Add ability to broadcast user deleted events

[#142386557] https://www.pivotaltracker.com/story/show/142386557

server/src/main/java/org/cloudfoundry/identity/uaa/audit/event/SystemDeletable.java

@@ -18,6 +18,8 @@
 import org.apache.commons.logging.Log;
 import org.cloudfoundry.identity.uaa.constants.OriginKeys;
 import org.cloudfoundry.identity.uaa.provider.IdentityProvider;
+import org.cloudfoundry.identity.uaa.scim.ScimUser;
+import org.cloudfoundry.identity.uaa.user.UaaUser;
 import org.cloudfoundry.identity.uaa.zone.IdentityZone;
 import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder;
 import org.springframework.context.ApplicationListener;
@@ -47,8 +49,18 @@ default void onApplicationEvent(EntityDeletedEvent<?> event) {
         } else if (event.getDeleted() instanceof ClientDetails) {
             String clientId = ((ClientDetails) event.getDeleted()).getClientId();
             String zoneId = IdentityZoneHolder.get().getId();
-            getLogger().debug(String.format("Received provider deletion event for zone_id:%s and client:%s", clientId, zoneId));
+            getLogger().debug(String.format("Received client deletion event for zone_id:%s and client:%s", zoneId, clientId));
             deleteByClient(clientId, zoneId);
+        } else if (event.getDeleted() instanceof UaaUser) {
+            String userId = ((UaaUser) event.getDeleted()).getId();
+            String zoneId = ((UaaUser) event.getDeleted()).getZoneId();
+            getLogger().debug(String.format("Received UAA user deletion event for zone_id:%s and user:%s", zoneId, userId));
+            deleteByUser(userId, zoneId);
+        } else if (event.getDeleted() instanceof ScimUser) {
+            String userId = ((ScimUser) event.getDeleted()).getId();
+            String zoneId = ((ScimUser) event.getDeleted()).getZoneId();
+            getLogger().debug(String.format("Received SCIM user deletion event for zone_id:%s and user:%s", zoneId, userId));
+            deleteByUser(userId, zoneId);
         } else {
             getLogger().debug("Unsupported deleted event for deletion of object:"+event.getDeleted());
         }
@@ -70,7 +82,7 @@ default boolean isUaaZone(String zoneId) {
 
     int deleteByClient(String clientId, String zoneId);
 
-    //int deleteByUser(String userId, String zoneId);
+    int deleteByUser(String userId, String zoneId);
 
     Log getLogger();
 }

server/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/JdbcRevocableTokenProvisioning.java

@@ -47,6 +47,7 @@ public class JdbcRevocableTokenProvisioning implements RevocableTokenProvisionin
     protected final static String DELETE_EXPIRED_QUERY = "DELETE FROM " + TABLE + " WHERE expires_at < ?";
     protected final static String DELETE_REFRESH_TOKEN_QUERY = "DELETE FROM " + TABLE + " WHERE user_id=? AND client_id=? AND response_type='" +REFRESH_TOKEN_RESPONSE_TYPE+ "' AND identity_zone_id=?";
     protected final static String DELETE_BY_CLIENT_QUERY = "DELETE FROM " + TABLE + " WHERE client_id = ? AND identity_zone_id=?";
+    protected final static String DELETE_BY_USER_QUERY = "DELETE FROM " + TABLE + " WHERE user_id = ? AND identity_zone_id=?";
     protected final static String DELETE_BY_ZONE_QUERY = "DELETE FROM " + TABLE + " WHERE identity_zone_id=?";
 
 
@@ -152,6 +153,11 @@ public int deleteByClient(String clientId, String zoneId) {
         return template.update(DELETE_BY_CLIENT_QUERY, clientId, zoneId);
     }
 
+    @Override
+    public int deleteByUser(String userId, String zoneId) {
+        return template.update(DELETE_BY_USER_QUERY, userId, zoneId);
+    }
+
     @Override
     public Log getLogger() {
         return logger;

server/src/main/java/org/cloudfoundry/identity/uaa/provider/JdbcIdentityProviderProvisioning.java

@@ -175,6 +175,13 @@ public int deleteByClient(String clientId, String zoneId) {
         return 0;
     }
 
+    @Override
+    public int deleteByUser(String userId, String zoneId) {
+        //no op - nothing to do here
+        return 0;
+    }
+
+
     @Override
     public Log getLogger() {
         return logger;

server/src/main/java/org/cloudfoundry/identity/uaa/scim/jdbc/JdbcScimGroupMembershipManager.java

@@ -12,21 +12,9 @@
  *******************************************************************************/
 package org.cloudfoundry.identity.uaa.scim.jdbc;
 
-import java.sql.PreparedStatement;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Timestamp;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.concurrent.ConcurrentHashMap;
-
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.cloudfoundry.identity.uaa.audit.event.SystemDeletable;
 import org.cloudfoundry.identity.uaa.resources.jdbc.AbstractQueryable;
 import org.cloudfoundry.identity.uaa.resources.jdbc.JdbcPagingListFactory;
 import org.cloudfoundry.identity.uaa.resources.jdbc.SearchQueryConverter;
@@ -55,7 +43,21 @@
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
 
-public class JdbcScimGroupMembershipManager extends AbstractQueryable<ScimGroupMember> implements ScimGroupMembershipManager {
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Timestamp;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+
+public class JdbcScimGroupMembershipManager extends AbstractQueryable<ScimGroupMember> implements
+    ScimGroupMembershipManager, SystemDeletable {
 
     private JdbcTemplate jdbcTemplate;
 
@@ -421,6 +423,35 @@ public void setValues(PreparedStatement ps) throws SQLException {
         return groups;
     }
 
+    @Override
+    public int deleteByIdentityZone(String zoneId) {
+        //no op
+        return 0;
+    }
+
+    @Override
+    public int deleteByOrigin(String origin, String zoneId) {
+        //no op
+        return 0;
+    }
+
+    @Override
+    public int deleteByClient(String clientId, String zoneId) {
+        //no op
+        return 0;
+    }
+
+    @Override
+    public int deleteByUser(String userId, String zoneId) {
+        //no op
+        return 0;
+    }
+
+    @Override
+    public Log getLogger() {
+        return logger;
+    }
+
     @Override
     protected void validateOrderBy(String orderBy) throws IllegalArgumentException {
         super.validateOrderBy(orderBy, MEMBERSHIP_FIELDS);

server/src/main/java/org/cloudfoundry/identity/uaa/scim/jdbc/JdbcScimGroupProvisioning.java

@@ -279,6 +279,11 @@ public int deleteByClient(String clientId, String zoneId) {
         return 0;
     }
 
+    @Override
+    public int deleteByUser(String userId, String zoneId) {
+        throw new UnsupportedOperationException();
+    }
+
     protected void validateGroup(ScimGroup group) throws ScimResourceConstraintFailedException {
         if (!StringUtils.hasText(group.getZoneId())) {
             throw new ScimResourceConstraintFailedException("zoneId is a required field");

server/src/main/java/org/cloudfoundry/identity/uaa/scim/jdbc/JdbcScimUserProvisioning.java

@@ -487,6 +487,12 @@ public int deleteByClient(String clientId, String zoneId) {
         return 0;
     }
 
+    @Override
+    public int deleteByUser(String userId, String zoneId) {
+        throw new UnsupportedOperationException();
+    }
+
+
     private static final class ScimUserRowMapper implements RowMapper<ScimUser> {
         @Override
         public ScimUser mapRow(ResultSet rs, int rowNum) throws SQLException {

server/src/main/java/org/cloudfoundry/identity/uaa/zone/JdbcIdentityZoneProvisioning.java

@@ -155,6 +155,12 @@ public int deleteByClient(String clientId, String zoneId) {
         return 0;
     }
 
+    @Override
+    public int deleteByUser(String userId, String zoneId) {
+        //no op - nothing to do here
+        return 0;
+    }
+
     @Override
     public Log getLogger() {
         return logger;

server/src/main/java/org/cloudfoundry/identity/uaa/zone/MultitenantJdbcClientDetailsService.java

@@ -301,6 +301,12 @@ public int deleteByClient(String clientId, String zoneId) {
         return count;
     }
 
+    @Override
+    public int deleteByUser(String userId, String zoneId) {
+        throw new UnsupportedOperationException();
+    }
+
+
     @Override
     public Log getLogger() {
         return logger;

server/src/test/java/org/cloudfoundry/identity/uaa/audit/event/EntityDeletedEventTest.java

@@ -16,26 +16,45 @@
 package org.cloudfoundry.identity.uaa.audit.event;
 
 import org.cloudfoundry.identity.uaa.provider.IdentityProvider;
-import org.cloudfoundry.identity.uaa.provider.IdentityProviderValidationRequest;
+import org.cloudfoundry.identity.uaa.scim.ScimUser;
+import org.cloudfoundry.identity.uaa.user.UaaUser;
+import org.cloudfoundry.identity.uaa.user.UaaUserPrototype;
 import org.cloudfoundry.identity.uaa.zone.IdentityZone;
 import org.junit.Before;
 import org.junit.Test;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.provider.client.BaseClientDetails;
 
 import static org.cloudfoundry.identity.uaa.audit.event.EntityDeletedEvent.dataFormat;
 import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.mock;
 
 public class EntityDeletedEventTest {
 
 
     private IdentityProvider provider;
     private IdentityZone zone;
+    private BaseClientDetails client;
+    private UaaUser uaaUser;
+    private ScimUser scimUser;
 
     @Before
     public void setup() throws Exception {
         provider = new IdentityProvider();
         provider.setId("id");
-
+        client = new BaseClientDetails("id", "", "", "", "");
         zone = IdentityZone.getUaa();
+        uaaUser = new UaaUser(
+            new UaaUserPrototype()
+            .withId("user-id")
+            .withUsername("username")
+            .withEmail("test@test.com")
+            .withZoneId(zone.getId())
+        );
+        scimUser = new ScimUser("id", "username", null, null);
+        scimUser.setPrimaryEmail("test@test.com");
+        scimUser.setZoneId(zone.getId());
+
     }
 
     @Test
@@ -50,8 +69,25 @@ public void getAuditEvent_IdentityZone() throws Exception {
         evalute(provider, expected);
     }
 
+    @Test
+    public void getAuditEvent_Client() throws Exception {
+        String expected = String.format(dataFormat, BaseClientDetails.class.getName(), client.getClientId());
+        evalute(client, expected);
+    }
+
+    @Test
+    public void getAuditEvent_UaaUser() throws Exception {
+        String expected = String.format(dataFormat, UaaUser.class.getName(), uaaUser.getId());
+        evalute(uaaUser, expected);
+    }
+    @Test
+    public void getAuditEvent_ScimUser() throws Exception {
+        String expected = String.format(dataFormat, ScimUser.class.getName(), scimUser.getId());
+        evalute(scimUser, expected);
+    }
+
     public void evalute(Object o, String expected) {
-        EntityDeletedEvent<Object> event = new EntityDeletedEvent(o, new IdentityProviderValidationRequest.UsernamePasswordAuthentication("username","password"));
+        EntityDeletedEvent event = new EntityDeletedEvent(o, mock(Authentication.class));
         assertEquals(expected, event.getAuditEvent().getData());
     }
 }