feat(jans-config-api): user management endpoint 418 (#1548)

* feat(jans-config-api): user management endpoint for user password * feat:(jans-config-api): userPassword made mandatory only for create user method
JanssenProject · Jun 13, 2022 · b95fa7b · b95fa7b
1 parent d2e13a2
commit b95fa7b
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 10 deletions.
diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml
@@ -2531,7 +2531,7 @@ paths:
             schema:
               title: User Details.
               description: User Details.
-              $ref: '#/components/schemas/CustomUser'
+              $ref: '#/components/schemas/ExtendedCustomUser'
       responses:
         '201':
           description: Created
@@ -6813,7 +6813,6 @@ components:
         - displayName
         - givenName
         - jansStatus
-        - userPassword
       properties:
         dn:
           type: string
@@ -6824,6 +6823,11 @@ components:
         jansStatus:
           type: string
           description: User status
+          enum:
+            - ACTIVE
+            - INACTIVE
+            - EXPIRED
+            - REGISTER
         userId:
           description: A domain issued and managed identifier for the user.
           type: string
@@ -6860,7 +6864,18 @@ components:
         inum:
           description: XRI i-number. Identifier to uniquely identify the user.
           type: string
-
+		  
+    ExtendedCustomUser:
+      allOf:     # Combines the CustomUser and the inline model
+        - $ref: '#/components/schemas/CustomUser'
+        - type: object
+          required:
+            - userPassword
+          properties:
+            userPassword:
+              type: string
+              description: User password
+
     UserPatchRequest:
       title: User Patch Request object
       description: UserPatchRequest.

diff --git a/...plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java b/...plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java
@@ -117,7 +117,7 @@ public Response createUser(@Valid CustomUser customUser)
         logger.debug("Create  user:{}", user);
 
         // checking mandatory attributes
-        checkMissingAttributes(user);
+        checkMissingAttributes(user,null);
 
         user = userSrv.addUser(user, true);
         logger.debug("User created {}", user);
@@ -145,7 +145,8 @@ public Response updateUser(@Valid CustomUser customUser)
         logger.debug("Create  user:{}", user);
 
         // checking mandatory attributes
-        checkMissingAttributes(user);
+        List<String> excludeAttributes = List.of(USER_PWD);
+        checkMissingAttributes(user, excludeAttributes);
 
         user = userSrv.updateUser(user);
         logger.debug("Updated user:{}", user);
@@ -232,9 +233,9 @@ private User excludeUserAttributes(User user) throws IllegalAccessException, Inv
         return userSrv.excludeAttributes(user, userSrv.getUserExclusionAttributesAsString());
     }
 
-    private void checkMissingAttributes(User user)
+    private void checkMissingAttributes(User user, List<String> excludeAttributes)
             throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
-        String missingAttributes = userSrv.checkMandatoryFields(user);
+        String missingAttributes = userSrv.checkMandatoryFields(user,excludeAttributes);
         logger.debug("missingAttributes:{}", missingAttributes);
 
         if (StringHelper.isEmpty(missingAttributes)) {

diff --git a/...ugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserService.java b/...ugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserService.java
@@ -221,10 +221,10 @@ public String getUserExclusionAttributesAsString() {
         return authUtil.getUserExclusionAttributesAsString();
     }
 
-    public String checkMandatoryFields(User user)
+    public String checkMandatoryFields(User user, List<String> excludeAttributes)
             throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
         List<String> mandatoryAttributes = authUtil.getUserMandatoryAttributes();
-        logger.debug("mandatoryAttributess :{} ", mandatoryAttributes);
+        logger.debug("mandatoryAttributess :{}, excludeAttributes:{} ", mandatoryAttributes, excludeAttributes);
 
         StringBuilder missingAttributes = new StringBuilder();
 
@@ -239,6 +239,13 @@ public String checkMandatoryFields(User user)
         for (String attribute : mandatoryAttributes) {
             logger.debug("User class allFields:{} conatins attribute:{} ? :{} ", allFields, attribute,
                     authUtil.containsField(allFields, attribute));
+
+            //check if to be excluded
+           if(isExcludedAttribute(excludeAttributes,attribute)) {
+               logger.debug("Not checking if the attribute:{} is missing as it's in excludeAttributes:{}" , attribute, excludeAttributes);
+               continue;
+           }
+
             if (authUtil.containsField(allFields, attribute)) {
                 logger.debug("Checking if attribute:{} is simple attribute", attribute);
                 attributeValue = BeanUtils.getProperty(user, attribute);
@@ -261,5 +268,15 @@ public String checkMandatoryFields(User user)
         logger.debug("Returning missingAttributes:{} ", missingAttributes);
         return missingAttributes.toString();
     }
-
+
+    private boolean isExcludedAttribute(List<String> excludeAttributes,String attribute) {
+        logger.debug(" Is attribute:{} in excludeAttributeList:{} ", attribute, excludeAttributes);
+
+        if(excludeAttributes==null || excludeAttributes.isEmpty()) {
+            return false;
+        }
+
+        return excludeAttributes.stream().anyMatch( e -> e.equals(attribute));
+    }
+
 }