make reactivate user reset password (#6211)

CDCgov · Jul 31, 2023 · d8499c4 · d8499c4
1 parent 15511a1
commit d8499c4
Show file tree

Hide file tree

Showing 6 changed files with 105 additions and 1 deletion.
diff --git a/backend/src/main/java/gov/cdc/usds/simplereport/api/apiuser/UserMutationResolver.java b/backend/src/main/java/gov/cdc/usds/simplereport/api/apiuser/UserMutationResolver.java
@@ -120,6 +120,12 @@ public User resetUserPassword(@Argument UUID id) {
     return new User(user);
   }
 
+  @MutationMapping
+  public User reactivateUserAndResetPassword(@Argument UUID id) {
+    UserInfo user = _us.reactivateUserAndResetPassword(id);
+    return new User(user);
+  }
+
   @MutationMapping
   public User resetUserMfa(@Argument UUID id) {
     UserInfo user = _us.resetUserMfa(id);

diff --git a/backend/src/main/java/gov/cdc/usds/simplereport/service/ApiUserService.java b/backend/src/main/java/gov/cdc/usds/simplereport/service/ApiUserService.java
@@ -315,6 +315,12 @@ public UserInfo setIsDeleted(UUID userId, boolean deleted) {
     return new UserInfo(apiUser, Optional.empty(), isAdmin(apiUser));
   }
 
+  @AuthorizationConfiguration.RequirePermissionManageTargetUser
+  public UserInfo reactivateUserAndResetPassword(UUID userId) {
+    UserInfo reactivatedUser = reactivateUser((userId));
+    return resetUserPassword(reactivatedUser.getId());
+  }
+
   // This method is used to reactivate users that have been suspended due to inactivity
   @AuthorizationConfiguration.RequirePermissionManageTargetUser
   public UserInfo reactivateUser(UUID userId) {

diff --git a/backend/src/main/resources/graphql/main.graphqls b/backend/src/main/resources/graphql/main.graphqls
@@ -509,6 +509,7 @@ type Mutation {
   reactivateUser(id: ID!): User @requiredPermissions(allOf: ["MANAGE_USERS"])
   resendActivationEmail(id: ID!): User
     @requiredPermissions(allOf: ["MANAGE_USERS"])
+  reactivateUserAndResetPassword(id: ID!): User @requiredPermissions(allOf: ["MANAGE_USERS"])
   setCurrentUserTenantDataAccess(
     organizationExternalId: String
     justification: String

diff --git a/backend/src/test/java/gov/cdc/usds/simplereport/api/apiuser/UserMutationResolverTest.java b/backend/src/test/java/gov/cdc/usds/simplereport/api/apiuser/UserMutationResolverTest.java
@@ -0,0 +1,53 @@
+package gov.cdc.usds.simplereport.api.apiuser;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import gov.cdc.usds.simplereport.api.model.User;
+import gov.cdc.usds.simplereport.db.model.Organization;
+import gov.cdc.usds.simplereport.service.ApiUserService;
+import gov.cdc.usds.simplereport.service.BaseServiceTest;
+import gov.cdc.usds.simplereport.service.model.UserInfo;
+import gov.cdc.usds.simplereport.test_util.SliceTestConfiguration.WithSimpleReportOrgAdminUser;
+import gov.cdc.usds.simplereport.test_util.TestDataFactory;
+import java.util.UUID;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.springframework.beans.factory.annotation.Autowired;
+
+@WithSimpleReportOrgAdminUser
+class UserMutationResolverTest extends BaseServiceTest<ApiUserService> {
+  @Mock ApiUserService mockedApiUserService;
+
+  @Autowired private TestDataFactory _dataFactory;
+
+  private UserInfo orgUserInfo;
+
+  @InjectMocks UserMutationResolver userMutationResolver;
+
+  @BeforeEach
+  void setup() {
+    Organization org = _dataFactory.saveValidOrganization();
+    orgUserInfo = _dataFactory.createValidApiUser("demo@example.com", org);
+  }
+
+  @Test
+  void reactivateUserAndResetPassword_orgAdmin_success() {
+    UUID userInfoInternalId = orgUserInfo.getInternalId();
+
+    // GIVEN
+    when(mockedApiUserService.reactivateUserAndResetPassword(userInfoInternalId))
+        .thenReturn(orgUserInfo);
+
+    // WHEN
+    User resetUser = userMutationResolver.reactivateUserAndResetPassword(userInfoInternalId);
+
+    // THEN
+    assertThat(resetUser.getInternalId()).isEqualTo(userInfoInternalId);
+    verify(mockedApiUserService, times(1)).reactivateUserAndResetPassword(userInfoInternalId);
+  }
+}
diff --git a/backend/src/test/java/gov/cdc/usds/simplereport/service/ApiUserServiceTest.java b/backend/src/test/java/gov/cdc/usds/simplereport/service/ApiUserServiceTest.java
@@ -3,6 +3,8 @@
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
 
 import com.okta.sdk.resource.user.UserStatus;
 import gov.cdc.usds.simplereport.api.model.ApiUserWithStatus;
@@ -28,17 +30,19 @@
 import java.util.stream.Collectors;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.mock.mockito.SpyBean;
 import org.springframework.test.context.TestPropertySource;
 
 @TestPropertySource(properties = "hibernate.query.interceptor.error-level=ERROR")
 class ApiUserServiceTest extends BaseServiceTest<ApiUserService> {
 
   @Autowired ApiUserRepository _apiUserRepo;
-  @Autowired OktaRepository _oktaRepo;
+  @SpyBean @Autowired OktaRepository _oktaRepo;
 
   @Autowired OrganizationService _organizationService;
   @Autowired FacilityRepository facilityRepository;
   @Autowired private TestDataFactory _dataFactory;
+
   Set<UUID> emptySet = Collections.emptySet();
 
   // The next several retrieval tests expect the demo users as they are defined in the
@@ -330,6 +334,35 @@ void resetUserPassword_orgAdmin_success() {
     ApiUser apiUser = _apiUserRepo.findByLoginEmail(email).get();
 
     UserInfo userInfo = _service.resetUserPassword(apiUser.getInternalId());
+    verify(_oktaRepo, times(1)).resetUserPassword(email);
+
+    assertEquals(apiUser.getInternalId(), userInfo.getInternalId());
+  }
+
+  @Test
+  @WithSimpleReportOrgAdminUser
+  void reactivateUser_orgAdmin_success() {
+    initSampleData();
+
+    final String email = "allfacilities@example.com"; // member of DIS_ORG
+    ApiUser apiUser = _apiUserRepo.findByLoginEmail(email).get();
+
+    UserInfo userInfo = _service.reactivateUser(apiUser.getInternalId());
+    verify(_oktaRepo, times(1)).reactivateUser(email);
+
+    assertEquals(apiUser.getInternalId(), userInfo.getInternalId());
+  }
+
+  @Test
+  @WithSimpleReportOrgAdminUser
+  void reactivateAndResetUserPassword_orgAdmin_success() {
+    initSampleData();
+    final String email = "allfacilities@example.com"; // member of DIS_ORG
+    ApiUser apiUser = _apiUserRepo.findByLoginEmail(email).get();
+
+    UserInfo userInfo = _service.reactivateUserAndResetPassword(apiUser.getInternalId());
+    verify(_oktaRepo, times(1)).reactivateUser(email);
+    verify(_oktaRepo, times(1)).resetUserPassword(email);
 
     assertEquals(apiUser.getInternalId(), userInfo.getInternalId());
   }

diff --git a/frontend/src/generated/graphql.tsx b/frontend/src/generated/graphql.tsx
@@ -187,6 +187,7 @@ export type Mutation = {
   markOrganizationAsDeleted?: Maybe<Scalars["String"]>;
   markPendingOrganizationAsDeleted?: Maybe<Scalars["String"]>;
   reactivateUser?: Maybe<User>;
+  reactivateUserAndResetPassword?: Maybe<User>;
   removePatientFromQueue?: Maybe<Scalars["String"]>;
   resendActivationEmail?: Maybe<User>;
   resendToReportStream?: Maybe<Scalars["Boolean"]>;
@@ -349,6 +350,10 @@ export type MutationReactivateUserArgs = {
   id: Scalars["ID"];
 };
 
+export type MutationReactivateUserAndResetPasswordArgs = {
+  id: Scalars["ID"];
+};
+
 export type MutationRemovePatientFromQueueArgs = {
   patientId: Scalars["ID"];
 };