConnectAPIController.java

@@ -1,6 +1,7 @@
 package com.savvato.tribeapp.controllers;
 
 import com.savvato.tribeapp.controllers.annotations.controllers.ConnectAPIController.*;
+import com.savvato.tribeapp.controllers.annotations.responses.BadRequest;
 import com.savvato.tribeapp.controllers.dto.ConnectRequest;
 import com.savvato.tribeapp.controllers.dto.CosignRequest;
 import com.savvato.tribeapp.dto.*;
@@ -87,12 +88,18 @@ public void connect(@Payload ConnectIncomingMessageDTO incoming, @Header("simpSe
 
   @SaveCosign
   @PostMapping("/cosign")
-  public ResponseEntity<CosignDTO> saveCosign(@RequestBody @Valid CosignRequest cosignRequest) {
+  public ResponseEntity saveCosign(@RequestBody @Valid CosignRequest cosignRequest) {
 
-      CosignDTO cosignDTO = cosignService.saveCosign(cosignRequest.userIdIssuing, cosignRequest.userIdReceiving, cosignRequest.phraseId);
-
-      return ResponseEntity.status(HttpStatus.OK).body(cosignDTO);
+    Optional<CosignDTO> opt = cosignService.saveCosign(cosignRequest.userIdIssuing, cosignRequest.userIdReceiving, cosignRequest.phraseId);
 
+    if(opt.isEmpty()) {
+      log.error("Users may not cosign themselves. ");
+      GenericResponseDTO genericResponseDTO = GenericResponseDTO.builder()
+              .responseMessage("Users may not cosign themselves.")
+              .build();
+      return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(genericResponseDTO);
+    }
+      return ResponseEntity.status(HttpStatus.OK).body(opt.get());
   }
   @DeleteCosign
   @DeleteMapping("/cosign")

src/main/java/com/savvato/tribeapp/services/CosignService.java

@@ -5,10 +5,11 @@
 import com.savvato.tribeapp.dto.UsernameDTO;
 
 import java.util.List;
+import java.util.Optional;
 
 public interface CosignService {
 
-    CosignDTO saveCosign(Long userIdIssuing, Long userIdReceiving, Long phraseId);
+    Optional<CosignDTO> saveCosign(Long userIdIssuing, Long userIdReceiving, Long phraseId);
     boolean deleteCosign(Long userIdIssuing, Long userIdReceiving, Long phraseId);
 
     List<UsernameDTO> getCosignersForUserAttribute(Long userReceivingId, Long phraseId);

src/main/java/com/savvato/tribeapp/services/CosignServiceImpl.java

@@ -22,7 +22,11 @@ public class CosignServiceImpl implements CosignService {
     UserService userService;
 
     @Override
-    public CosignDTO saveCosign(Long userIdIssuing, Long userIdReceiving, Long phraseId) {
+    public Optional<CosignDTO> saveCosign(Long userIdIssuing, Long userIdReceiving, Long phraseId) {
+
+        if(userIdIssuing == userIdReceiving) {
+            return Optional.empty();
+        }
 
         Cosign cosign = new Cosign();
         cosign.setUserIdIssuing(userIdIssuing);
@@ -39,7 +43,7 @@ public CosignDTO saveCosign(Long userIdIssuing, Long userIdReceiving, Long phras
                 .phraseId(savedCosign.getPhraseId())
                 .build();
 
-        return cosignDTO;
+        return Optional.of(cosignDTO);
     }
 
     @Override

src/test/java/com/savvato/tribeapp/controllers/ConnectAPITest.java

@@ -199,6 +199,7 @@ public void connectSadPath() throws Exception {
     }
 
 
+
     @Test
     public void connectWhenQrCodeInvalid() throws Exception {
         when(userPrincipalService.getUserPrincipalByEmail(Mockito.anyString()))
@@ -235,21 +236,21 @@ public void saveCosign() throws Exception {
                 .thenReturn(new UserPrincipal(user));
         String auth = AuthServiceImpl.generateAccessToken(user);
 
-        Long userIdIssuing = 1L;
-        Long userIdReceiving = 1L;
-        Long phraseId = 1L;
+        Long testUserIdIssuing = 1L;
+        Long testUserIdReceiving = 2L;
+        Long testPhraseId = 1L;
 
-        CosignRequest cosignRequest = new CosignRequest();
-        cosignRequest.userIdIssuing = userIdIssuing;
-        cosignRequest.userIdReceiving = userIdReceiving;
-        cosignRequest.phraseId = phraseId;
+        CosignDTO mockCosignDTO = CosignDTO.builder().build();
+        mockCosignDTO.userIdIssuing = testUserIdIssuing;
+        mockCosignDTO.userIdReceiving = testUserIdReceiving;
+        mockCosignDTO.phraseId = testPhraseId;
 
-        CosignDTO cosignDTO = CosignDTO.builder().build();
-        cosignDTO.userIdIssuing = userIdIssuing;
-        cosignDTO.userIdReceiving = userIdReceiving;
-        cosignDTO.phraseId = phraseId;
+        CosignRequest cosignRequest = new CosignRequest();
+        cosignRequest.userIdIssuing = testUserIdIssuing;
+        cosignRequest.userIdReceiving = testUserIdReceiving;
+        cosignRequest.phraseId = testPhraseId;
 
-        when(cosignService.saveCosign(anyLong(), anyLong(), anyLong())).thenReturn(cosignDTO);
+        when(cosignService.saveCosign(anyLong(), anyLong(), anyLong())).thenReturn(Optional.of(mockCosignDTO));
 
         this.mockMvc
                 .perform(
@@ -259,8 +260,36 @@ public void saveCosign() throws Exception {
                                 .header("Authorization", "Bearer " + auth)
                                 .characterEncoding("utf-8"))
                 .andExpect(status().isOk())
-                .andExpect(content().json("{\"userIdIssuing\":1,\"userIdReceiving\":1,\"phraseId\":1}"));
+                .andExpect(content().json("{\"userIdIssuing\":1,\"userIdReceiving\":2,\"phraseId\":1}"));
+
+    }
 
+    @Test
+    public void saveCosignSadPathUserCosignsThemselves() throws Exception {
+        when(userPrincipalService.getUserPrincipalByEmail(Mockito.anyString()))
+                .thenReturn(new UserPrincipal(user));
+        String auth = AuthServiceImpl.generateAccessToken(user);
+
+        Long testUserIdIssuing = 1L;
+        Long testUserIdReceiving = 1L;
+        Long testPhraseId = 1L;
+
+        CosignRequest cosignRequest = new CosignRequest();
+        cosignRequest.userIdIssuing = testUserIdIssuing;
+        cosignRequest.userIdReceiving = testUserIdReceiving;
+        cosignRequest.phraseId = testPhraseId;
+
+        when(cosignService.saveCosign(anyLong(), anyLong(), anyLong())).thenReturn(Optional.empty());
+
+        this.mockMvc
+                .perform(
+                        post("/api/connect/cosign")
+                                .content(gson.toJson(cosignRequest))
+                                .contentType(MediaType.APPLICATION_JSON)
+                                .header("Authorization", "Bearer " + auth)
+                                .characterEncoding("utf-8"))
+                .andExpect(status().isBadRequest())
+                .andExpect(content().json("{\"responseMessage\":\"Users may not cosign themselves.\"}"));
     }
 
     public void removeConnectionHappyPath() throws Exception {

src/test/java/com/savvato/tribeapp/services/CosignServiceImplTest.java

@@ -14,9 +14,11 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 
+import java.util.Optional;
 import java.util.ArrayList;
 import java.util.List;
 
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.mockito.Mockito.*;
 
@@ -45,58 +47,64 @@ public  CosignService cosignService() {
     @Test
     public void saveCosign() {
         Long userIdIssuing = 1L;
-        Long userIdReceiving = 1L;
+        Long userIdReceiving = 2L;
         Long phraseId = 1L;
 
-        Cosign cosign = new Cosign();
-        cosign.setUserIdIssuing(userIdIssuing);
-        cosign.setUserIdReceiving(userIdReceiving);
-        cosign.setPhraseId(phraseId);
+        Cosign mockCosign = new Cosign();
+        mockCosign.setUserIdIssuing(userIdIssuing);
+        mockCosign.setUserIdReceiving(userIdReceiving);
+        mockCosign.setPhraseId(phraseId);
 
-        CosignDTO cosignDTO = CosignDTO.builder().build();
-        cosignDTO.userIdIssuing = userIdIssuing;
-        cosignDTO.userIdReceiving = userIdReceiving;
-        cosignDTO.phraseId = phraseId;
+        CosignDTO expectedCosignDTO = CosignDTO.builder().build();
+        expectedCosignDTO.userIdIssuing = userIdIssuing;
+        expectedCosignDTO.userIdReceiving = userIdReceiving;
+        expectedCosignDTO.phraseId = phraseId;
 
-        when(cosignRepository.save(Mockito.any())).thenReturn(cosign);
+        when(cosignRepository.save(Mockito.any())).thenReturn(mockCosign);
 
-        CosignDTO expectedCosignDTO = cosignService.saveCosign(userIdIssuing, userIdReceiving, phraseId);
+        Optional<CosignDTO> CosignDTO = cosignService.saveCosign(userIdIssuing, userIdReceiving, phraseId);
 
         verify(cosignRepository, times(1)).save(Mockito.any());
-        assertEquals(cosignDTO.userIdIssuing, expectedCosignDTO.userIdIssuing);
-        assertEquals(cosignDTO.userIdReceiving, expectedCosignDTO.userIdReceiving);
-        assertEquals(cosignDTO.phraseId, expectedCosignDTO.phraseId);
+        assertThat(CosignDTO.get()).usingRecursiveComparison().isEqualTo(expectedCosignDTO);
     }
 
     @Test
     public void saveCosignAlreadyExisting() {
         Long userIdIssuing = 1L;
-        Long userIdReceiving = 1L;
+        Long userIdReceiving = 2L;
         Long phraseId = 1L;
 
-        Cosign cosign = new Cosign();
-        cosign.setUserIdIssuing(userIdIssuing);
-        cosign.setUserIdReceiving(userIdReceiving);
-        cosign.setPhraseId(phraseId);
+        Cosign mockCosign = new Cosign();
+        mockCosign.setUserIdIssuing(userIdIssuing);
+        mockCosign.setUserIdReceiving(userIdReceiving);
+        mockCosign.setPhraseId(phraseId);
+
+        CosignDTO expectedCosignDTO = CosignDTO.builder().build();
+        expectedCosignDTO.userIdIssuing = userIdIssuing;
+        expectedCosignDTO.userIdReceiving = userIdReceiving;
+        expectedCosignDTO.phraseId = phraseId;
 
-        CosignDTO cosignDTO = CosignDTO.builder().build();
-        cosignDTO.userIdIssuing = userIdIssuing;
-        cosignDTO.userIdReceiving = userIdReceiving;
-        cosignDTO.phraseId = phraseId;
+        when(cosignRepository.save(Mockito.any())).thenReturn(mockCosign).thenReturn(mockCosign);
 
-        when(cosignRepository.save(Mockito.any())).thenReturn(cosign).thenReturn(cosign);
+        Optional<CosignDTO> CosignDTO = cosignService.saveCosign(userIdIssuing, userIdReceiving, phraseId);
 
-        CosignDTO expectedCosignDTO = cosignService.saveCosign(userIdIssuing, userIdReceiving, phraseId);
+        assertThat(CosignDTO.get()).usingRecursiveComparison().isEqualTo(expectedCosignDTO);
 
-        assertEquals(cosignDTO.userIdIssuing, expectedCosignDTO.userIdIssuing);
-        assertEquals(cosignDTO.userIdReceiving, expectedCosignDTO.userIdReceiving);
-        assertEquals(cosignDTO.phraseId, expectedCosignDTO.phraseId);
+        Optional<CosignDTO> CosignDTORepeat = cosignService.saveCosign(userIdIssuing, userIdReceiving, phraseId);
+
+        assertThat(CosignDTORepeat.get()).usingRecursiveComparison().isEqualTo(expectedCosignDTO);
+    }
+
+    @Test
+    public void saveCosignFailsWhenIdsEqual() {
+        Long testUserIdIssuing = 1L;
+        Long testUserIdReceiving = 1L;
+        Long testPhraseId = 1L;
 
-        CosignDTO expectedCosignDTORepeat = cosignService.saveCosign(userIdIssuing, userIdReceiving, phraseId);
+        Optional<CosignDTO> cosignDTO = cosignService.saveCosign(testUserIdIssuing, testUserIdReceiving, testPhraseId);
 
-        assertEquals(cosignDTO.userIdIssuing, expectedCosignDTORepeat.userIdIssuing);
-        assertEquals(cosignDTO.userIdReceiving, expectedCosignDTORepeat.userIdReceiving);
-        assertEquals(cosignDTO.phraseId, expectedCosignDTORepeat.phraseId);
+        verify(cosignRepository, never()).save(Mockito.any());
+        assertThat(cosignDTO).usingRecursiveComparison().isEqualTo(Optional.empty());
     }
 
     @Test