sebi/effigenix
1
0
Fork 0
mirror of https://github.com/s-frick/effigenix.git synced 2026-03-28 13:49:36 +01:00
Code Issues Releases Activity Actions

refactor(usermanagement): implement code review findings for User Management BC

Browse source 
Address all 18 findings from security code review (5 critical, 7 medium, 6 low):

Domain: make User and Role immutable with wither-pattern, add status transition
guards (ACTIVE->LOCKED, LOCKED->ACTIVE, ACTIVE|LOCKED->INACTIVE, INACTIVE->ACTIVE)

Application: enforce authorization via AuthorizationPort in all use cases, add
input validation, introduce LockUserCommand/UnlockUserCommand/RemoveRoleCommand,
fix audit event on password change failure (K5), use flatMap/mapError chains

Infrastructure: JWT blacklist with TTL and scheduled cleanup, login rate limiting
(5 attempts/15min), configurable CORS, generic error messages, conditional Swagger,
seed data context restriction

Tests: unit tests for all 10 use cases, adapted domain and integration tests
This commit is contained in:
Sebastian Frick 2026-02-19 10:11:20 +01:00
parent a1161cfbad
commit 05878b1ce9
45 changed files with 1989 additions and 2207 deletions
Download patch file Download diff file Expand all files Collapse all files

2
backend/src/main/java/de/effigenix/EffigenixApplication.java
View file

@ -4,6 +4,7 @@ import de.effigenix.infrastructure.config.DatabaseProfileInitializer;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.scheduling.annotation.EnableAsync; import org.springframework.scheduling.annotation.EnableAsync;
import org.springframework.scheduling.annotation.EnableScheduling;
/** /**
* Main Application Class for Effigenix ERP System. * Main Application Class for Effigenix ERP System.
@ -16,6 +17,7 @@ import org.springframework.scheduling.annotation.EnableAsync;
*/ */
@SpringBootApplication @SpringBootApplication
@EnableAsync @EnableAsync
@EnableScheduling
public class EffigenixApplication { public class EffigenixApplication {
public static void main(String[] args) { public static void main(String[] args) {

80
backend/src/main/java/de/effigenix/application/usermanagement/AssignRole.java
View file

@ -6,12 +6,11 @@ import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.RepositoryError; import de.effigenix.shared.common.RepositoryError;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.Optional; import java.util.Optional;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: Assign a role to a user. * Use Case: Assign a role to a user.
*/ */
@ -21,60 +20,61 @@ public class AssignRole {
private final UserRepository userRepository; private final UserRepository userRepository;
private final RoleRepository roleRepository; private final RoleRepository roleRepository;
private final AuditLogger auditLogger; private final AuditLogger auditLogger;
private final AuthorizationPort authPort;
public AssignRole( public AssignRole(
UserRepository userRepository, UserRepository userRepository,
RoleRepository roleRepository, RoleRepository roleRepository,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
this.userRepository = userRepository; this.userRepository = userRepository;
this.roleRepository = roleRepository; this.roleRepository = roleRepository;
this.auditLogger = auditLogger; this.auditLogger = auditLogger;
this.authPort = authPort;
} }
public Result<UserError, UserDTO> execute(AssignRoleCommand cmd, ActorId performedBy) { public Result<UserError, UserDTO> execute(AssignRoleCommand cmd, ActorId performedBy) {
// 1. Find user // 0. Authorization
UserId userId = UserId.of(cmd.userId()); if (!authPort.can(performedBy, UserManagementAction.ROLE_ASSIGN)) {
User user; return Result.failure(new UserError.Unauthorized("Not authorized to assign roles"));
switch (userRepository.findById(userId)) {
case Failure<RepositoryError, Optional<User>> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Optional<User>> s -> {
if (s.value().isEmpty()) {
return Result.failure(new UserError.UserNotFound(userId));
}
user = s.value().get();
}
} }
// 2. Find role // 1. Input validation
Role role; if (cmd.userId() == null || cmd.userId().isBlank()) {
switch (roleRepository.findByName(cmd.roleName())) { return Result.failure(new UserError.InvalidInput("User ID must not be blank"));
case Failure<RepositoryError, Optional<Role>> f -> }
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); } if (cmd.roleName() == null) {
case Success<RepositoryError, Optional<Role>> s -> { return Result.failure(new UserError.InvalidInput("Role name must not be null"));
if (s.value().isEmpty()) { }
UserId userId = UserId.of(cmd.userId());
return findUser(userId).flatMap(user -> findRoleAndAssign(user, cmd, performedBy));
}
private Result<UserError, UserDTO> findRoleAndAssign(User user, AssignRoleCommand cmd, ActorId performedBy) {
return roleRepository.findByName(cmd.roleName())
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.flatMap(optRole -> {
if (optRole.isEmpty()) {
return Result.failure(new UserError.RoleNotFound(cmd.roleName())); return Result.failure(new UserError.RoleNotFound(cmd.roleName()));
} }
role = s.value().get(); Role role = optRole.get();
} return user.assignRole(role)
.flatMap(updated -> userRepository.save(updated)
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.map(ignored -> {
auditLogger.log(AuditEvent.ROLE_ASSIGNED, updated.id().value(), "Role: " + role.name(), performedBy);
return UserDTO.from(updated);
}));
});
} }
// 3. Assign role private Result<UserError, User> findUser(UserId userId) {
switch (user.assignRole(role)) { return userRepository.findById(userId)
case Failure<UserError, Void> f -> { return Result.failure(f.error()); } .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
case Success<UserError, Void> ignored -> { } .flatMap(opt -> opt
} .map(Result::<UserError, User>success)
.orElse(Result.failure(new UserError.UserNotFound(userId))));
switch (userRepository.save(user)) {
case Failure<RepositoryError, Void> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Void> ignored -> { }
}
// 4. Audit log
auditLogger.log(AuditEvent.ROLE_ASSIGNED, userId.value(), "Role: " + role.name(), performedBy);
return Result.success(UserDTO.from(user));
} }
} }

1
backend/src/main/java/de/effigenix/application/usermanagement/AuditEvent.java
View file

@ -20,6 +20,7 @@ public enum AuditEvent {
ROLE_REMOVED, ROLE_REMOVED,
PASSWORD_CHANGED, PASSWORD_CHANGED,
PASSWORD_CHANGE_FAILED,
PASSWORD_RESET, PASSWORD_RESET,
LOGIN_SUCCESS, LOGIN_SUCCESS,

38
backend/src/main/java/de/effigenix/application/usermanagement/AuthenticateUser.java
View file

@ -3,7 +3,6 @@ package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.AuthenticateCommand; import de.effigenix.application.usermanagement.command.AuthenticateCommand;
import de.effigenix.application.usermanagement.dto.SessionToken; import de.effigenix.application.usermanagement.dto.SessionToken;
import de.effigenix.domain.usermanagement.*; import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.RepositoryError;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
@ -11,8 +10,6 @@ import org.springframework.transaction.annotation.Transactional;
import java.time.LocalDateTime; import java.time.LocalDateTime;
import java.util.Optional; import java.util.Optional;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: Authenticate a user (login). * Use Case: Authenticate a user (login).
* *
@ -41,19 +38,18 @@ public class AuthenticateUser {
public Result<UserError, SessionToken> execute(AuthenticateCommand cmd) { public Result<UserError, SessionToken> execute(AuthenticateCommand cmd) {
// 1. Find user by username // 1. Find user by username
User user; return userRepository.findByUsername(cmd.username())
switch (userRepository.findByUsername(cmd.username())) { .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
case Failure<RepositoryError, Optional<User>> f -> .flatMap(optUser -> {
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); } if (optUser.isEmpty()) {
case Success<RepositoryError, Optional<User>> s -> {
if (s.value().isEmpty()) {
auditLogger.log(AuditEvent.LOGIN_FAILED, "Username not found: " + cmd.username()); auditLogger.log(AuditEvent.LOGIN_FAILED, "Username not found: " + cmd.username());
return Result.failure(new UserError.InvalidCredentials()); return Result.failure(new UserError.InvalidCredentials());
} }
user = s.value().get(); return authenticateUser(optUser.get(), cmd);
} });
} }
private Result<UserError, SessionToken> authenticateUser(User user, AuthenticateCommand cmd) {
// 2. Check user status // 2. Check user status
if (user.status() == UserStatus.LOCKED) { if (user.status() == UserStatus.LOCKED) {
auditLogger.log(AuditEvent.LOGIN_BLOCKED, user.id().value(), ActorId.of(user.id().value())); auditLogger.log(AuditEvent.LOGIN_BLOCKED, user.id().value(), ActorId.of(user.id().value()));
@ -74,17 +70,13 @@ public class AuthenticateUser {
// 4. Create JWT session // 4. Create JWT session
SessionToken token = sessionManager.createSession(user); SessionToken token = sessionManager.createSession(user);
// 5. Update last login timestamp // 5. Update last login timestamp (immutable)
user.updateLastLogin(LocalDateTime.now()); return user.withLastLogin(LocalDateTime.now())
switch (userRepository.save(user)) { .flatMap(updated -> userRepository.save(updated)
case Failure<RepositoryError, Void> f -> .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); } .map(ignored -> {
case Success<RepositoryError, Void> ignored -> { } auditLogger.log(AuditEvent.LOGIN_SUCCESS, updated.id().value(), ActorId.of(updated.id().value()));
} return token;
}));
// 6. Audit log
auditLogger.log(AuditEvent.LOGIN_SUCCESS, user.id().value(), ActorId.of(user.id().value()));
return Result.success(token);
} }
} }

77
backend/src/main/java/de/effigenix/application/usermanagement/ChangePassword.java
View file

@ -2,19 +2,16 @@ package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.ChangePasswordCommand; import de.effigenix.application.usermanagement.command.ChangePasswordCommand;
import de.effigenix.domain.usermanagement.*; import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.RepositoryError;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.Optional;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: Change user password. * Use Case: Change user password.
* *
* Requires current password verification for security. * Requires current password verification for security.
* Self-service: users can change their own password without PASSWORD_CHANGE permission.
*/ */
@Transactional @Transactional
public class ChangePassword { public class ChangePassword {
@ -22,61 +19,71 @@ public class ChangePassword {
private final UserRepository userRepository; private final UserRepository userRepository;
private final PasswordHasher passwordHasher; private final PasswordHasher passwordHasher;
private final AuditLogger auditLogger; private final AuditLogger auditLogger;
private final AuthorizationPort authPort;
public ChangePassword( public ChangePassword(
UserRepository userRepository, UserRepository userRepository,
PasswordHasher passwordHasher, PasswordHasher passwordHasher,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
this.userRepository = userRepository; this.userRepository = userRepository;
this.passwordHasher = passwordHasher; this.passwordHasher = passwordHasher;
this.auditLogger = auditLogger; this.auditLogger = auditLogger;
this.authPort = authPort;
} }
public Result<UserError, Void> execute(ChangePasswordCommand cmd, ActorId performedBy) { public Result<UserError, Void> execute(ChangePasswordCommand cmd, ActorId performedBy) {
// 1. Find user // 0. Input validation
UserId userId = UserId.of(cmd.userId()); if (cmd.userId() == null || cmd.userId().isBlank()) {
User user; return Result.failure(new UserError.InvalidInput("User ID must not be blank"));
switch (userRepository.findById(userId)) {
case Failure<RepositoryError, Optional<User>> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Optional<User>> s -> {
if (s.value().isEmpty()) {
return Result.failure(new UserError.UserNotFound(userId));
} }
user = s.value().get(); if (cmd.currentPassword() == null || cmd.currentPassword().isBlank()) {
return Result.failure(new UserError.InvalidInput("Current password must not be blank"));
} }
if (cmd.newPassword() == null || cmd.newPassword().isBlank()) {
return Result.failure(new UserError.InvalidInput("New password must not be blank"));
} }
// 2. Verify current password // 1. Authorization: self-service allowed, otherwise need PASSWORD_CHANGE permission
boolean isSelfService = performedBy.value().equals(cmd.userId());
if (!isSelfService && !authPort.can(performedBy, UserManagementAction.PASSWORD_CHANGE)) {
return Result.failure(new UserError.Unauthorized("Not authorized to change password for other users"));
}
// 2. Find user
UserId userId = UserId.of(cmd.userId());
return findUser(userId).flatMap(user -> changeUserPassword(user, cmd, performedBy));
}
private Result<UserError, Void> changeUserPassword(User user, ChangePasswordCommand cmd, ActorId performedBy) {
// 3. Verify current password
if (!passwordHasher.verify(cmd.currentPassword(), user.passwordHash())) { if (!passwordHasher.verify(cmd.currentPassword(), user.passwordHash())) {
auditLogger.log(AuditEvent.PASSWORD_CHANGED, userId.value(), performedBy); auditLogger.log(AuditEvent.PASSWORD_CHANGE_FAILED, user.id().value(), performedBy);
return Result.failure(new UserError.InvalidCredentials()); return Result.failure(new UserError.InvalidCredentials());
} }
// 3. Validate new password // 4. Validate new password
if (!passwordHasher.isValidPassword(cmd.newPassword())) { if (!passwordHasher.isValidPassword(cmd.newPassword())) {
return Result.failure(new UserError.InvalidPassword("Password must be at least 8 characters and contain uppercase, lowercase, digit, and special character")); return Result.failure(new UserError.InvalidPassword("Password must be at least 8 characters and contain uppercase, lowercase, digit, and special character"));
} }
// 4. Hash new password // 5. Hash and update (immutable)
PasswordHash newPasswordHash = passwordHasher.hash(cmd.newPassword()); PasswordHash newPasswordHash = passwordHasher.hash(cmd.newPassword());
return user.changePassword(newPasswordHash)
// 5. Update user .flatMap(updated -> userRepository.save(updated)
switch (user.changePassword(newPasswordHash)) { .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
case Failure<UserError, Void> f -> { return Result.failure(f.error()); } .map(ignored -> {
case Success<UserError, Void> ignored -> { } auditLogger.log(AuditEvent.PASSWORD_CHANGED, updated.id().value(), performedBy);
return null;
}));
} }
switch (userRepository.save(user)) { private Result<UserError, User> findUser(UserId userId) {
case Failure<RepositoryError, Void> f -> return userRepository.findById(userId)
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); } .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
case Success<RepositoryError, Void> ignored -> { } .flatMap(opt -> opt
} .map(Result::<UserError, User>success)
.orElse(Result.failure(new UserError.UserNotFound(userId))));
// 6. Audit log
auditLogger.log(AuditEvent.PASSWORD_CHANGED, user.id().value(), performedBy);
return Result.success(null);
} }
} }

98
backend/src/main/java/de/effigenix/application/usermanagement/CreateUser.java
View file

@ -6,20 +6,14 @@ import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.RepositoryError; import de.effigenix.shared.common.RepositoryError;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.HashSet; import java.util.HashSet;
import java.util.Set; import java.util.Set;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: Create a new user account. * Use Case: Create a new user account.
*
* Transaction Script Pattern (Generic Subdomain):
* - Simple procedural logic
* - No complex domain model
* - Direct repository interaction
*/ */
@Transactional @Transactional
public class CreateUser { public class CreateUser {
@ -28,57 +22,74 @@ public class CreateUser {
private final RoleRepository roleRepository; private final RoleRepository roleRepository;
private final PasswordHasher passwordHasher; private final PasswordHasher passwordHasher;
private final AuditLogger auditLogger; private final AuditLogger auditLogger;
private final AuthorizationPort authPort;
public CreateUser( public CreateUser(
UserRepository userRepository, UserRepository userRepository,
RoleRepository roleRepository, RoleRepository roleRepository,
PasswordHasher passwordHasher, PasswordHasher passwordHasher,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
this.userRepository = userRepository; this.userRepository = userRepository;
this.roleRepository = roleRepository; this.roleRepository = roleRepository;
this.passwordHasher = passwordHasher; this.passwordHasher = passwordHasher;
this.auditLogger = auditLogger; this.auditLogger = auditLogger;
this.authPort = authPort;
} }
public Result<UserError, UserDTO> execute(CreateUserCommand cmd, ActorId performedBy) { public Result<UserError, UserDTO> execute(CreateUserCommand cmd, ActorId performedBy) {
// 1. Validate password // 0. Authorization
if (!authPort.can(performedBy, UserManagementAction.USER_CREATE)) {
return Result.failure(new UserError.Unauthorized("Not authorized to create users"));
}
// 1. Input validation
if (cmd.username() == null || cmd.username().isBlank()) {
return Result.failure(new UserError.InvalidInput("Username must not be blank"));
}
if (cmd.email() == null || cmd.email().isBlank()) {
return Result.failure(new UserError.InvalidInput("Email must not be blank"));
}
if (cmd.password() == null || cmd.password().isBlank()) {
return Result.failure(new UserError.InvalidInput("Password must not be blank"));
}
if (cmd.roleNames() == null || cmd.roleNames().isEmpty()) {
return Result.failure(new UserError.InvalidInput("At least one role must be specified"));
}
// 2. Validate password
if (!passwordHasher.isValidPassword(cmd.password())) { if (!passwordHasher.isValidPassword(cmd.password())) {
return Result.failure(new UserError.InvalidPassword("Password must be at least 8 characters and contain uppercase, lowercase, digit, and special character")); return Result.failure(new UserError.InvalidPassword("Password must be at least 8 characters and contain uppercase, lowercase, digit, and special character"));
} }
// 2. Check username uniqueness // 3. Check username uniqueness
switch (userRepository.existsByUsername(cmd.username())) { return userRepository.existsByUsername(cmd.username())
case Failure<RepositoryError, Boolean> f -> .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); } .flatMap(exists -> {
case Success<RepositoryError, Boolean> s -> { if (exists) return Result.failure(new UserError.UsernameAlreadyExists(cmd.username()));
if (s.value()) { return checkEmailAndCreate(cmd, performedBy);
return Result.failure(new UserError.UsernameAlreadyExists(cmd.username())); });
}
}
} }
// 3. Check email uniqueness private Result<UserError, UserDTO> checkEmailAndCreate(CreateUserCommand cmd, ActorId performedBy) {
switch (userRepository.existsByEmail(cmd.email())) { return userRepository.existsByEmail(cmd.email())
case Failure<RepositoryError, Boolean> f -> .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); } .flatMap(exists -> {
case Success<RepositoryError, Boolean> s -> { if (exists) return Result.failure(new UserError.EmailAlreadyExists(cmd.email()));
if (s.value()) { return loadRolesAndCreate(cmd, performedBy);
return Result.failure(new UserError.EmailAlreadyExists(cmd.email())); });
}
}
} }
// 4. Hash password (BCrypt) private Result<UserError, UserDTO> loadRolesAndCreate(CreateUserCommand cmd, ActorId performedBy) {
PasswordHash passwordHash = passwordHasher.hash(cmd.password()); PasswordHash passwordHash = passwordHasher.hash(cmd.password());
// 5. Load roles
Set<Role> roles = new HashSet<>(); Set<Role> roles = new HashSet<>();
for (RoleName roleName : cmd.roleNames()) { for (RoleName roleName : cmd.roleNames()) {
switch (roleRepository.findByName(roleName)) { switch (roleRepository.findByName(roleName)) {
case Failure<RepositoryError, java.util.Optional<Role>> f -> case Result.Failure<RepositoryError, java.util.Optional<Role>> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); } { return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, java.util.Optional<Role>> s -> { case Result.Success<RepositoryError, java.util.Optional<Role>> s -> {
if (s.value().isEmpty()) { if (s.value().isEmpty()) {
return Result.failure(new UserError.RoleNotFound(roleName)); return Result.failure(new UserError.RoleNotFound(roleName));
} }
@ -87,25 +98,12 @@ public class CreateUser {
} }
} }
// 6. Create user entity (simple entity, not aggregate) return User.create(cmd.username(), cmd.email(), passwordHash, roles, cmd.branchId())
switch (User.create(cmd.username(), cmd.email(), passwordHash, roles, cmd.branchId())) { .flatMap(user -> userRepository.save(user)
case Failure<UserError, User> f -> .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
{ return Result.failure(f.error()); } .map(ignored -> {
case Success<UserError, User> s -> {
User user = s.value();
// 7. Save
switch (userRepository.save(user)) {
case Failure<RepositoryError, Void> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Void> ignored -> { }
}
// 8. Audit log (HACCP/GoBD compliance)
auditLogger.log(AuditEvent.USER_CREATED, user.id().value(), performedBy); auditLogger.log(AuditEvent.USER_CREATED, user.id().value(), performedBy);
return UserDTO.from(user);
return Result.success(UserDTO.from(user)); }));
}
}
} }
} }

29
backend/src/main/java/de/effigenix/application/usermanagement/GetUser.java
View file

@ -2,14 +2,11 @@ package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.dto.UserDTO; import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*; import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.RepositoryError;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.Optional;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: Get a single user by ID. * Use Case: Get a single user by ID.
*/ */
@ -17,20 +14,24 @@ import static de.effigenix.shared.common.Result.*;
public class GetUser { public class GetUser {
private final UserRepository userRepository; private final UserRepository userRepository;
private final AuthorizationPort authPort;
public GetUser(UserRepository userRepository) { public GetUser(UserRepository userRepository, AuthorizationPort authPort) {
this.userRepository = userRepository; this.userRepository = userRepository;
this.authPort = authPort;
}
public Result<UserError, UserDTO> execute(String userIdValue, ActorId performedBy) {
// 0. Authorization
if (!authPort.can(performedBy, UserManagementAction.USER_VIEW)) {
return Result.failure(new UserError.Unauthorized("Not authorized to view users"));
} }
public Result<UserError, UserDTO> execute(String userIdValue) {
UserId userId = UserId.of(userIdValue); UserId userId = UserId.of(userIdValue);
return switch (userRepository.findById(userId)) { return userRepository.findById(userId)
case Failure<RepositoryError, Optional<User>> f -> .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
Result.failure(new UserError.RepositoryFailure(f.error().message())); .flatMap(opt -> opt
case Success<RepositoryError, Optional<User>> s ->
s.value()
.map(user -> Result.<UserError, UserDTO>success(UserDTO.from(user))) .map(user -> Result.<UserError, UserDTO>success(UserDTO.from(user)))
.orElse(Result.failure(new UserError.UserNotFound(userId))); .orElse(Result.failure(new UserError.UserNotFound(userId))));
};
} }
} }

45
backend/src/main/java/de/effigenix/application/usermanagement/ListUsers.java
View file

@ -1,19 +1,18 @@
package de.effigenix.application.usermanagement; package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.dto.UserDTO; import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.shared.common.RepositoryError;
import de.effigenix.domain.usermanagement.User;
import de.effigenix.domain.usermanagement.UserError; import de.effigenix.domain.usermanagement.UserError;
import de.effigenix.domain.usermanagement.UserManagementAction;
import de.effigenix.domain.usermanagement.UserRepository; import de.effigenix.domain.usermanagement.UserRepository;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import de.effigenix.shared.security.BranchId; import de.effigenix.shared.security.BranchId;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.List; import java.util.List;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: List all users (with optional branch filtering). * Use Case: List all users (with optional branch filtering).
*/ */
@ -21,36 +20,36 @@ import static de.effigenix.shared.common.Result.*;
public class ListUsers { public class ListUsers {
private final UserRepository userRepository; private final UserRepository userRepository;
private final AuthorizationPort authPort;
public ListUsers(UserRepository userRepository) { public ListUsers(UserRepository userRepository, AuthorizationPort authPort) {
this.userRepository = userRepository; this.userRepository = userRepository;
this.authPort = authPort;
} }
/** /**
* Lists all users (admin view). * Lists all users (admin view).
*/ */
public Result<UserError, List<UserDTO>> execute() { public Result<UserError, List<UserDTO>> execute(ActorId performedBy) {
return switch (userRepository.findAll()) { if (!authPort.can(performedBy, UserManagementAction.USER_LIST)) {
case Failure<RepositoryError, List<User>> f -> return Result.failure(new UserError.Unauthorized("Not authorized to list users"));
Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, List<User>> s ->
Result.success(s.value().stream() return userRepository.findAll()
.map(UserDTO::from) .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.collect(Collectors.toList())); .map(users -> users.stream().map(UserDTO::from).collect(Collectors.toList()));
};
} }
/** /**
* Lists users for a specific branch (filtered view). * Lists users for a specific branch (filtered view).
*/ */
public Result<UserError, List<UserDTO>> executeForBranch(BranchId branchId) { public Result<UserError, List<UserDTO>> executeForBranch(BranchId branchId, ActorId performedBy) {
return switch (userRepository.findByBranchId(branchId.value())) { if (!authPort.can(performedBy, UserManagementAction.USER_LIST)) {
case Failure<RepositoryError, List<User>> f -> return Result.failure(new UserError.Unauthorized("Not authorized to list users"));
Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, List<User>> s ->
Result.success(s.value().stream() return userRepository.findByBranchId(branchId.value())
.map(UserDTO::from) .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.collect(Collectors.toList())); .map(users -> users.stream().map(UserDTO::from).collect(Collectors.toList()));
};
} }
} }

54
backend/src/main/java/de/effigenix/application/usermanagement/LockUser.java
View file

@ -1,16 +1,13 @@
package de.effigenix.application.usermanagement; package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.LockUserCommand;
import de.effigenix.application.usermanagement.dto.UserDTO; import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*; import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.RepositoryError;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.Optional;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: Lock a user account (prevent login). * Use Case: Lock a user account (prevent login).
*/ */
@ -19,36 +16,41 @@ public class LockUser {
private final UserRepository userRepository; private final UserRepository userRepository;
private final AuditLogger auditLogger; private final AuditLogger auditLogger;
private final AuthorizationPort authPort;
public LockUser(UserRepository userRepository, AuditLogger auditLogger) { public LockUser(UserRepository userRepository, AuditLogger auditLogger, AuthorizationPort authPort) {
this.userRepository = userRepository; this.userRepository = userRepository;
this.auditLogger = auditLogger; this.auditLogger = auditLogger;
this.authPort = authPort;
} }
public Result<UserError, UserDTO> execute(String userIdValue, ActorId performedBy) { public Result<UserError, UserDTO> execute(LockUserCommand cmd, ActorId performedBy) {
UserId userId = UserId.of(userIdValue); // 0. Authorization
User user; if (!authPort.can(performedBy, UserManagementAction.USER_LOCK)) {
switch (userRepository.findById(userId)) { return Result.failure(new UserError.Unauthorized("Not authorized to lock users"));
case Failure<RepositoryError, Optional<User>> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Optional<User>> s -> {
if (s.value().isEmpty()) {
return Result.failure(new UserError.UserNotFound(userId));
}
user = s.value().get();
}
} }
user.lock(); // 1. Input validation
if (cmd.userId() == null || cmd.userId().isBlank()) {
switch (userRepository.save(user)) { return Result.failure(new UserError.InvalidInput("User ID must not be blank"));
case Failure<RepositoryError, Void> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Void> ignored -> { }
} }
auditLogger.log(AuditEvent.USER_LOCKED, user.id().value(), performedBy); UserId userId = UserId.of(cmd.userId());
return findUser(userId)
.flatMap(User::lock)
.flatMap(updated -> userRepository.save(updated)
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.map(ignored -> {
auditLogger.log(AuditEvent.USER_LOCKED, updated.id().value(), performedBy);
return UserDTO.from(updated);
}));
}
return Result.success(UserDTO.from(user)); private Result<UserError, User> findUser(UserId userId) {
return userRepository.findById(userId)
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.flatMap(opt -> opt
.map(Result::<UserError, User>success)
.orElse(Result.failure(new UserError.UserNotFound(userId))));
} }
} }

90
backend/src/main/java/de/effigenix/application/usermanagement/RemoveRole.java
View file

@ -1,21 +1,15 @@
package de.effigenix.application.usermanagement; package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.RemoveRoleCommand;
import de.effigenix.application.usermanagement.dto.UserDTO; import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*; import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.RepositoryError;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.Optional;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: Remove a role from a user. * Use Case: Remove a role from a user.
*
* Allows administrators to revoke roles from users.
* Role removal is immediate and affects user's permissions.
*/ */
@Transactional @Transactional
public class RemoveRole { public class RemoveRole {
@ -23,65 +17,61 @@ public class RemoveRole {
private final UserRepository userRepository; private final UserRepository userRepository;
private final RoleRepository roleRepository; private final RoleRepository roleRepository;
private final AuditLogger auditLogger; private final AuditLogger auditLogger;
private final AuthorizationPort authPort;
public RemoveRole( public RemoveRole(
UserRepository userRepository, UserRepository userRepository,
RoleRepository roleRepository, RoleRepository roleRepository,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
this.userRepository = userRepository; this.userRepository = userRepository;
this.roleRepository = roleRepository; this.roleRepository = roleRepository;
this.auditLogger = auditLogger; this.auditLogger = auditLogger;
this.authPort = authPort;
} }
/** public Result<UserError, UserDTO> execute(RemoveRoleCommand cmd, ActorId performedBy) {
* Removes a role from a user. // 0. Authorization
* if (!authPort.can(performedBy, UserManagementAction.ROLE_REMOVE)) {
* @param userId User ID return Result.failure(new UserError.Unauthorized("Not authorized to remove roles"));
* @param roleName Role name to remove
* @param performedBy Actor performing the action
* @return Result with UserDTO or UserError
*/
public Result<UserError, UserDTO> execute(String userId, RoleName roleName, ActorId performedBy) {
// 1. Find user
UserId userIdObj = UserId.of(userId);
User user;
switch (userRepository.findById(userIdObj)) {
case Failure<RepositoryError, Optional<User>> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Optional<User>> s -> {
if (s.value().isEmpty()) {
return Result.failure(new UserError.UserNotFound(userIdObj));
}
user = s.value().get();
}
} }
// 2. Find role // 1. Input validation
Role role; if (cmd.userId() == null || cmd.userId().isBlank()) {
switch (roleRepository.findByName(roleName)) { return Result.failure(new UserError.InvalidInput("User ID must not be blank"));
case Failure<RepositoryError, Optional<Role>> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Optional<Role>> s -> {
if (s.value().isEmpty()) {
return Result.failure(new UserError.RoleNotFound(roleName));
}
role = s.value().get();
} }
if (cmd.roleName() == null) {
return Result.failure(new UserError.InvalidInput("Role name must not be null"));
} }
// 3. Remove role UserId userId = UserId.of(cmd.userId());
user.removeRole(role); return findUser(userId).flatMap(user -> findRoleAndRemove(user, cmd, performedBy));
switch (userRepository.save(user)) {
case Failure<RepositoryError, Void> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Void> ignored -> { }
} }
// 4. Audit log private Result<UserError, UserDTO> findRoleAndRemove(User user, RemoveRoleCommand cmd, ActorId performedBy) {
auditLogger.log(AuditEvent.ROLE_REMOVED, userId, "Role: " + roleName, performedBy); return roleRepository.findByName(cmd.roleName())
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.flatMap(optRole -> {
if (optRole.isEmpty()) {
return Result.failure(new UserError.RoleNotFound(cmd.roleName()));
}
Role role = optRole.get();
return user.removeRole(role)
.flatMap(updated -> userRepository.save(updated)
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.map(ignored -> {
auditLogger.log(AuditEvent.ROLE_REMOVED, updated.id().value(), "Role: " + role.name(), performedBy);
return UserDTO.from(updated);
}));
});
}
return Result.success(UserDTO.from(user)); private Result<UserError, User> findUser(UserId userId) {
return userRepository.findById(userId)
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.flatMap(opt -> opt
.map(Result::<UserError, User>success)
.orElse(Result.failure(new UserError.UserNotFound(userId))));
} }
} }

54
backend/src/main/java/de/effigenix/application/usermanagement/UnlockUser.java
View file

@ -1,16 +1,13 @@
package de.effigenix.application.usermanagement; package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.UnlockUserCommand;
import de.effigenix.application.usermanagement.dto.UserDTO; import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*; import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.RepositoryError;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.Optional;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: Unlock a user account (allow login). * Use Case: Unlock a user account (allow login).
*/ */
@ -19,36 +16,41 @@ public class UnlockUser {
private final UserRepository userRepository; private final UserRepository userRepository;
private final AuditLogger auditLogger; private final AuditLogger auditLogger;
private final AuthorizationPort authPort;
public UnlockUser(UserRepository userRepository, AuditLogger auditLogger) { public UnlockUser(UserRepository userRepository, AuditLogger auditLogger, AuthorizationPort authPort) {
this.userRepository = userRepository; this.userRepository = userRepository;
this.auditLogger = auditLogger; this.auditLogger = auditLogger;
this.authPort = authPort;
} }
public Result<UserError, UserDTO> execute(String userIdValue, ActorId performedBy) { public Result<UserError, UserDTO> execute(UnlockUserCommand cmd, ActorId performedBy) {
UserId userId = UserId.of(userIdValue); // 0. Authorization
User user; if (!authPort.can(performedBy, UserManagementAction.USER_UNLOCK)) {
switch (userRepository.findById(userId)) { return Result.failure(new UserError.Unauthorized("Not authorized to unlock users"));
case Failure<RepositoryError, Optional<User>> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Optional<User>> s -> {
if (s.value().isEmpty()) {
return Result.failure(new UserError.UserNotFound(userId));
}
user = s.value().get();
}
} }
user.unlock(); // 1. Input validation
if (cmd.userId() == null || cmd.userId().isBlank()) {
switch (userRepository.save(user)) { return Result.failure(new UserError.InvalidInput("User ID must not be blank"));
case Failure<RepositoryError, Void> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Void> ignored -> { }
} }
auditLogger.log(AuditEvent.USER_UNLOCKED, user.id().value(), performedBy); UserId userId = UserId.of(cmd.userId());
return findUser(userId)
.flatMap(User::unlock)
.flatMap(updated -> userRepository.save(updated)
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.map(ignored -> {
auditLogger.log(AuditEvent.USER_UNLOCKED, updated.id().value(), performedBy);
return UserDTO.from(updated);
}));
}
return Result.success(UserDTO.from(user)); private Result<UserError, User> findUser(UserId userId) {
return userRepository.findById(userId)
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
.flatMap(opt -> opt
.map(Result::<UserError, User>success)
.orElse(Result.failure(new UserError.UserNotFound(userId))));
} }
} }

76
backend/src/main/java/de/effigenix/application/usermanagement/UpdateUser.java
View file

@ -3,15 +3,11 @@ package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.UpdateUserCommand; import de.effigenix.application.usermanagement.command.UpdateUserCommand;
import de.effigenix.application.usermanagement.dto.UserDTO; import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*; import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.RepositoryError;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.Optional;
import static de.effigenix.shared.common.Result.*;
/** /**
* Use Case: Update user details (email, branch). * Use Case: Update user details (email, branch).
*/ */
@ -20,61 +16,57 @@ public class UpdateUser {
private final UserRepository userRepository; private final UserRepository userRepository;
private final AuditLogger auditLogger; private final AuditLogger auditLogger;
private final AuthorizationPort authPort;
public UpdateUser(UserRepository userRepository, AuditLogger auditLogger) { public UpdateUser(UserRepository userRepository, AuditLogger auditLogger, AuthorizationPort authPort) {
this.userRepository = userRepository; this.userRepository = userRepository;
this.auditLogger = auditLogger; this.auditLogger = auditLogger;
this.authPort = authPort;
} }
public Result<UserError, UserDTO> execute(UpdateUserCommand cmd, ActorId performedBy) { public Result<UserError, UserDTO> execute(UpdateUserCommand cmd, ActorId performedBy) {
// 1. Find user // 0. Authorization
UserId userId = UserId.of(cmd.userId()); if (!authPort.can(performedBy, UserManagementAction.USER_UPDATE)) {
User user; return Result.failure(new UserError.Unauthorized("Not authorized to update users"));
switch (userRepository.findById(userId)) {
case Failure<RepositoryError, Optional<User>> f ->
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); }
case Success<RepositoryError, Optional<User>> s -> {
if (s.value().isEmpty()) {
return Result.failure(new UserError.UserNotFound(userId));
}
user = s.value().get();
}
} }
// 2. Update email if provided UserId userId = UserId.of(cmd.userId());
return findUser(userId).flatMap(user -> updateUser(user, cmd, performedBy));
}
private Result<UserError, UserDTO> updateUser(User user, UpdateUserCommand cmd, ActorId performedBy) {
Result<UserError, User> current = Result.success(user);
// Update email if provided
if (cmd.email() != null && !cmd.email().equals(user.email())) { if (cmd.email() != null && !cmd.email().equals(user.email())) {
// Check email uniqueness // Check email uniqueness
switch (userRepository.existsByEmail(cmd.email())) { var emailExists = userRepository.existsByEmail(cmd.email())
case Failure<RepositoryError, Boolean> f -> .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()));
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); } if (emailExists.isFailure()) return Result.failure(emailExists.unsafeGetError());
case Success<RepositoryError, Boolean> s -> { if (emailExists.unsafeGetValue()) {
if (s.value()) {
return Result.failure(new UserError.EmailAlreadyExists(cmd.email())); return Result.failure(new UserError.EmailAlreadyExists(cmd.email()));
} }
} current = current.flatMap(u -> u.updateEmail(cmd.email()));
} }
switch (user.updateEmail(cmd.email())) { // Update branch if provided
case Failure<UserError, Void> f -> { return Result.failure(f.error()); }
case Success<UserError, Void> ignored -> { }
}
}
// 3. Update branch if provided
if (cmd.branchId() != null && !cmd.branchId().equals(user.branchId())) { if (cmd.branchId() != null && !cmd.branchId().equals(user.branchId())) {
user.updateBranch(cmd.branchId()); current = current.flatMap(u -> u.updateBranch(cmd.branchId()));
} }
// 4. Save return current.flatMap(updated -> userRepository.save(updated)
switch (userRepository.save(user)) { .mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
case Failure<RepositoryError, Void> f -> .map(ignored -> {
{ return Result.failure(new UserError.RepositoryFailure(f.error().message())); } auditLogger.log(AuditEvent.USER_UPDATED, updated.id().value(), performedBy);
case Success<RepositoryError, Void> ignored -> { } return UserDTO.from(updated);
}));
} }
// 5. Audit log private Result<UserError, User> findUser(UserId userId) {
auditLogger.log(AuditEvent.USER_UPDATED, user.id().value(), performedBy); return userRepository.findById(userId)
.mapError(err -> (UserError) new UserError.RepositoryFailure(err.message()))
return Result.success(UserDTO.from(user)); .flatMap(opt -> opt
.map(Result::<UserError, User>success)
.orElse(Result.failure(new UserError.UserNotFound(userId))));
} }
} }

9
backend/src/main/java/de/effigenix/application/usermanagement/command/LockUserCommand.java Normal file
View file

@ -0,0 +1,9 @@
package de.effigenix.application.usermanagement.command;
/**
* Command for locking a user account.
*/
public record LockUserCommand(
String userId
) {
}

12
backend/src/main/java/de/effigenix/application/usermanagement/command/RemoveRoleCommand.java Normal file
View file

@ -0,0 +1,12 @@
package de.effigenix.application.usermanagement.command;
import de.effigenix.domain.usermanagement.RoleName;
/**
* Command for removing a role from a user.
*/
public record RemoveRoleCommand(
String userId,
RoleName roleName
) {
}

9
backend/src/main/java/de/effigenix/application/usermanagement/command/UnlockUserCommand.java Normal file
View file

@ -0,0 +1,9 @@
package de.effigenix.application.usermanagement.command;
/**
* Command for unlocking a user account.
*/
public record UnlockUserCommand(
String userId
) {
}

33
backend/src/main/java/de/effigenix/domain/usermanagement/Role.java
View file

@ -11,14 +11,15 @@ import java.util.Set;
* *
* Roles are predefined and loaded from seed data. * Roles are predefined and loaded from seed data.
* Each Role has a set of Permissions that grant access to specific actions. * Each Role has a set of Permissions that grant access to specific actions.
* Immutable: all business methods return new instances via Result.
* *
* Invariant: id is non-null, name is non-null * Invariant: id is non-null, name is non-null
*/ */
public class Role { public class Role {
private final RoleId id; private final RoleId id;
private final RoleName name; private final RoleName name;
private Set<Permission> permissions; private final Set<Permission> permissions;
private String description; private final String description;
private Role( private Role(
RoleId id, RoleId id,
@ -28,7 +29,7 @@ public class Role {
) { ) {
this.id = id; this.id = id;
this.name = name; this.name = name;
this.permissions = permissions != null ? new HashSet<>(permissions) : new HashSet<>(); this.permissions = permissions != null ? Set.copyOf(permissions) : Set.of();
this.description = description; this.description = description;
} }
@ -63,24 +64,32 @@ public class Role {
return new Role(id, name, permissions, description); return new Role(id, name, permissions, description);
} }
// ==================== Business Methods ==================== // ==================== Business Methods (Wither-Pattern) ====================
public Result<UserError, Void> addPermission(Permission permission) { public Result<UserError, Role> addPermission(Permission permission) {
if (permission == null) { if (permission == null) {
return Result.failure(new UserError.NullRole()); return Result.failure(new UserError.NullPermission());
} }
this.permissions.add(permission); Set<Permission> newPermissions = new HashSet<>(permissions);
return Result.success(null); newPermissions.add(permission);
return Result.success(new Role(id, name, newPermissions, description));
} }
public void removePermission(Permission permission) { public Result<UserError, Role> removePermission(Permission permission) {
this.permissions.remove(permission); if (permission == null) {
return Result.failure(new UserError.NullPermission());
}
Set<Permission> newPermissions = new HashSet<>(permissions);
newPermissions.remove(permission);
return Result.success(new Role(id, name, newPermissions, description));
} }
public void updateDescription(String newDescription) { public Result<UserError, Role> updateDescription(String newDescription) {
this.description = newDescription; return Result.success(new Role(id, name, permissions, newDescription));
} }
// ==================== Query Methods ====================
public boolean hasPermission(Permission permission) { public boolean hasPermission(Permission permission) {
return permissions.contains(permission); return permissions.contains(permission);
} }

95
backend/src/main/java/de/effigenix/domain/usermanagement/User.java
View file

@ -11,24 +11,31 @@ import java.util.Set;
* User Entity (Simple Entity, NOT an Aggregate). * User Entity (Simple Entity, NOT an Aggregate).
* *
* Generic Subdomain Minimal DDD: * Generic Subdomain Minimal DDD:
* - Immutable: All business methods return new instances via Result
* - Validation via Result type in factory method * - Validation via Result type in factory method
* - NO complex business logic * - Status transition guards enforce valid state machine
* - NO domain events * - NO domain events
* *
* Invariant: username is non-blank, email is valid, passwordHash is non-null, status is non-null * Invariant: username is non-blank, email is valid, passwordHash is non-null, status is non-null
* Uniqueness (username, email) is enforced in the Application Layer (repository concern)
*
* Status transitions:
* - ACTIVE LOCKED (lock)
* - LOCKED ACTIVE (unlock)
* - ACTIVE | LOCKED INACTIVE (deactivate)
* - INACTIVE ACTIVE (activate)
*/ */
public class User { public class User {
private final UserId id; private final UserId id;
private String username; private final String username;
private String email; private final String email;
private PasswordHash passwordHash; private final PasswordHash passwordHash;
private Set<Role> roles; private final Set<Role> roles;
private String branchId; private final String branchId;
private UserStatus status; private final UserStatus status;
private LocalDateTime createdAt; private final LocalDateTime createdAt;
private LocalDateTime lastLogin; private final LocalDateTime lastLogin;
// Invariant: all fields validated via create() or reconstitute()
private User( private User(
UserId id, UserId id,
String username, String username,
@ -44,7 +51,7 @@ public class User {
this.username = username; this.username = username;
this.email = email; this.email = email;
this.passwordHash = passwordHash; this.passwordHash = passwordHash;
this.roles = roles != null ? new HashSet<>(roles) : new HashSet<>(); this.roles = roles != null ? Set.copyOf(roles) : Set.of();
this.branchId = branchId; this.branchId = branchId;
this.status = status; this.status = status;
this.createdAt = createdAt != null ? createdAt : LocalDateTime.now(); this.createdAt = createdAt != null ? createdAt : LocalDateTime.now();
@ -101,63 +108,81 @@ public class User {
return new User(id, username, email, passwordHash, roles, branchId, status, createdAt, lastLogin); return new User(id, username, email, passwordHash, roles, branchId, status, createdAt, lastLogin);
} }
// ==================== Business Methods ==================== // ==================== Business Methods (Wither-Pattern) ====================
public void updateLastLogin(LocalDateTime timestamp) { public Result<UserError, User> withLastLogin(LocalDateTime timestamp) {
this.lastLogin = timestamp; return Result.success(new User(id, username, email, passwordHash, roles, branchId, status, createdAt, timestamp));
} }
public Result<UserError, Void> changePassword(PasswordHash newPasswordHash) { public Result<UserError, User> changePassword(PasswordHash newPasswordHash) {
if (newPasswordHash == null) { if (newPasswordHash == null) {
return Result.failure(new UserError.NullPasswordHash()); return Result.failure(new UserError.NullPasswordHash());
} }
this.passwordHash = newPasswordHash; return Result.success(new User(id, username, email, newPasswordHash, roles, branchId, status, createdAt, lastLogin));
return Result.success(null);
} }
public void lock() { public Result<UserError, User> lock() {
this.status = UserStatus.LOCKED; if (status != UserStatus.ACTIVE) {
return Result.failure(new UserError.InvalidStatusTransition(status, UserStatus.LOCKED));
}
return Result.success(new User(id, username, email, passwordHash, roles, branchId, UserStatus.LOCKED, createdAt, lastLogin));
} }
public void unlock() { public Result<UserError, User> unlock() {
this.status = UserStatus.ACTIVE; if (status != UserStatus.LOCKED) {
return Result.failure(new UserError.InvalidStatusTransition(status, UserStatus.ACTIVE));
}
return Result.success(new User(id, username, email, passwordHash, roles, branchId, UserStatus.ACTIVE, createdAt, lastLogin));
} }
public void deactivate() { public Result<UserError, User> deactivate() {
this.status = UserStatus.INACTIVE; if (status != UserStatus.ACTIVE && status != UserStatus.LOCKED) {
return Result.failure(new UserError.InvalidStatusTransition(status, UserStatus.INACTIVE));
}
return Result.success(new User(id, username, email, passwordHash, roles, branchId, UserStatus.INACTIVE, createdAt, lastLogin));
} }
public void activate() { public Result<UserError, User> activate() {
this.status = UserStatus.ACTIVE; if (status != UserStatus.INACTIVE) {
return Result.failure(new UserError.InvalidStatusTransition(status, UserStatus.ACTIVE));
}
return Result.success(new User(id, username, email, passwordHash, roles, branchId, UserStatus.ACTIVE, createdAt, lastLogin));
} }
public Result<UserError, Void> assignRole(Role role) { public Result<UserError, User> assignRole(Role role) {
if (role == null) { if (role == null) {
return Result.failure(new UserError.NullRole()); return Result.failure(new UserError.NullRole());
} }
this.roles.add(role); Set<Role> newRoles = new HashSet<>(roles);
return Result.success(null); newRoles.add(role);
return Result.success(new User(id, username, email, passwordHash, newRoles, branchId, status, createdAt, lastLogin));
} }
public void removeRole(Role role) { public Result<UserError, User> removeRole(Role role) {
this.roles.remove(role); if (role == null) {
return Result.failure(new UserError.NullRole());
}
Set<Role> newRoles = new HashSet<>(roles);
newRoles.remove(role);
return Result.success(new User(id, username, email, passwordHash, newRoles, branchId, status, createdAt, lastLogin));
} }
public Result<UserError, Void> updateEmail(String newEmail) { public Result<UserError, User> updateEmail(String newEmail) {
if (newEmail == null || newEmail.isBlank()) { if (newEmail == null || newEmail.isBlank()) {
return Result.failure(new UserError.InvalidEmail("null or empty")); return Result.failure(new UserError.InvalidEmail("null or empty"));
} }
if (!isValidEmail(newEmail)) { if (!isValidEmail(newEmail)) {
return Result.failure(new UserError.InvalidEmail(newEmail)); return Result.failure(new UserError.InvalidEmail(newEmail));
} }
this.email = newEmail; return Result.success(new User(id, username, newEmail, passwordHash, roles, branchId, status, createdAt, lastLogin));
return Result.success(null);
} }
public void updateBranch(String newBranchId) { public Result<UserError, User> updateBranch(String newBranchId) {
this.branchId = newBranchId; return Result.success(new User(id, username, email, passwordHash, roles, newBranchId, status, createdAt, lastLogin));
} }
// ==================== Query Methods ====================
public boolean isActive() { public boolean isActive() {
return status == UserStatus.ACTIVE; return status == UserStatus.ACTIVE;
} }

14
backend/src/main/java/de/effigenix/domain/usermanagement/UserError.java
View file

@ -73,6 +73,20 @@ public sealed interface UserError {
@Override public String message() { return "Role cannot be null"; } @Override public String message() { return "Role cannot be null"; }
} }
record NullPermission() implements UserError {
@Override public String code() { return "USER_NULL_PERMISSION"; }
@Override public String message() { return "Permission cannot be null"; }
}
record InvalidStatusTransition(UserStatus from, UserStatus to) implements UserError {
@Override public String code() { return "USER_INVALID_STATUS_TRANSITION"; }
@Override public String message() { return "Invalid status transition from " + from + " to " + to; }
}
record InvalidInput(String message) implements UserError {
@Override public String code() { return "INVALID_INPUT"; }
}
record RepositoryFailure(String message) implements UserError { record RepositoryFailure(String message) implements UserError {
@Override public String code() { return "REPOSITORY_ERROR"; } @Override public String code() { return "REPOSITORY_ERROR"; }
} }

19
backend/src/main/java/de/effigenix/domain/usermanagement/UserManagementAction.java Normal file
View file

@ -0,0 +1,19 @@
package de.effigenix.domain.usermanagement;
import de.effigenix.shared.security.Action;
/**
* Domain actions for the User Management Bounded Context.
* Used with AuthorizationPort for type-safe authorization checks.
*/
public enum UserManagementAction implements Action {
USER_CREATE,
USER_UPDATE,
USER_LOCK,
USER_UNLOCK,
USER_VIEW,
USER_LIST,
ROLE_ASSIGN,
ROLE_REMOVE,
PASSWORD_CHANGE
}

44
backend/src/main/java/de/effigenix/infrastructure/config/UseCaseConfiguration.java
View file

@ -3,6 +3,7 @@ package de.effigenix.infrastructure.config;
import de.effigenix.application.usermanagement.*; import de.effigenix.application.usermanagement.*;
import de.effigenix.domain.usermanagement.RoleRepository; import de.effigenix.domain.usermanagement.RoleRepository;
import de.effigenix.domain.usermanagement.UserRepository; import de.effigenix.domain.usermanagement.UserRepository;
import de.effigenix.shared.security.AuthorizationPort;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
@ -20,9 +21,10 @@ public class UseCaseConfiguration {
UserRepository userRepository, UserRepository userRepository,
RoleRepository roleRepository, RoleRepository roleRepository,
PasswordHasher passwordHasher, PasswordHasher passwordHasher,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
return new CreateUser(userRepository, roleRepository, passwordHasher, auditLogger); return new CreateUser(userRepository, roleRepository, passwordHasher, auditLogger, authPort);
} }
@Bean @Bean
@ -39,60 +41,66 @@ public class UseCaseConfiguration {
public ChangePassword changePassword( public ChangePassword changePassword(
UserRepository userRepository, UserRepository userRepository,
PasswordHasher passwordHasher, PasswordHasher passwordHasher,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
return new ChangePassword(userRepository, passwordHasher, auditLogger); return new ChangePassword(userRepository, passwordHasher, auditLogger, authPort);
} }
@Bean @Bean
public UpdateUser updateUser( public UpdateUser updateUser(
UserRepository userRepository, UserRepository userRepository,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
return new UpdateUser(userRepository, auditLogger); return new UpdateUser(userRepository, auditLogger, authPort);
} }
@Bean @Bean
public AssignRole assignRole( public AssignRole assignRole(
UserRepository userRepository, UserRepository userRepository,
RoleRepository roleRepository, RoleRepository roleRepository,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
return new AssignRole(userRepository, roleRepository, auditLogger); return new AssignRole(userRepository, roleRepository, auditLogger, authPort);
} }
@Bean @Bean
public RemoveRole removeRole( public RemoveRole removeRole(
UserRepository userRepository, UserRepository userRepository,
RoleRepository roleRepository, RoleRepository roleRepository,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
return new RemoveRole(userRepository, roleRepository, auditLogger); return new RemoveRole(userRepository, roleRepository, auditLogger, authPort);
} }
@Bean @Bean
public LockUser lockUser( public LockUser lockUser(
UserRepository userRepository, UserRepository userRepository,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
return new LockUser(userRepository, auditLogger); return new LockUser(userRepository, auditLogger, authPort);
} }
@Bean @Bean
public UnlockUser unlockUser( public UnlockUser unlockUser(
UserRepository userRepository, UserRepository userRepository,
AuditLogger auditLogger AuditLogger auditLogger,
AuthorizationPort authPort
) { ) {
return new UnlockUser(userRepository, auditLogger); return new UnlockUser(userRepository, auditLogger, authPort);
} }
@Bean @Bean
public GetUser getUser(UserRepository userRepository) { public GetUser getUser(UserRepository userRepository, AuthorizationPort authPort) {
return new GetUser(userRepository); return new GetUser(userRepository, authPort);
} }
@Bean @Bean
public ListUsers listUsers(UserRepository userRepository) { public ListUsers listUsers(UserRepository userRepository, AuthorizationPort authPort) {
return new ListUsers(userRepository); return new ListUsers(userRepository, authPort);
} }
} }

17
backend/src/main/java/de/effigenix/infrastructure/security/ActionToPermissionMapper.java
View file

@ -8,6 +8,7 @@ import de.effigenix.domain.production.ProductionAction;
import de.effigenix.domain.quality.QualityAction; import de.effigenix.domain.quality.QualityAction;
import de.effigenix.domain.sales.SalesAction; import de.effigenix.domain.sales.SalesAction;
import de.effigenix.domain.usermanagement.Permission; import de.effigenix.domain.usermanagement.Permission;
import de.effigenix.domain.usermanagement.UserManagementAction;
import de.effigenix.shared.security.Action; import de.effigenix.shared.security.Action;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@ -71,6 +72,8 @@ public class ActionToPermissionMapper {
return mapLabelingAction(labelingAction); return mapLabelingAction(labelingAction);
} else if (action instanceof FilialesAction filialesAction) { } else if (action instanceof FilialesAction filialesAction) {
return mapFilialesAction(filialesAction); return mapFilialesAction(filialesAction);
} else if (action instanceof UserManagementAction userMgmtAction) {
return mapUserManagementAction(userMgmtAction);
} else { } else {
throw new IllegalArgumentException("Unknown action type: " + action.getClass().getName()); throw new IllegalArgumentException("Unknown action type: " + action.getClass().getName());
} }
@ -157,4 +160,18 @@ public class ActionToPermissionMapper {
case BRANCH_DELETE -> Permission.BRANCH_DELETE; case BRANCH_DELETE -> Permission.BRANCH_DELETE;
}; };
} }
private Permission mapUserManagementAction(UserManagementAction action) {
return switch (action) {
case USER_CREATE -> Permission.USER_WRITE;
case USER_UPDATE -> Permission.USER_WRITE;
case USER_LOCK -> Permission.USER_LOCK;
case USER_UNLOCK -> Permission.USER_UNLOCK;
case USER_VIEW -> Permission.USER_READ;
case USER_LIST -> Permission.USER_READ;
case ROLE_ASSIGN -> Permission.ROLE_ASSIGN;
case ROLE_REMOVE -> Permission.ROLE_REMOVE;
case PASSWORD_CHANGE -> Permission.USER_WRITE;
};
}
} }

140
backend/src/main/java/de/effigenix/infrastructure/security/JwtSessionManager.java
View file

@ -4,122 +4,65 @@ import de.effigenix.application.usermanagement.SessionManager;
import de.effigenix.application.usermanagement.dto.SessionToken; import de.effigenix.application.usermanagement.dto.SessionToken;
import de.effigenix.domain.usermanagement.User; import de.effigenix.domain.usermanagement.User;
import de.effigenix.domain.usermanagement.UserId; import de.effigenix.domain.usermanagement.UserId;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtException; import io.jsonwebtoken.JwtException;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import java.util.Set; import java.time.Instant;
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
/** /**
* JWT-based Session Manager implementation. * JWT-based Session Manager implementation.
* *
* Implements the SessionManager port from Application Layer using JWT tokens.
* Stateless session management - no server-side session storage.
*
* Token Invalidation: * Token Invalidation:
* - Access tokens are stateless (cannot be truly invalidated) * - Uses in-memory blacklist with TTL (token expiration time)
* - For MVP: Use in-memory blacklist for logged-out tokens * - Expired tokens are automatically cleaned up every 5 minutes
* - For Production: Consider Redis-based blacklist or short token expiration * - For production: consider Redis-based blacklist
*
* Refresh Tokens:
* - For MVP: Simple refresh token validation
* - For Production: Consider refresh token rotation and family tracking
*
* Infrastructure Layer Implements Application Layer port
*/ */
@Service @Service
public class JwtSessionManager implements SessionManager { public class JwtSessionManager implements SessionManager {
private final JwtTokenProvider tokenProvider; private final JwtTokenProvider tokenProvider;
// In-memory token blacklist (for MVP - replace with Redis in production) // Token expiration instant (for TTL-based cleanup)
private final Set<String> tokenBlacklist = ConcurrentHashMap.newKeySet(); private final ConcurrentHashMap<String, Instant> tokenBlacklist = new ConcurrentHashMap<>();
public JwtSessionManager(JwtTokenProvider tokenProvider) { public JwtSessionManager(JwtTokenProvider tokenProvider) {
this.tokenProvider = tokenProvider; this.tokenProvider = tokenProvider;
} }
/**
* Creates a new session (JWT token) for a user.
*
* Generates both access and refresh tokens:
* - Access token: Short-lived (8h), contains user info and permissions
* - Refresh token: Long-lived (7d), used to obtain new access tokens
*
* @param user User to create session for
* @return Session token (access token + refresh token)
*/
@Override @Override
public SessionToken createSession(User user) { public SessionToken createSession(User user) {
if (user == null) { if (user == null) {
throw new IllegalArgumentException("User cannot be null"); throw new IllegalArgumentException("User cannot be null");
} }
// Generate access token with user information and permissions
String accessToken = tokenProvider.generateAccessToken( String accessToken = tokenProvider.generateAccessToken(
user.id(), user.id(), user.username(), user.getAllPermissions(), user.branchId()
user.username(),
user.getAllPermissions(),
user.branchId()
); );
// Generate refresh token for session renewal
String refreshToken = tokenProvider.generateRefreshToken(user.id()); String refreshToken = tokenProvider.generateRefreshToken(user.id());
return SessionToken.create( return SessionToken.create(accessToken, tokenProvider.getAccessTokenExpiration(), refreshToken);
accessToken,
tokenProvider.getAccessTokenExpiration(),
refreshToken
);
} }
/**
* Validates a JWT token and extracts the user ID.
*
* Checks:
* 1. Token signature is valid
* 2. Token is not expired
* 3. Token is not blacklisted (logged out)
*
* @param token JWT access token
* @return UserId if valid
* @throws RuntimeException if token is invalid, expired, or blacklisted
*/
@Override @Override
public UserId validateToken(String token) { public UserId validateToken(String token) {
if (token == null || token.isBlank()) { if (token == null || token.isBlank()) {
throw new IllegalArgumentException("Token cannot be null or empty"); throw new IllegalArgumentException("Token cannot be null or empty");
} }
// Check if token is blacklisted (user logged out) if (tokenBlacklist.containsKey(token)) {
if (tokenBlacklist.contains(token)) {
throw new SecurityException("Token has been invalidated (user logged out)"); throw new SecurityException("Token has been invalidated (user logged out)");
} }
try { try {
// Validate token and extract userId
return tokenProvider.extractUserId(token); return tokenProvider.extractUserId(token);
} catch (JwtException e) { } catch (JwtException e) {
throw new SecurityException("Invalid or expired JWT token: " + e.getMessage(), e); throw new SecurityException("Invalid or expired JWT token: " + e.getMessage(), e);
} }
} }
/**
* Refreshes an expired access token using a refresh token.
*
* Process:
* 1. Validate refresh token
* 2. Extract userId from refresh token
* 3. Load user from repository (not implemented here - done in Application Layer)
* 4. Generate new access token
*
* Note: This method only validates the refresh token and extracts userId.
* The Application Layer is responsible for loading the user and creating a new session.
*
* @param refreshToken Refresh token
* @return New session token
* @throws RuntimeException if refresh token is invalid or expired
*/
@Override @Override
public SessionToken refreshSession(String refreshToken) { public SessionToken refreshSession(String refreshToken) {
if (refreshToken == null || refreshToken.isBlank()) { if (refreshToken == null || refreshToken.isBlank()) {
@ -127,62 +70,53 @@ public class JwtSessionManager implements SessionManager {
} }
try { try {
// Validate refresh token and extract userId // Validate refresh token
UserId userId = tokenProvider.extractUserId(refreshToken); Claims claims = tokenProvider.validateToken(refreshToken);
String type = claims.get("type", String.class);
if (!"refresh".equals(type)) {
throw new SecurityException("Not a refresh token");
}
// NOTE: In a real implementation, we would: UserId userId = UserId.of(claims.getSubject());
// 1. Load the user from repository
// 2. Verify user is still active
// 3. Generate new access + refresh tokens
//
// For now, this is a placeholder that demonstrates the contract.
// The Application Layer service will handle the full flow.
// Note: full implementation with user loading should be done via a dedicated Use Case.
// This is the infrastructure-level token refresh.
throw new UnsupportedOperationException( throw new UnsupportedOperationException(
"Session refresh requires user loading from repository. " + "Session refresh requires user loading from repository. " +
"This should be implemented in the Application Layer service." "Use the RefreshSession use case instead."
); );
} catch (JwtException e) { } catch (JwtException e) {
throw new SecurityException("Invalid or expired refresh token: " + e.getMessage(), e); throw new SecurityException("Invalid or expired refresh token: " + e.getMessage(), e);
} }
} }
/**
* Invalidates a session (logout).
*
* Adds the token to the blacklist to prevent further use.
* Note: Blacklist is in-memory for MVP. For production, use Redis with TTL.
*
* @param token JWT access token to invalidate
*/
@Override @Override
public void invalidateSession(String token) { public void invalidateSession(String token) {
if (token != null && !token.isBlank()) { if (token != null && !token.isBlank()) {
tokenBlacklist.add(token); try {
Claims claims = tokenProvider.validateToken(token);
// TODO: In production, implement automatic cleanup of expired tokens from blacklist Instant expiration = claims.getExpiration().toInstant();
// Option 1: Use Redis with TTL (token expiration time) tokenBlacklist.put(token, expiration);
// Option 2: Background task to clean up expired tokens } catch (JwtException e) {
// Option 3: Use a time-based eviction cache (Caffeine, Guava) // Token is already invalid/expired, no need to blacklist
}
} }
} }
/** /**
* Checks if a token is blacklisted. * Scheduled cleanup of expired tokens from the blacklist.
* Useful for debugging and testing. * Runs every 5 minutes.
*
* @param token JWT access token
* @return true if token is blacklisted, false otherwise
*/ */
@Scheduled(fixedRate = 300_000)
public void cleanupExpiredTokens() {
Instant now = Instant.now();
tokenBlacklist.entrySet().removeIf(entry -> entry.getValue().isBefore(now));
}
public boolean isTokenBlacklisted(String token) { public boolean isTokenBlacklisted(String token) {
return tokenBlacklist.contains(token); return tokenBlacklist.containsKey(token);
} }
/**
* Clears the token blacklist.
* Useful for testing. DO NOT use in production!
*/
public void clearBlacklist() { public void clearBlacklist() {
tokenBlacklist.clear(); tokenBlacklist.clear();
} }

75
backend/src/main/java/de/effigenix/infrastructure/security/LoginRateLimiter.java Normal file
View file

@ -0,0 +1,75 @@
package de.effigenix.infrastructure.security;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.stereotype.Component;
import java.time.Instant;
import java.util.concurrent.ConcurrentHashMap;
/**
* In-memory rate limiter for login attempts.
* Prevents brute-force attacks by limiting failed login attempts per IP/username.
*
* Configuration:
* - Max 5 attempts per 15 minutes per key (IP or username)
* - Automatic cleanup of expired entries every 5 minutes
*
* For production: consider Redis-based rate limiting for distributed environments.
*/
@Component
public class LoginRateLimiter {
private static final int MAX_ATTEMPTS = 5;
private static final long WINDOW_MS = 15 * 60 * 1000L; // 15 minutes
private final ConcurrentHashMap<String, AttemptRecord> attempts = new ConcurrentHashMap<>();
/**
* Records a failed login attempt for the given key (e.g., IP address or username).
*/
public void recordFailedAttempt(String key) {
attempts.compute(key, (k, existing) -> {
Instant now = Instant.now();
if (existing == null || existing.windowStart.plusMillis(WINDOW_MS).isBefore(now)) {
return new AttemptRecord(now, 1);
}
return new AttemptRecord(existing.windowStart, existing.count + 1);
});
}
/**
* Checks if the given key is rate-limited (too many failed attempts).
*/
public boolean isRateLimited(String key) {
AttemptRecord record = attempts.get(key);
if (record == null) return false;
Instant now = Instant.now();
if (record.windowStart.plusMillis(WINDOW_MS).isBefore(now)) {
attempts.remove(key);
return false;
}
return record.count >= MAX_ATTEMPTS;
}
/**
* Resets the attempt counter for a key (e.g., after successful login).
*/
public void resetAttempts(String key) {
attempts.remove(key);
}
/**
* Scheduled cleanup of expired attempt records.
* Runs every 5 minutes.
*/
@Scheduled(fixedRate = 300_000)
public void cleanupExpiredEntries() {
Instant now = Instant.now();
attempts.entrySet().removeIf(entry ->
entry.getValue().windowStart.plusMillis(WINDOW_MS).isBefore(now));
}
private record AttemptRecord(Instant windowStart, int count) {}
}

85
backend/src/main/java/de/effigenix/infrastructure/security/SecurityConfig.java
View file

@ -1,8 +1,8 @@
package de.effigenix.infrastructure.security; package de.effigenix.infrastructure.security;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@ -12,6 +12,11 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.util.List;
/** /**
* Spring Security 6 Configuration for JWT-based authentication. * Spring Security 6 Configuration for JWT-based authentication.
@ -20,18 +25,7 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
* - Stateless: No server-side sessions (SessionCreationPolicy.STATELESS) * - Stateless: No server-side sessions (SessionCreationPolicy.STATELESS)
* - JWT-based: Authentication via JWT tokens in Authorization header * - JWT-based: Authentication via JWT tokens in Authorization header
* - BCrypt: Password hashing with strength 12 * - BCrypt: Password hashing with strength 12
* - Role-based: Authorization via permissions (not roles!) * - CORS: Configurable allowed origins
*
* Endpoint Security:
* - Public: /api/auth/login, /api/auth/refresh
* - Protected: All other /api/** endpoints require authentication
* - Swagger: /swagger-ui/**, /api-docs/** (public for development, restrict in production)
*
* Filter Chain:
* 1. JwtAuthenticationFilter: Validates JWT and sets Authentication in SecurityContext
* 2. Spring Security filters: Authorization checks based on permissions
*
* Infrastructure Layer Spring Security Configuration
*/ */
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
@ -42,6 +36,9 @@ public class SecurityConfig {
private final ApiAuthenticationEntryPoint authenticationEntryPoint; private final ApiAuthenticationEntryPoint authenticationEntryPoint;
private final ApiAccessDeniedHandler accessDeniedHandler; private final ApiAccessDeniedHandler accessDeniedHandler;
@Value("${effigenix.cors.allowed-origins:http://localhost:3000}")
private List<String> allowedOrigins;
public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter, public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter,
ApiAuthenticationEntryPoint authenticationEntryPoint, ApiAuthenticationEntryPoint authenticationEntryPoint,
ApiAccessDeniedHandler accessDeniedHandler) { ApiAccessDeniedHandler accessDeniedHandler) {
@ -50,81 +47,49 @@ public class SecurityConfig {
this.accessDeniedHandler = accessDeniedHandler; this.accessDeniedHandler = accessDeniedHandler;
} }
/**
* Configures the Spring Security filter chain.
*
* Security Configuration:
* - CSRF disabled (stateless JWT - no cookie-based sessions)
* - CORS configured (allows cross-origin requests)
* - Session management: STATELESS (no server-side sessions)
* - Authorization: Public endpoints vs protected endpoints
* - Exception handling: 401 Unauthorized for authentication failures
*
* @param http HttpSecurity builder
* @return Configured SecurityFilterChain
* @throws Exception if configuration fails
*/
@Bean @Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http http
// CSRF Protection: Disabled for stateless JWT authentication
// IMPORTANT: Enable CSRF for cookie-based sessions in production!
.csrf(AbstractHttpConfigurer::disable) .csrf(AbstractHttpConfigurer::disable)
// CORS Configuration: Allow cross-origin requests .cors(cors -> cors.configurationSource(corsConfigurationSource()))
// TODO: Configure specific origins in production (not allowAll)
.cors(AbstractHttpConfigurer::disable)
// Session Management: Stateless (no server-side sessions)
.sessionManagement(session -> .sessionManagement(session ->
session.sessionCreationPolicy(SessionCreationPolicy.STATELESS) session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
) )
// Authorization Rules
.authorizeHttpRequests(auth -> auth .authorizeHttpRequests(auth -> auth
// Public Endpoints: Authentication
.requestMatchers("/api/auth/login", "/api/auth/refresh").permitAll() .requestMatchers("/api/auth/login", "/api/auth/refresh").permitAll()
// Public Endpoints: Swagger/OpenAPI (restrict in production!)
.requestMatchers("/swagger-ui/**", "/api-docs/**", "/v3/api-docs/**").permitAll() .requestMatchers("/swagger-ui/**", "/api-docs/**", "/v3/api-docs/**").permitAll()
// Public Endpoints: Health check (for load balancers)
.requestMatchers("/actuator/health").permitAll() .requestMatchers("/actuator/health").permitAll()
// Protected Endpoints: All other /api/** endpoints require authentication
.requestMatchers("/api/**").authenticated() .requestMatchers("/api/**").authenticated()
// All other requests: Deny by default (secure by default)
.anyRequest().denyAll() .anyRequest().denyAll()
) )
// Exception Handling: Return 401/403 with consistent ErrorResponse format
.exceptionHandling(exception -> exception .exceptionHandling(exception -> exception
.authenticationEntryPoint(authenticationEntryPoint) .authenticationEntryPoint(authenticationEntryPoint)
.accessDeniedHandler(accessDeniedHandler) .accessDeniedHandler(accessDeniedHandler)
) )
// Add JWT Authentication Filter before Spring Security's authentication filters
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
return http.build(); return http.build();
} }
/** @Bean
* Password Encoder Bean: BCrypt with strength 12. public CorsConfigurationSource corsConfigurationSource() {
* CorsConfiguration configuration = new CorsConfiguration();
* BCrypt Properties: configuration.setAllowedOrigins(allowedOrigins);
* - Strength 12: ~250ms hashing time on modern hardware configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
* - 2^12 = 4,096 iterations configuration.setAllowedHeaders(List.of("Authorization", "Content-Type"));
* - Includes automatic salt generation configuration.setAllowCredentials(true);
* - Resistant to rainbow table and brute-force attacks configuration.setMaxAge(3600L);
*
* This bean is used by: UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
* - BCryptPasswordHasher (for password hashing) source.registerCorsConfiguration("/api/**", configuration);
* - Spring Security (for password verification in authentication) return source;
* }
* @return BCryptPasswordEncoder with strength 12
*/
@Bean @Bean
public PasswordEncoder passwordEncoder() { public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(12); return new BCryptPasswordEncoder(12);

219
backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/AuthController.java
View file

@ -5,6 +5,7 @@ import de.effigenix.application.usermanagement.SessionManager;
import de.effigenix.application.usermanagement.command.AuthenticateCommand; import de.effigenix.application.usermanagement.command.AuthenticateCommand;
import de.effigenix.application.usermanagement.dto.SessionToken; import de.effigenix.application.usermanagement.dto.SessionToken;
import de.effigenix.domain.usermanagement.UserError; import de.effigenix.domain.usermanagement.UserError;
import de.effigenix.infrastructure.security.LoginRateLimiter;
import de.effigenix.infrastructure.usermanagement.web.dto.LoginRequest; import de.effigenix.infrastructure.usermanagement.web.dto.LoginRequest;
import de.effigenix.infrastructure.usermanagement.web.dto.LoginResponse; import de.effigenix.infrastructure.usermanagement.web.dto.LoginResponse;
import de.effigenix.infrastructure.usermanagement.web.dto.RefreshTokenRequest; import de.effigenix.infrastructure.usermanagement.web.dto.RefreshTokenRequest;
@ -27,17 +28,9 @@ import org.springframework.web.bind.annotation.*;
/** /**
* REST Controller for Authentication endpoints. * REST Controller for Authentication endpoints.
* *
* Endpoints:
* - POST /api/auth/login - Login with username/password, returns JWT
* - POST /api/auth/logout - Logout (invalidate JWT)
* - POST /api/auth/refresh - Refresh access token using refresh token
*
* Security: * Security:
* - All endpoints are PUBLIC (configured in SecurityConfig) * - Rate limiting on login endpoint (max 5 attempts per 15min per IP)
* - No authentication required for login/refresh * - All auth endpoints are PUBLIC (configured in SecurityConfig)
* - Logout requires valid JWT token
*
* Infrastructure Layer REST API
*/ */
@RestController @RestController
@RequestMapping("/api/auth") @RequestMapping("/api/auth")
@ -48,118 +41,60 @@ public class AuthController {
private final AuthenticateUser authenticateUser; private final AuthenticateUser authenticateUser;
private final SessionManager sessionManager; private final SessionManager sessionManager;
private final LoginRateLimiter rateLimiter;
public AuthController( public AuthController(
AuthenticateUser authenticateUser, AuthenticateUser authenticateUser,
SessionManager sessionManager SessionManager sessionManager,
LoginRateLimiter rateLimiter
) { ) {
this.authenticateUser = authenticateUser; this.authenticateUser = authenticateUser;
this.sessionManager = sessionManager; this.sessionManager = sessionManager;
this.rateLimiter = rateLimiter;
} }
/**
* Login endpoint.
*
* Authenticates user with username and password.
* Returns JWT access token and refresh token on success.
*
* POST /api/auth/login
*
* Request Body:
* {
* "username": "admin",
* "password": "admin123"
* }
*
* Response (200 OK):
* {
* "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
* "tokenType": "Bearer",
* "expiresIn": 3600,
* "expiresAt": "2026-02-17T14:30:00",
* "refreshToken": "refresh-token-here"
* }
*
* Error Responses:
* - 401 Unauthorized: Invalid credentials, user locked, or user inactive
* - 400 Bad Request: Validation error (missing username/password)
*
* @param request Login request with username and password
* @return LoginResponse with JWT tokens
*/
@PostMapping("/login") @PostMapping("/login")
@Operation( @Operation(summary = "User login", description = "Authenticate user with username and password. Returns JWT tokens.")
summary = "User login",
description = "Authenticate user with username and password. Returns JWT access token and refresh token."
)
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(responseCode = "200", description = "Login successful",
responseCode = "200", content = @Content(schema = @Schema(implementation = LoginResponse.class))),
description = "Login successful", @ApiResponse(responseCode = "401", description = "Invalid credentials, user locked, or user inactive"),
content = @Content(schema = @Schema(implementation = LoginResponse.class)) @ApiResponse(responseCode = "429", description = "Too many login attempts")
),
@ApiResponse(
responseCode = "401",
description = "Invalid credentials, user locked, or user inactive"
),
@ApiResponse(
responseCode = "400",
description = "Validation error (missing username or password)"
)
}) })
public ResponseEntity<LoginResponse> login(@Valid @RequestBody LoginRequest request) { public ResponseEntity<LoginResponse> login(
@Valid @RequestBody LoginRequest request,
HttpServletRequest httpRequest
) {
String clientIp = getClientIp(httpRequest);
// Rate limiting check
if (rateLimiter.isRateLimited(clientIp)) {
logger.warn("Rate limited login attempt from IP: {}", clientIp);
throw new AuthenticationFailedException(new UserError.Unauthorized("Too many login attempts. Please try again later."));
}
logger.info("Login attempt for username: {}", request.username()); logger.info("Login attempt for username: {}", request.username());
// Execute authentication use case AuthenticateCommand command = new AuthenticateCommand(request.username(), request.password());
AuthenticateCommand command = new AuthenticateCommand(
request.username(),
request.password()
);
Result<UserError, SessionToken> result = authenticateUser.execute(command); Result<UserError, SessionToken> result = authenticateUser.execute(command);
// Handle result
if (result.isFailure()) { if (result.isFailure()) {
// Throw the domain error - will be handled by GlobalExceptionHandler rateLimiter.recordFailedAttempt(clientIp);
UserError error = result.unsafeGetError(); throw new AuthenticationFailedException(result.unsafeGetError());
throw new AuthenticationFailedException(error);
} }
rateLimiter.resetAttempts(clientIp);
SessionToken token = result.unsafeGetValue(); SessionToken token = result.unsafeGetValue();
logger.info("Login successful for username: {}", request.username()); logger.info("Login successful for username: {}", request.username());
return ResponseEntity.ok(LoginResponse.from(token)); return ResponseEntity.ok(LoginResponse.from(token));
} }
/**
* Logout endpoint.
*
* Invalidates the current JWT token.
* Client should also delete the token from local storage.
*
* POST /api/auth/logout
* Authorization: Bearer <access-token>
*
* Response (204 No Content):
* (empty body)
*
* @param authentication Current authentication (from JWT token)
* @return Empty response with 204 status
*/
@PostMapping("/logout") @PostMapping("/logout")
@Operation( @Operation(summary = "User logout", description = "Invalidate current JWT token.")
summary = "User logout",
description = "Invalidate current JWT token. Requires authentication."
)
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(responseCode = "204", description = "Logout successful"),
responseCode = "204", @ApiResponse(responseCode = "401", description = "Invalid or missing authentication token")
description = "Logout successful"
),
@ApiResponse(
responseCode = "401",
description = "Invalid or missing authentication token"
)
}) })
public ResponseEntity<Void> logout(HttpServletRequest request, Authentication authentication) { public ResponseEntity<Void> logout(HttpServletRequest request, Authentication authentication) {
String token = extractTokenFromRequest(request); String token = extractTokenFromRequest(request);
@ -172,6 +107,26 @@ public class AuthController {
return ResponseEntity.noContent().build(); return ResponseEntity.noContent().build();
} }
@PostMapping("/refresh")
@Operation(summary = "Refresh access token", description = "Refresh an expired access token using a valid refresh token.")
@ApiResponses({
@ApiResponse(responseCode = "200", description = "Token refresh successful",
content = @Content(schema = @Schema(implementation = LoginResponse.class))),
@ApiResponse(responseCode = "401", description = "Invalid or expired refresh token")
})
public ResponseEntity<LoginResponse> refresh(@Valid @RequestBody RefreshTokenRequest request) {
logger.info("Token refresh attempt");
try {
SessionToken token = sessionManager.refreshSession(request.refreshToken());
logger.info("Token refresh successful");
return ResponseEntity.ok(LoginResponse.from(token));
} catch (RuntimeException ex) {
logger.warn("Token refresh failed");
throw new AuthenticationFailedException(new UserError.InvalidCredentials());
}
}
private String extractTokenFromRequest(HttpServletRequest request) { private String extractTokenFromRequest(HttpServletRequest request) {
String authHeader = request.getHeader("Authorization"); String authHeader = request.getHeader("Authorization");
if (authHeader != null && authHeader.startsWith("Bearer ")) { if (authHeader != null && authHeader.startsWith("Bearer ")) {
@ -180,76 +135,14 @@ public class AuthController {
return null; return null;
} }
/** private String getClientIp(HttpServletRequest request) {
* Refresh token endpoint. String xForwardedFor = request.getHeader("X-Forwarded-For");
* if (xForwardedFor != null && !xForwardedFor.isBlank()) {
* Refreshes an expired access token using a valid refresh token. return xForwardedFor.split(",")[0].trim();
* Returns new JWT access token and refresh token.
*
* POST /api/auth/refresh
*
* Request Body:
* {
* "refreshToken": "refresh-token-here"
* }
*
* Response (200 OK):
* {
* "accessToken": "new-access-token",
* "tokenType": "Bearer",
* "expiresIn": 3600,
* "expiresAt": "2026-02-17T15:30:00",
* "refreshToken": "new-refresh-token"
* }
*
* Error Responses:
* - 401 Unauthorized: Invalid or expired refresh token
* - 400 Bad Request: Validation error (missing refresh token)
*
* @param request Refresh token request
* @return LoginResponse with new JWT tokens
*/
@PostMapping("/refresh")
@Operation(
summary = "Refresh access token",
description = "Refresh an expired access token using a valid refresh token. Returns new access token and refresh token."
)
@ApiResponses({
@ApiResponse(
responseCode = "200",
description = "Token refresh successful",
content = @Content(schema = @Schema(implementation = LoginResponse.class))
),
@ApiResponse(
responseCode = "401",
description = "Invalid or expired refresh token"
),
@ApiResponse(
responseCode = "400",
description = "Validation error (missing refresh token)"
)
})
public ResponseEntity<LoginResponse> refresh(@Valid @RequestBody RefreshTokenRequest request) {
logger.info("Token refresh attempt");
try {
SessionToken token = sessionManager.refreshSession(request.refreshToken());
logger.info("Token refresh successful");
return ResponseEntity.ok(LoginResponse.from(token));
} catch (RuntimeException ex) {
logger.warn("Token refresh failed: {}", ex.getMessage());
logger.trace("Token refresh exception details", ex);
throw new AuthenticationFailedException(
new UserError.InvalidCredentials()
);
} }
return request.getRemoteAddr();
} }
/**
* Custom runtime exception to wrap UserError for authentication failures.
* This allows the GlobalExceptionHandler to catch and convert it properly.
*/
public static class AuthenticationFailedException extends RuntimeException { public static class AuthenticationFailedException extends RuntimeException {
private final UserError error; private final UserError error;

494
backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/UserController.java
View file

@ -1,13 +1,9 @@
package de.effigenix.infrastructure.usermanagement.web.controller; package de.effigenix.infrastructure.usermanagement.web.controller;
import de.effigenix.application.usermanagement.*; import de.effigenix.application.usermanagement.*;
import de.effigenix.application.usermanagement.command.AssignRoleCommand; import de.effigenix.application.usermanagement.command.*;
import de.effigenix.application.usermanagement.command.ChangePasswordCommand;
import de.effigenix.application.usermanagement.command.CreateUserCommand;
import de.effigenix.application.usermanagement.command.UpdateUserCommand;
import de.effigenix.application.usermanagement.dto.UserDTO; import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.RoleName; import de.effigenix.domain.usermanagement.RoleName;
import de.effigenix.domain.usermanagement.User;
import de.effigenix.domain.usermanagement.UserError; import de.effigenix.domain.usermanagement.UserError;
import de.effigenix.infrastructure.usermanagement.web.dto.*; import de.effigenix.infrastructure.usermanagement.web.dto.*;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
@ -34,21 +30,9 @@ import java.util.List;
/** /**
* REST Controller for User Management endpoints. * REST Controller for User Management endpoints.
* *
* Endpoints:
* - POST /api/users - Create user (ADMIN only)
* - GET /api/users - List all users
* - GET /api/users/{id} - Get user by ID
* - PUT /api/users/{id} - Update user
* - POST /api/users/{id}/lock - Lock user (ADMIN only)
* - POST /api/users/{id}/unlock - Unlock user (ADMIN only)
* - POST /api/users/{id}/roles - Assign role (ADMIN only)
* - DELETE /api/users/{id}/roles/{roleName} - Remove role (ADMIN only)
* - PUT /api/users/{id}/password - Change password
*
* Security: * Security:
* - All endpoints require authentication (JWT token) * - All endpoints require authentication (JWT token)
* - ADMIN-only endpoints check for USER_MANAGEMENT permission * - @PreAuthorize as defense-in-depth (authorization also enforced in use cases)
* - Users can change their own password
* *
* Infrastructure Layer REST API * Infrastructure Layer REST API
*/ */
@ -92,54 +76,14 @@ public class UserController {
this.changePassword = changePassword; this.changePassword = changePassword;
} }
/**
* Create user endpoint.
*
* Creates a new user account with specified roles.
* Requires ADMIN permission (USER_MANAGEMENT).
*
* POST /api/users
* Authorization: Bearer <access-token>
*
* Request Body:
* {
* "username": "john.doe",
* "email": "john.doe@example.com",
* "password": "SecurePass123",
* "roleNames": ["USER", "MANAGER"],
* "branchId": "BRANCH-001"
* }
*
* Response (201 Created):
* {
* "id": "user-uuid",
* "username": "john.doe",
* "email": "john.doe@example.com",
* "roles": [...],
* "branchId": "BRANCH-001",
* "status": "ACTIVE",
* "createdAt": "2026-02-17T12:00:00",
* "lastLogin": null
* }
*
* @param request Create user request
* @param authentication Current authentication
* @return Created user DTO
*/
@PostMapping @PostMapping
@PreAuthorize("hasAuthority('USER_WRITE')") @PreAuthorize("hasAuthority('USER_WRITE')")
@Operation( @Operation(summary = "Create user (ADMIN only)", description = "Create a new user account with specified roles.")
summary = "Create user (ADMIN only)",
description = "Create a new user account with specified roles. Requires USER_MANAGEMENT permission."
)
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(responseCode = "201", description = "User created successfully",
responseCode = "201", content = @Content(schema = @Schema(implementation = UserDTO.class))),
description = "User created successfully",
content = @Content(schema = @Schema(implementation = UserDTO.class))
),
@ApiResponse(responseCode = "400", description = "Validation error or invalid password"), @ApiResponse(responseCode = "400", description = "Validation error or invalid password"),
@ApiResponse(responseCode = "403", description = "Missing USER_MANAGEMENT permission"), @ApiResponse(responseCode = "403", description = "Missing permission"),
@ApiResponse(responseCode = "409", description = "Username or email already exists") @ApiResponse(responseCode = "409", description = "Username or email already exists")
}) })
public ResponseEntity<UserDTO> createUser( public ResponseEntity<UserDTO> createUser(
@ -149,508 +93,202 @@ public class UserController {
ActorId actorId = extractActorId(authentication); ActorId actorId = extractActorId(authentication);
logger.info("Creating user: {} by actor: {}", request.username(), actorId.value()); logger.info("Creating user: {} by actor: {}", request.username(), actorId.value());
// Note: Authorization is checked via @PreAuthorize annotation
// No need for additional manual authorization check here
// Execute use case
CreateUserCommand command = new CreateUserCommand( CreateUserCommand command = new CreateUserCommand(
request.username(), request.username(), request.email(), request.password(),
request.email(), request.roleNames(), request.branchId()
request.password(),
request.roleNames(),
request.branchId()
); );
Result<UserError, UserDTO> result = createUser.execute(command, actorId); Result<UserError, UserDTO> result = createUser.execute(command, actorId);
if (result.isFailure()) throw new DomainErrorException(result.unsafeGetError());
if (result.isFailure()) {
throw new DomainErrorException(result.unsafeGetError());
}
logger.info("User created successfully: {}", request.username()); logger.info("User created successfully: {}", request.username());
return ResponseEntity.status(HttpStatus.CREATED).body(result.unsafeGetValue()); return ResponseEntity.status(HttpStatus.CREATED).body(result.unsafeGetValue());
} }
/**
* List users endpoint.
*
* Lists all users in the system.
* Returns simplified user information.
*
* GET /api/users
* Authorization: Bearer <access-token>
*
* Response (200 OK):
* [
* {
* "id": "user-uuid",
* "username": "john.doe",
* "email": "john.doe@example.com",
* "roles": [...],
* "branchId": "BRANCH-001",
* "status": "ACTIVE",
* "createdAt": "2026-02-17T12:00:00",
* "lastLogin": "2026-02-17T14:30:00"
* }
* ]
*
* @param authentication Current authentication
* @return List of user DTOs
*/
@GetMapping @GetMapping
@Operation( @Operation(summary = "List all users", description = "Get a list of all users in the system.")
summary = "List all users",
description = "Get a list of all users in the system. Requires authentication."
)
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(responseCode = "200", description = "Users retrieved successfully"),
responseCode = "200",
description = "Users retrieved successfully",
content = @Content(schema = @Schema(implementation = UserDTO.class))
),
@ApiResponse(responseCode = "401", description = "Authentication required") @ApiResponse(responseCode = "401", description = "Authentication required")
}) })
public ResponseEntity<List<UserDTO>> listUsers(Authentication authentication) { public ResponseEntity<List<UserDTO>> listUsers(Authentication authentication) {
ActorId actorId = extractActorId(authentication); ActorId actorId = extractActorId(authentication);
logger.info("Listing users by actor: {}", actorId.value()); logger.info("Listing users by actor: {}", actorId.value());
Result<UserError, List<UserDTO>> result = listUsers.execute(); Result<UserError, List<UserDTO>> result = listUsers.execute(actorId);
if (result.isFailure()) throw new DomainErrorException(result.unsafeGetError());
if (result.isFailure()) {
throw new DomainErrorException(result.unsafeGetError());
}
return ResponseEntity.ok(result.unsafeGetValue()); return ResponseEntity.ok(result.unsafeGetValue());
} }
/**
* Get user by ID endpoint.
*
* Retrieves a single user by their ID.
*
* GET /api/users/{id}
* Authorization: Bearer <access-token>
*
* Response (200 OK):
* {
* "id": "user-uuid",
* "username": "john.doe",
* "email": "john.doe@example.com",
* "roles": [...],
* "branchId": "BRANCH-001",
* "status": "ACTIVE",
* "createdAt": "2026-02-17T12:00:00",
* "lastLogin": "2026-02-17T14:30:00"
* }
*
* @param userId User ID
* @param authentication Current authentication
* @return User DTO
*/
@GetMapping("/{id}") @GetMapping("/{id}")
@Operation( @Operation(summary = "Get user by ID", description = "Retrieve a single user by their ID.")
summary = "Get user by ID",
description = "Retrieve a single user by their ID. Requires authentication."
)
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(responseCode = "200", description = "User retrieved successfully",
responseCode = "200", content = @Content(schema = @Schema(implementation = UserDTO.class))),
description = "User retrieved successfully",
content = @Content(schema = @Schema(implementation = UserDTO.class))
),
@ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "404", description = "User not found"),
@ApiResponse(responseCode = "401", description = "Authentication required") @ApiResponse(responseCode = "401", description = "Authentication required")
}) })
public ResponseEntity<UserDTO> getUserById( public ResponseEntity<UserDTO> getUserById(
@Parameter(description = "User ID", example = "user-uuid") @Parameter(description = "User ID") @PathVariable("id") String userId,
@PathVariable("id") String userId,
Authentication authentication Authentication authentication
) { ) {
ActorId actorId = extractActorId(authentication); ActorId actorId = extractActorId(authentication);
logger.info("Getting user: {} by actor: {}", userId, actorId.value()); logger.info("Getting user: {} by actor: {}", userId, actorId.value());
Result<UserError, UserDTO> result = getUser.execute(userId); Result<UserError, UserDTO> result = getUser.execute(userId, actorId);
if (result.isFailure()) throw new DomainErrorException(result.unsafeGetError());
if (result.isFailure()) {
throw new DomainErrorException(result.unsafeGetError());
}
return ResponseEntity.ok(result.unsafeGetValue()); return ResponseEntity.ok(result.unsafeGetValue());
} }
/**
* Update user endpoint.
*
* Updates user details (email, branchId).
* Only provided fields will be updated.
*
* PUT /api/users/{id}
* Authorization: Bearer <access-token>
*
* Request Body:
* {
* "email": "newemail@example.com",
* "branchId": "BRANCH-002"
* }
*
* Response (200 OK):
* {
* "id": "user-uuid",
* "username": "john.doe",
* "email": "newemail@example.com",
* "roles": [...],
* "branchId": "BRANCH-002",
* "status": "ACTIVE",
* "createdAt": "2026-02-17T12:00:00",
* "lastLogin": "2026-02-17T14:30:00"
* }
*
* @param userId User ID
* @param request Update user request
* @param authentication Current authentication
* @return Updated user DTO
*/
@PutMapping("/{id}") @PutMapping("/{id}")
@Operation( @Operation(summary = "Update user", description = "Update user details (email, branchId).")
summary = "Update user",
description = "Update user details (email, branchId). Only provided fields will be updated."
)
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(responseCode = "200", description = "User updated successfully",
responseCode = "200", content = @Content(schema = @Schema(implementation = UserDTO.class))),
description = "User updated successfully",
content = @Content(schema = @Schema(implementation = UserDTO.class))
),
@ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "404", description = "User not found"),
@ApiResponse(responseCode = "409", description = "Email already exists"), @ApiResponse(responseCode = "409", description = "Email already exists")
@ApiResponse(responseCode = "401", description = "Authentication required")
}) })
public ResponseEntity<UserDTO> updateUser( public ResponseEntity<UserDTO> updateUser(
@Parameter(description = "User ID", example = "user-uuid") @Parameter(description = "User ID") @PathVariable("id") String userId,
@PathVariable("id") String userId,
@Valid @RequestBody UpdateUserRequest request, @Valid @RequestBody UpdateUserRequest request,
Authentication authentication Authentication authentication
) { ) {
ActorId actorId = extractActorId(authentication); ActorId actorId = extractActorId(authentication);
logger.info("Updating user: {} by actor: {}", userId, actorId.value()); logger.info("Updating user: {} by actor: {}", userId, actorId.value());
UpdateUserCommand command = new UpdateUserCommand( UpdateUserCommand command = new UpdateUserCommand(userId, request.email(), request.branchId());
userId,
request.email(),
request.branchId()
);
Result<UserError, UserDTO> result = updateUser.execute(command, actorId); Result<UserError, UserDTO> result = updateUser.execute(command, actorId);
if (result.isFailure()) throw new DomainErrorException(result.unsafeGetError());
if (result.isFailure()) {
throw new DomainErrorException(result.unsafeGetError());
}
logger.info("User updated successfully: {}", userId); logger.info("User updated successfully: {}", userId);
return ResponseEntity.ok(result.unsafeGetValue()); return ResponseEntity.ok(result.unsafeGetValue());
} }
/**
* Lock user endpoint.
*
* Locks a user account (prevents login).
* Requires ADMIN permission (USER_MANAGEMENT).
*
* POST /api/users/{id}/lock
* Authorization: Bearer <access-token>
*
* Response (200 OK):
* {
* "id": "user-uuid",
* "username": "john.doe",
* "email": "john.doe@example.com",
* "roles": [...],
* "branchId": "BRANCH-001",
* "status": "LOCKED",
* "createdAt": "2026-02-17T12:00:00",
* "lastLogin": "2026-02-17T14:30:00"
* }
*
* @param userId User ID
* @param authentication Current authentication
* @return Updated user DTO
*/
@PostMapping("/{id}/lock") @PostMapping("/{id}/lock")
@PreAuthorize("hasAuthority('USER_LOCK')") @PreAuthorize("hasAuthority('USER_LOCK')")
@Operation( @Operation(summary = "Lock user (ADMIN only)", description = "Lock a user account (prevents login).")
summary = "Lock user (ADMIN only)",
description = "Lock a user account (prevents login). Requires USER_MANAGEMENT permission."
)
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(responseCode = "200", description = "User locked successfully",
responseCode = "200", content = @Content(schema = @Schema(implementation = UserDTO.class))),
description = "User locked successfully",
content = @Content(schema = @Schema(implementation = UserDTO.class))
),
@ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "404", description = "User not found"),
@ApiResponse(responseCode = "403", description = "Missing USER_MANAGEMENT permission"), @ApiResponse(responseCode = "409", description = "Invalid status transition"),
@ApiResponse(responseCode = "401", description = "Authentication required") @ApiResponse(responseCode = "403", description = "Missing permission")
}) })
public ResponseEntity<UserDTO> lockUser( public ResponseEntity<UserDTO> lockUser(
@Parameter(description = "User ID", example = "user-uuid") @Parameter(description = "User ID") @PathVariable("id") String userId,
@PathVariable("id") String userId,
Authentication authentication Authentication authentication
) { ) {
ActorId actorId = extractActorId(authentication); ActorId actorId = extractActorId(authentication);
logger.info("Locking user: {} by actor: {}", userId, actorId.value()); logger.info("Locking user: {} by actor: {}", userId, actorId.value());
Result<UserError, UserDTO> result = lockUser.execute(userId, actorId); LockUserCommand command = new LockUserCommand(userId);
Result<UserError, UserDTO> result = lockUser.execute(command, actorId);
if (result.isFailure()) { if (result.isFailure()) throw new DomainErrorException(result.unsafeGetError());
throw new DomainErrorException(result.unsafeGetError());
}
logger.info("User locked successfully: {}", userId); logger.info("User locked successfully: {}", userId);
return ResponseEntity.ok(result.unsafeGetValue()); return ResponseEntity.ok(result.unsafeGetValue());
} }
/**
* Unlock user endpoint.
*
* Unlocks a user account (allows login).
* Requires ADMIN permission (USER_MANAGEMENT).
*
* POST /api/users/{id}/unlock
* Authorization: Bearer <access-token>
*
* Response (200 OK):
* {
* "id": "user-uuid",
* "username": "john.doe",
* "email": "john.doe@example.com",
* "roles": [...],
* "branchId": "BRANCH-001",
* "status": "ACTIVE",
* "createdAt": "2026-02-17T12:00:00",
* "lastLogin": "2026-02-17T14:30:00"
* }
*
* @param userId User ID
* @param authentication Current authentication
* @return Updated user DTO
*/
@PostMapping("/{id}/unlock") @PostMapping("/{id}/unlock")
@PreAuthorize("hasAuthority('USER_UNLOCK')") @PreAuthorize("hasAuthority('USER_UNLOCK')")
@Operation( @Operation(summary = "Unlock user (ADMIN only)", description = "Unlock a user account (allows login).")
summary = "Unlock user (ADMIN only)",
description = "Unlock a user account (allows login). Requires USER_MANAGEMENT permission."
)
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(responseCode = "200", description = "User unlocked successfully",
responseCode = "200", content = @Content(schema = @Schema(implementation = UserDTO.class))),
description = "User unlocked successfully",
content = @Content(schema = @Schema(implementation = UserDTO.class))
),
@ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "404", description = "User not found"),
@ApiResponse(responseCode = "403", description = "Missing USER_MANAGEMENT permission"), @ApiResponse(responseCode = "409", description = "Invalid status transition"),
@ApiResponse(responseCode = "401", description = "Authentication required") @ApiResponse(responseCode = "403", description = "Missing permission")
}) })
public ResponseEntity<UserDTO> unlockUser( public ResponseEntity<UserDTO> unlockUser(
@Parameter(description = "User ID", example = "user-uuid") @Parameter(description = "User ID") @PathVariable("id") String userId,
@PathVariable("id") String userId,
Authentication authentication Authentication authentication
) { ) {
ActorId actorId = extractActorId(authentication); ActorId actorId = extractActorId(authentication);
logger.info("Unlocking user: {} by actor: {}", userId, actorId.value()); logger.info("Unlocking user: {} by actor: {}", userId, actorId.value());
Result<UserError, UserDTO> result = unlockUser.execute(userId, actorId); UnlockUserCommand command = new UnlockUserCommand(userId);
Result<UserError, UserDTO> result = unlockUser.execute(command, actorId);
if (result.isFailure()) { if (result.isFailure()) throw new DomainErrorException(result.unsafeGetError());
throw new DomainErrorException(result.unsafeGetError());
}
logger.info("User unlocked successfully: {}", userId); logger.info("User unlocked successfully: {}", userId);
return ResponseEntity.ok(result.unsafeGetValue()); return ResponseEntity.ok(result.unsafeGetValue());
} }
/**
* Assign role endpoint.
*
* Assigns a role to a user.
* Requires ADMIN permission (USER_MANAGEMENT).
*
* POST /api/users/{id}/roles
* Authorization: Bearer <access-token>
*
* Request Body:
* {
* "roleName": "MANAGER"
* }
*
* Response (200 OK):
* {
* "id": "user-uuid",
* "username": "john.doe",
* "email": "john.doe@example.com",
* "roles": [...],
* "branchId": "BRANCH-001",
* "status": "ACTIVE",
* "createdAt": "2026-02-17T12:00:00",
* "lastLogin": "2026-02-17T14:30:00"
* }
*
* @param userId User ID
* @param request Assign role request
* @param authentication Current authentication
* @return Updated user DTO
*/
@PostMapping("/{id}/roles") @PostMapping("/{id}/roles")
@PreAuthorize("hasAuthority('ROLE_ASSIGN')") @PreAuthorize("hasAuthority('ROLE_ASSIGN')")
@Operation( @Operation(summary = "Assign role (ADMIN only)", description = "Assign a role to a user.")
summary = "Assign role (ADMIN only)",
description = "Assign a role to a user. Requires USER_MANAGEMENT permission."
)
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(responseCode = "200", description = "Role assigned successfully",
responseCode = "200", content = @Content(schema = @Schema(implementation = UserDTO.class))),
description = "Role assigned successfully",
content = @Content(schema = @Schema(implementation = UserDTO.class))
),
@ApiResponse(responseCode = "404", description = "User or role not found"), @ApiResponse(responseCode = "404", description = "User or role not found"),
@ApiResponse(responseCode = "403", description = "Missing USER_MANAGEMENT permission"), @ApiResponse(responseCode = "403", description = "Missing permission")
@ApiResponse(responseCode = "401", description = "Authentication required")
}) })
public ResponseEntity<UserDTO> assignRole( public ResponseEntity<UserDTO> assignRole(
@Parameter(description = "User ID", example = "user-uuid") @Parameter(description = "User ID") @PathVariable("id") String userId,
@PathVariable("id") String userId,
@Valid @RequestBody AssignRoleRequest request, @Valid @RequestBody AssignRoleRequest request,
Authentication authentication Authentication authentication
) { ) {
ActorId actorId = extractActorId(authentication); ActorId actorId = extractActorId(authentication);
logger.info("Assigning role {} to user: {} by actor: {}", logger.info("Assigning role {} to user: {} by actor: {}", request.roleName(), userId, actorId.value());
request.roleName(), userId, actorId.value());
AssignRoleCommand command = new AssignRoleCommand(userId, request.roleName()); AssignRoleCommand command = new AssignRoleCommand(userId, request.roleName());
Result<UserError, UserDTO> result = assignRole.execute(command, actorId); Result<UserError, UserDTO> result = assignRole.execute(command, actorId);
if (result.isFailure()) throw new DomainErrorException(result.unsafeGetError());
if (result.isFailure()) {
throw new DomainErrorException(result.unsafeGetError());
}
logger.info("Role assigned successfully to user: {}", userId); logger.info("Role assigned successfully to user: {}", userId);
return ResponseEntity.ok(result.unsafeGetValue()); return ResponseEntity.ok(result.unsafeGetValue());
} }
/**
* Remove role endpoint.
*
* Removes a role from a user.
* Requires ADMIN permission (USER_MANAGEMENT).
*
* DELETE /api/users/{id}/roles/{roleName}
* Authorization: Bearer <access-token>
*
* Response (204 No Content):
* (empty body)
*
* @param userId User ID
* @param roleName Role name to remove
* @param authentication Current authentication
* @return Empty response
*/
@DeleteMapping("/{id}/roles/{roleName}") @DeleteMapping("/{id}/roles/{roleName}")
@PreAuthorize("hasAuthority('ROLE_REMOVE')") @PreAuthorize("hasAuthority('ROLE_REMOVE')")
@Operation( @Operation(summary = "Remove role (ADMIN only)", description = "Remove a role from a user.")
summary = "Remove role (ADMIN only)",
description = "Remove a role from a user. Requires USER_MANAGEMENT permission."
)
@ApiResponses({ @ApiResponses({
@ApiResponse(responseCode = "204", description = "Role removed successfully"), @ApiResponse(responseCode = "204", description = "Role removed successfully"),
@ApiResponse(responseCode = "404", description = "User or role not found"), @ApiResponse(responseCode = "404", description = "User or role not found"),
@ApiResponse(responseCode = "403", description = "Missing USER_MANAGEMENT permission"), @ApiResponse(responseCode = "403", description = "Missing permission")
@ApiResponse(responseCode = "401", description = "Authentication required")
}) })
public ResponseEntity<Void> removeRole( public ResponseEntity<Void> removeRole(
@Parameter(description = "User ID", example = "user-uuid") @Parameter(description = "User ID") @PathVariable("id") String userId,
@PathVariable("id") String userId, @Parameter(description = "Role name") @PathVariable("roleName") RoleName roleName,
@Parameter(description = "Role name", example = "MANAGER")
@PathVariable("roleName") RoleName roleName,
Authentication authentication Authentication authentication
) { ) {
ActorId actorId = extractActorId(authentication); ActorId actorId = extractActorId(authentication);
logger.info("Removing role {} from user: {} by actor: {}", logger.info("Removing role {} from user: {} by actor: {}", roleName, userId, actorId.value());
roleName, userId, actorId.value());
Result<UserError, UserDTO> result = removeRole.execute(userId, roleName, actorId); RemoveRoleCommand command = new RemoveRoleCommand(userId, roleName);
Result<UserError, UserDTO> result = removeRole.execute(command, actorId);
if (result.isFailure()) { if (result.isFailure()) throw new DomainErrorException(result.unsafeGetError());
throw new DomainErrorException(result.unsafeGetError());
}
logger.info("Role removed successfully from user: {}", userId); logger.info("Role removed successfully from user: {}", userId);
return ResponseEntity.noContent().build(); return ResponseEntity.noContent().build();
} }
/**
* Change password endpoint.
*
* Changes a user's password.
* Requires current password for verification.
* Users can change their own password.
*
* PUT /api/users/{id}/password
* Authorization: Bearer <access-token>
*
* Request Body:
* {
* "currentPassword": "OldPass123",
* "newPassword": "NewSecurePass456"
* }
*
* Response (204 No Content):
* (empty body)
*
* @param userId User ID
* @param request Change password request
* @param authentication Current authentication
* @return Empty response
*/
@PutMapping("/{id}/password") @PutMapping("/{id}/password")
@Operation( @Operation(summary = "Change password", description = "Change user password. Requires current password for verification.")
summary = "Change password",
description = "Change user password. Requires current password for verification."
)
@ApiResponses({ @ApiResponses({
@ApiResponse(responseCode = "204", description = "Password changed successfully"), @ApiResponse(responseCode = "204", description = "Password changed successfully"),
@ApiResponse(responseCode = "400", description = "Invalid password"), @ApiResponse(responseCode = "400", description = "Invalid password"),
@ApiResponse(responseCode = "401", description = "Invalid current password or authentication required"), @ApiResponse(responseCode = "401", description = "Invalid current password"),
@ApiResponse(responseCode = "404", description = "User not found") @ApiResponse(responseCode = "404", description = "User not found")
}) })
public ResponseEntity<Void> changePassword( public ResponseEntity<Void> changePassword(
@Parameter(description = "User ID", example = "user-uuid") @Parameter(description = "User ID") @PathVariable("id") String userId,
@PathVariable("id") String userId,
@Valid @RequestBody ChangePasswordRequest request, @Valid @RequestBody ChangePasswordRequest request,
Authentication authentication Authentication authentication
) { ) {
ActorId actorId = extractActorId(authentication); ActorId actorId = extractActorId(authentication);
logger.info("Changing password for user: {} by actor: {}", userId, actorId.value()); logger.info("Changing password for user: {} by actor: {}", userId, actorId.value());
ChangePasswordCommand command = new ChangePasswordCommand( ChangePasswordCommand command = new ChangePasswordCommand(userId, request.currentPassword(), request.newPassword());
userId,
request.currentPassword(),
request.newPassword()
);
Result<UserError, Void> result = changePassword.execute(command, actorId); Result<UserError, Void> result = changePassword.execute(command, actorId);
if (result.isFailure()) throw new DomainErrorException(result.unsafeGetError());
if (result.isFailure()) {
throw new DomainErrorException(result.unsafeGetError());
}
logger.info("Password changed successfully for user: {}", userId); logger.info("Password changed successfully for user: {}", userId);
return ResponseEntity.noContent().build(); return ResponseEntity.noContent().build();
} }
// ==================== Helper Methods ====================
/**
* Extracts ActorId from Spring Security Authentication.
*/
private ActorId extractActorId(Authentication authentication) { private ActorId extractActorId(Authentication authentication) {
if (authentication == null || authentication.getName() == null) { if (authentication == null || authentication.getName() == null) {
throw new IllegalStateException("No authentication found in SecurityContext"); throw new IllegalStateException("No authentication found in SecurityContext");
@ -658,10 +296,6 @@ public class UserController {
return ActorId.of(authentication.getName()); return ActorId.of(authentication.getName());
} }
/**
* Custom exception to wrap UserError for domain failures.
* This exception is caught by GlobalExceptionHandler.
*/
public static class DomainErrorException extends RuntimeException { public static class DomainErrorException extends RuntimeException {
private final UserError error; private final UserError error;

4
backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/GlobalExceptionHandler.java
View file

@ -283,7 +283,7 @@ public class GlobalExceptionHandler {
ErrorResponse errorResponse = ErrorResponse.from( ErrorResponse errorResponse = ErrorResponse.from(
"AUTHENTICATION_FAILED", "AUTHENTICATION_FAILED",
"Authentication failed: " + ex.getMessage(), "Authentication failed",
HttpStatus.UNAUTHORIZED.value(), HttpStatus.UNAUTHORIZED.value(),
request.getRequestURI() request.getRequestURI()
); );
@ -312,7 +312,7 @@ public class GlobalExceptionHandler {
ErrorResponse errorResponse = ErrorResponse.from( ErrorResponse errorResponse = ErrorResponse.from(
"ACCESS_DENIED", "ACCESS_DENIED",
"Access denied: " + ex.getMessage(), "Access denied",
HttpStatus.FORBIDDEN.value(), HttpStatus.FORBIDDEN.value(),
request.getRequestURI() request.getRequestURI()
); );

3
backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/UserErrorHttpStatusMapper.java
View file

@ -21,6 +21,9 @@ public final class UserErrorHttpStatusMapper {
case UserError.InvalidUsername e -> 400; case UserError.InvalidUsername e -> 400;
case UserError.NullPasswordHash e -> 400; case UserError.NullPasswordHash e -> 400;
case UserError.NullRole e -> 400; case UserError.NullRole e -> 400;
case UserError.NullPermission e -> 400;
case UserError.InvalidStatusTransition e -> 409;
case UserError.InvalidInput e -> 400;
case UserError.RepositoryFailure e -> 500; case UserError.RepositoryFailure e -> 500;
}; };
} }

17
backend/src/main/resources/application-prod.yml Normal file
View file

@ -0,0 +1,17 @@
springdoc:
api-docs:
enabled: false
swagger-ui:
enabled: false
logging:
level:
root: WARN
de.effigenix: INFO
org.springframework.security: WARN
org.hibernate.SQL: WARN
server:
error:
include-message: never
include-binding-errors: never

8
backend/src/main/resources/application.yml
View file

@ -47,10 +47,16 @@ logging:
org.springframework.security: DEBUG org.springframework.security: DEBUG
org.hibernate.SQL: DEBUG org.hibernate.SQL: DEBUG
# CORS Configuration
effigenix:
cors:
allowed-origins: ${CORS_ALLOWED_ORIGINS:http://localhost:3000}
# API Documentation # API Documentation
springdoc: springdoc:
api-docs: api-docs:
path: /api-docs path: /api-docs
enabled: ${SWAGGER_ENABLED:true}
swagger-ui: swagger-ui:
path: /swagger-ui.html path: /swagger-ui.html
enabled: true enabled: ${SWAGGER_ENABLED:true}

14
backend/src/main/resources/db/changelog/changes/004-seed-admin-user.sql
View file

@ -1,26 +1,18 @@
-- Seed Admin User for initial system access -- Seed Admin User for initial system access
-- Username: admin
-- Password: admin123
-- BCrypt hash with strength 12
-- Insert Admin User
INSERT INTO users (id, username, email, password_hash, branch_id, status, created_at, last_login) INSERT INTO users (id, username, email, password_hash, branch_id, status, created_at, last_login)
VALUES ( VALUES (
'00000000-0000-0000-0000-000000000001', -- Fixed UUID for admin '00000000-0000-0000-0000-000000000001',
'admin', 'admin',
'admin@effigenix.com', 'admin@effigenix.com',
'$2a$12$SJmX80hUZoA66W77CX7cHeRw1TPscXD6S8HYEZfhJ5PxTfkbwbLdi', -- BCrypt hash for "admin123" '$2a$12$SJmX80hUZoA66W77CX7cHeRw1TPscXD6S8HYEZfhJ5PxTfkbwbLdi',
NULL, -- No branch = global access NULL,
'ACTIVE', 'ACTIVE',
CURRENT_TIMESTAMP, CURRENT_TIMESTAMP,
NULL NULL
); );
-- Assign ADMIN role to admin user
INSERT INTO user_roles (user_id, role_id) INSERT INTO user_roles (user_id, role_id)
SELECT '00000000-0000-0000-0000-000000000001', id SELECT '00000000-0000-0000-0000-000000000001', id
FROM roles FROM roles
WHERE name = 'ADMIN'; WHERE name = 'ADMIN';
-- Add comment
COMMENT ON TABLE users IS 'Default admin user: username=admin, password=admin123 (CHANGE IN PRODUCTION!)';

2
backend/src/main/resources/db/changelog/db.changelog-master.xml
View file

@ -8,7 +8,7 @@
<include file="db/changelog/changes/001-create-user-management-schema.xml"/> <include file="db/changelog/changes/001-create-user-management-schema.xml"/>
<include file="db/changelog/changes/002-seed-roles-and-permissions.xml"/> <include file="db/changelog/changes/002-seed-roles-and-permissions.xml"/>
<include file="db/changelog/changes/003-create-audit-logs-table.xml"/> <include file="db/changelog/changes/003-create-audit-logs-table.xml"/>
<include file="db/changelog/changes/004-seed-admin-user.xml"/> <include file="db/changelog/changes/004-seed-admin-user.xml" context="dev"/>
<include file="db/changelog/changes/005-create-masterdata-schema.xml"/> <include file="db/changelog/changes/005-create-masterdata-schema.xml"/>
<include file="db/changelog/changes/006-create-supplier-schema.xml"/> <include file="db/changelog/changes/006-create-supplier-schema.xml"/>
<include file="db/changelog/changes/007-create-customer-schema.xml"/> <include file="db/changelog/changes/007-create-customer-schema.xml"/>

131
backend/src/test/java/de/effigenix/application/usermanagement/AssignRoleTest.java Normal file
View file

@ -0,0 +1,131 @@
package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.AssignRoleCommand;
import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import java.time.LocalDateTime;
import java.util.HashSet;
import java.util.Optional;
import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
@ExtendWith(MockitoExtension.class)
@DisplayName("AssignRole Use Case")
class AssignRoleTest {
@Mock private UserRepository userRepository;
@Mock private RoleRepository roleRepository;
@Mock private AuditLogger auditLogger;
@Mock private AuthorizationPort authPort;
private AssignRole assignRole;
private ActorId performedBy;
private User testUser;
private Role workerRole;
@BeforeEach
void setUp() {
assignRole = new AssignRole(userRepository, roleRepository, auditLogger, authPort);
performedBy = ActorId.of("admin-user");
testUser = User.reconstitute(
UserId.of("user-1"), "john.doe", "john@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
);
workerRole = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, new HashSet<>(), "Production Worker");
}
@Test
@DisplayName("should_AssignRole_When_ValidCommandProvided")
void should_AssignRole_When_ValidCommandProvided() {
when(authPort.can(performedBy, UserManagementAction.ROLE_ASSIGN)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(testUser)));
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(workerRole)));
when(userRepository.save(any())).thenReturn(Result.success(null));
Result<UserError, UserDTO> result = assignRole.execute(
new AssignRoleCommand("user-1", RoleName.PRODUCTION_WORKER), performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().roles()).hasSize(1);
verify(userRepository).save(argThat(user -> user.roles().contains(workerRole)));
verify(auditLogger).log(eq(AuditEvent.ROLE_ASSIGNED), eq("user-1"), anyString(), eq(performedBy));
}
@Test
@DisplayName("should_FailWithUnauthorized_When_ActorLacksPermission")
void should_FailWithUnauthorized_When_ActorLacksPermission() {
when(authPort.can(performedBy, UserManagementAction.ROLE_ASSIGN)).thenReturn(false);
Result<UserError, UserDTO> result = assignRole.execute(
new AssignRoleCommand("user-1", RoleName.PRODUCTION_WORKER), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).save(any());
}
@Test
@DisplayName("should_FailWithInvalidInput_When_UserIdIsBlank")
void should_FailWithInvalidInput_When_UserIdIsBlank() {
when(authPort.can(performedBy, UserManagementAction.ROLE_ASSIGN)).thenReturn(true);
Result<UserError, UserDTO> result = assignRole.execute(
new AssignRoleCommand("", RoleName.PRODUCTION_WORKER), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidInput.class);
}
@Test
@DisplayName("should_FailWithInvalidInput_When_RoleNameIsNull")
void should_FailWithInvalidInput_When_RoleNameIsNull() {
when(authPort.can(performedBy, UserManagementAction.ROLE_ASSIGN)).thenReturn(true);
Result<UserError, UserDTO> result = assignRole.execute(
new AssignRoleCommand("user-1", null), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidInput.class);
}
@Test
@DisplayName("should_FailWithUserNotFound_When_UserDoesNotExist")
void should_FailWithUserNotFound_When_UserDoesNotExist() {
when(authPort.can(performedBy, UserManagementAction.ROLE_ASSIGN)).thenReturn(true);
when(userRepository.findById(UserId.of("nonexistent"))).thenReturn(Result.success(Optional.empty()));
Result<UserError, UserDTO> result = assignRole.execute(
new AssignRoleCommand("nonexistent", RoleName.PRODUCTION_WORKER), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserNotFound.class);
}
@Test
@DisplayName("should_FailWithRoleNotFound_When_RoleDoesNotExist")
void should_FailWithRoleNotFound_When_RoleDoesNotExist() {
when(authPort.can(performedBy, UserManagementAction.ROLE_ASSIGN)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(testUser)));
when(roleRepository.findByName(RoleName.ADMIN)).thenReturn(Result.success(Optional.empty()));
Result<UserError, UserDTO> result = assignRole.execute(
new AssignRoleCommand("user-1", RoleName.ADMIN), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.RoleNotFound.class);
verify(userRepository, never()).save(any());
}
}

222
backend/src/test/java/de/effigenix/application/usermanagement/AuthenticateUserTest.java
View file

@ -21,25 +21,14 @@ import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*; import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*; import static org.mockito.Mockito.*;
/**
* Unit tests for AuthenticateUser Use Case.
* Tests authentication flow, credential validation, status checks, and audit logging.
*/
@ExtendWith(MockitoExtension.class) @ExtendWith(MockitoExtension.class)
@DisplayName("AuthenticateUser Use Case") @DisplayName("AuthenticateUser Use Case")
class AuthenticateUserTest { class AuthenticateUserTest {
@Mock @Mock private UserRepository userRepository;
private UserRepository userRepository; @Mock private PasswordHasher passwordHasher;
@Mock private SessionManager sessionManager;
@Mock @Mock private AuditLogger auditLogger;
private PasswordHasher passwordHasher;
@Mock
private SessionManager sessionManager;
@Mock
private AuditLogger auditLogger;
@InjectMocks @InjectMocks
private AuthenticateUser authenticateUser; private AuthenticateUser authenticateUser;
@ -55,15 +44,8 @@ class AuthenticateUserTest {
validPasswordHash = new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"); validPasswordHash = new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW");
testUser = User.reconstitute( testUser = User.reconstitute(
UserId.of("user-1"), UserId.of("user-1"), "john.doe", "john@example.com", validPasswordHash,
"john.doe", new HashSet<>(), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
"john@example.com",
validPasswordHash,
new HashSet<>(),
"branch-1",
UserStatus.ACTIVE,
LocalDateTime.now(),
null
); );
sessionToken = new SessionToken("jwt-token", "Bearer", 3600L, LocalDateTime.now().plusSeconds(3600), "refresh-token"); sessionToken = new SessionToken("jwt-token", "Bearer", 3600L, LocalDateTime.now().plusSeconds(3600), "refresh-token");
@ -72,16 +54,13 @@ class AuthenticateUserTest {
@Test @Test
@DisplayName("should_AuthenticateUser_When_ValidCredentialsProvided") @DisplayName("should_AuthenticateUser_When_ValidCredentialsProvided")
void should_AuthenticateUser_When_ValidCredentialsProvided() { void should_AuthenticateUser_When_ValidCredentialsProvided() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser))); when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true); when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true);
when(sessionManager.createSession(testUser)).thenReturn(sessionToken); when(sessionManager.createSession(testUser)).thenReturn(sessionToken);
when(userRepository.save(any())).thenReturn(Result.success(null)); when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, SessionToken> result = authenticateUser.execute(validCommand); Result<UserError, SessionToken> result = authenticateUser.execute(validCommand);
// Assert
assertThat(result.isSuccess()).isTrue(); assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue()).isEqualTo(sessionToken); assertThat(result.unsafeGetValue()).isEqualTo(sessionToken);
verify(userRepository).save(any()); verify(userRepository).save(any());
@ -91,14 +70,10 @@ class AuthenticateUserTest {
@Test @Test
@DisplayName("should_FailWithInvalidCredentials_When_UserNotFound") @DisplayName("should_FailWithInvalidCredentials_When_UserNotFound")
void should_FailWithInvalidCredentials_When_UserNotFound() { void should_FailWithInvalidCredentials_When_UserNotFound() {
// Arrange
when(userRepository.findByUsername("nonexistent")).thenReturn(Result.success(Optional.empty())); when(userRepository.findByUsername("nonexistent")).thenReturn(Result.success(Optional.empty()));
// Act Result<UserError, SessionToken> result = authenticateUser.execute(new AuthenticateCommand("nonexistent", "Password123!"));
AuthenticateCommand command = new AuthenticateCommand("nonexistent", "Password123!");
Result<UserError, SessionToken> result = authenticateUser.execute(command);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidCredentials.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidCredentials.class);
verify(auditLogger).log(eq(AuditEvent.LOGIN_FAILED), anyString()); verify(auditLogger).log(eq(AuditEvent.LOGIN_FAILED), anyString());
@ -107,25 +82,14 @@ class AuthenticateUserTest {
@Test @Test
@DisplayName("should_FailWithLockedUser_When_UserStatusIsLocked") @DisplayName("should_FailWithLockedUser_When_UserStatusIsLocked")
void should_FailWithLockedUser_When_UserStatusIsLocked() { void should_FailWithLockedUser_When_UserStatusIsLocked() {
// Arrange
User lockedUser = User.reconstitute( User lockedUser = User.reconstitute(
UserId.of("user-2"), UserId.of("user-2"), "john.doe", "john@example.com", validPasswordHash,
"john.doe", new HashSet<>(), "branch-1", UserStatus.LOCKED, LocalDateTime.now(), null
"john@example.com",
validPasswordHash,
new HashSet<>(),
"branch-1",
UserStatus.LOCKED,
LocalDateTime.now(),
null
); );
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(lockedUser))); when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(lockedUser)));
// Act
Result<UserError, SessionToken> result = authenticateUser.execute(validCommand); Result<UserError, SessionToken> result = authenticateUser.execute(validCommand);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserLocked.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserLocked.class);
verify(auditLogger).log(eq(AuditEvent.LOGIN_BLOCKED), anyString(), any()); verify(auditLogger).log(eq(AuditEvent.LOGIN_BLOCKED), anyString(), any());
@ -134,209 +98,57 @@ class AuthenticateUserTest {
@Test @Test
@DisplayName("should_FailWithInactiveUser_When_UserStatusIsInactive") @DisplayName("should_FailWithInactiveUser_When_UserStatusIsInactive")
void should_FailWithInactiveUser_When_UserStatusIsInactive() { void should_FailWithInactiveUser_When_UserStatusIsInactive() {
// Arrange
User inactiveUser = User.reconstitute( User inactiveUser = User.reconstitute(
UserId.of("user-3"), UserId.of("user-3"), "john.doe", "john@example.com", validPasswordHash,
"john.doe", new HashSet<>(), "branch-1", UserStatus.INACTIVE, LocalDateTime.now(), null
"john@example.com",
validPasswordHash,
new HashSet<>(),
"branch-1",
UserStatus.INACTIVE,
LocalDateTime.now(),
null
); );
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(inactiveUser))); when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(inactiveUser)));
// Act
Result<UserError, SessionToken> result = authenticateUser.execute(validCommand); Result<UserError, SessionToken> result = authenticateUser.execute(validCommand);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserInactive.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserInactive.class);
verify(auditLogger).log(eq(AuditEvent.LOGIN_FAILED), anyString());
} }
@Test @Test
@DisplayName("should_FailWithInvalidCredentials_When_PasswordDoesNotMatch") @DisplayName("should_FailWithInvalidCredentials_When_PasswordDoesNotMatch")
void should_FailWithInvalidCredentials_When_PasswordDoesNotMatch() { void should_FailWithInvalidCredentials_When_PasswordDoesNotMatch() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser))); when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("WrongPassword", validPasswordHash)).thenReturn(false); when(passwordHasher.verify("WrongPassword", validPasswordHash)).thenReturn(false);
// Act Result<UserError, SessionToken> result = authenticateUser.execute(new AuthenticateCommand("john.doe", "WrongPassword"));
AuthenticateCommand command = new AuthenticateCommand("john.doe", "WrongPassword");
Result<UserError, SessionToken> result = authenticateUser.execute(command);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidCredentials.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidCredentials.class);
verify(auditLogger).log(eq(AuditEvent.LOGIN_FAILED), anyString(), any()); verify(auditLogger).log(eq(AuditEvent.LOGIN_FAILED), anyString(), any());
} }
@Test
@DisplayName("should_CreateSessionToken_When_AuthenticationSucceeds")
void should_CreateSessionToken_When_AuthenticationSucceeds() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true);
when(sessionManager.createSession(testUser)).thenReturn(sessionToken);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, SessionToken> result = authenticateUser.execute(validCommand);
// Assert
assertThat(result.isSuccess()).isTrue();
verify(sessionManager).createSession(testUser);
}
@Test @Test
@DisplayName("should_UpdateLastLoginTimestamp_When_AuthenticationSucceeds") @DisplayName("should_UpdateLastLoginTimestamp_When_AuthenticationSucceeds")
void should_UpdateLastLoginTimestamp_When_AuthenticationSucceeds() { void should_UpdateLastLoginTimestamp_When_AuthenticationSucceeds() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser))); when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true); when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true);
when(sessionManager.createSession(testUser)).thenReturn(sessionToken); when(sessionManager.createSession(testUser)).thenReturn(sessionToken);
when(userRepository.save(any())).thenReturn(Result.success(null)); when(userRepository.save(any())).thenReturn(Result.success(null));
LocalDateTime before = LocalDateTime.now();
// Act
Result<UserError, SessionToken> result = authenticateUser.execute(validCommand); Result<UserError, SessionToken> result = authenticateUser.execute(validCommand);
LocalDateTime after = LocalDateTime.now();
// Assert
assertThat(result.isSuccess()).isTrue(); assertThat(result.isSuccess()).isTrue();
assertThat(testUser.lastLogin()).isBetween(before, after); // Verify save was called with a user (immutable, so it's a new instance)
} verify(userRepository).save(argThat(user -> user.lastLogin() != null));
@Test
@DisplayName("should_SaveUserWithUpdatedLastLogin_When_AuthenticationSucceeds")
void should_SaveUserWithUpdatedLastLogin_When_AuthenticationSucceeds() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true);
when(sessionManager.createSession(testUser)).thenReturn(sessionToken);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
authenticateUser.execute(validCommand);
// Assert
verify(userRepository).save(any(User.class));
}
@Test
@DisplayName("should_LogLoginSuccessAuditEvent_When_AuthenticationSucceeds")
void should_LogLoginSuccessAuditEvent_When_AuthenticationSucceeds() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true);
when(sessionManager.createSession(testUser)).thenReturn(sessionToken);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, SessionToken> result = authenticateUser.execute(validCommand);
// Assert
assertThat(result.isSuccess()).isTrue();
verify(auditLogger).log(eq(AuditEvent.LOGIN_SUCCESS), eq("user-1"), any(ActorId.class));
}
@Test
@DisplayName("should_LogLoginFailureAuditEvent_When_PasswordIncorrect")
void should_LogLoginFailureAuditEvent_When_PasswordIncorrect() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("WrongPassword", validPasswordHash)).thenReturn(false);
// Act
AuthenticateCommand command = new AuthenticateCommand("john.doe", "WrongPassword");
Result<UserError, SessionToken> result = authenticateUser.execute(command);
// Assert
assertThat(result.isFailure()).isTrue();
verify(auditLogger).log(eq(AuditEvent.LOGIN_FAILED), anyString(), any());
}
@Test
@DisplayName("should_VerifyPasswordBeforeCheckingStatus_When_UserExists")
void should_VerifyPasswordBeforeCheckingStatus_When_UserExists() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true);
when(sessionManager.createSession(testUser)).thenReturn(sessionToken);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
authenticateUser.execute(validCommand);
// Assert
verify(passwordHasher).verify("Password123!", validPasswordHash);
}
@Test
@DisplayName("should_CheckStatusBeforeCreatingSession_When_UserActive")
void should_CheckStatusBeforeCreatingSession_When_UserActive() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true);
when(sessionManager.createSession(testUser)).thenReturn(sessionToken);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, SessionToken> result = authenticateUser.execute(validCommand);
// Assert
assertThat(result.isSuccess()).isTrue();
// Session should be created only for active users
verify(sessionManager).createSession(testUser);
} }
@Test @Test
@DisplayName("should_NotCreateSession_When_UserLocked") @DisplayName("should_NotCreateSession_When_UserLocked")
void should_NotCreateSession_When_UserLocked() { void should_NotCreateSession_When_UserLocked() {
// Arrange
User lockedUser = User.reconstitute( User lockedUser = User.reconstitute(
UserId.of("user-4"), UserId.of("user-4"), "john.doe", "john@example.com", validPasswordHash,
"john.doe", new HashSet<>(), "branch-1", UserStatus.LOCKED, LocalDateTime.now(), null
"john@example.com",
validPasswordHash,
new HashSet<>(),
"branch-1",
UserStatus.LOCKED,
LocalDateTime.now(),
null
); );
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(lockedUser))); when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(lockedUser)));
// Act authenticateUser.execute(validCommand);
Result<UserError, SessionToken> result = authenticateUser.execute(validCommand);
// Assert
assertThat(result.isFailure()).isTrue();
verify(sessionManager, never()).createSession(any()); verify(sessionManager, never()).createSession(any());
} }
@Test
@DisplayName("should_ReturnSessionToken_When_AuthenticationSucceeds")
void should_ReturnSessionToken_When_AuthenticationSucceeds() {
// Arrange
when(userRepository.findByUsername("john.doe")).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("Password123!", validPasswordHash)).thenReturn(true);
SessionToken expectedToken = new SessionToken("jwt-xyz", "Bearer", 3600L, LocalDateTime.now().plusSeconds(3600), "refresh-xyz");
when(sessionManager.createSession(testUser)).thenReturn(expectedToken);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, SessionToken> result = authenticateUser.execute(validCommand);
// Assert
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue()).isEqualTo(expectedToken);
}
} }

275
backend/src/test/java/de/effigenix/application/usermanagement/ChangePasswordTest.java
View file

@ -4,11 +4,11 @@ import de.effigenix.application.usermanagement.command.ChangePasswordCommand;
import de.effigenix.domain.usermanagement.*; import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mock; import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension; import org.mockito.junit.jupiter.MockitoExtension;
@ -20,26 +20,16 @@ import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*; import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*; import static org.mockito.Mockito.*;
/**
* Unit tests for ChangePassword Use Case.
* Tests password verification, password validation, update logic, and audit logging.
*/
@ExtendWith(MockitoExtension.class) @ExtendWith(MockitoExtension.class)
@DisplayName("ChangePassword Use Case") @DisplayName("ChangePassword Use Case")
class ChangePasswordTest { class ChangePasswordTest {
@Mock @Mock private UserRepository userRepository;
private UserRepository userRepository; @Mock private PasswordHasher passwordHasher;
@Mock private AuditLogger auditLogger;
@Mock private AuthorizationPort authPort;
@Mock
private PasswordHasher passwordHasher;
@Mock
private AuditLogger auditLogger;
@InjectMocks
private ChangePassword changePassword; private ChangePassword changePassword;
private User testUser; private User testUser;
private PasswordHash oldPasswordHash; private PasswordHash oldPasswordHash;
private PasswordHash newPasswordHash; private PasswordHash newPasswordHash;
@ -48,59 +38,58 @@ class ChangePasswordTest {
@BeforeEach @BeforeEach
void setUp() { void setUp() {
changePassword = new ChangePassword(userRepository, passwordHasher, auditLogger, authPort);
oldPasswordHash = new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"); oldPasswordHash = new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW");
newPasswordHash = new PasswordHash("$2b$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"); newPasswordHash = new PasswordHash("$2b$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW");
testUser = User.reconstitute( testUser = User.reconstitute(
UserId.of("user-123"), UserId.of("user-123"), "john.doe", "john@example.com", oldPasswordHash,
"john.doe", new HashSet<>(), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
"john@example.com",
oldPasswordHash,
new HashSet<>(),
"branch-1",
UserStatus.ACTIVE,
LocalDateTime.now(),
null
); );
validCommand = new ChangePasswordCommand("user-123", "OldPassword123!", "NewPassword456!"); validCommand = new ChangePasswordCommand("user-123", "OldPassword123!", "NewPassword456!");
performedBy = ActorId.of("user-123"); performedBy = ActorId.of("user-123"); // self-service
} }
@Test @Test
@DisplayName("should_ChangePassword_When_ValidCurrentPasswordProvided") @DisplayName("should_ChangePassword_When_ValidCurrentPasswordProvided_SelfService")
void should_ChangePassword_When_ValidCurrentPasswordProvided() { void should_ChangePassword_When_ValidCurrentPasswordProvided_SelfService() {
// Arrange // Self-service: no authPort check needed
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser))); when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true); when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true);
when(passwordHasher.isValidPassword("NewPassword456!")).thenReturn(true); when(passwordHasher.isValidPassword("NewPassword456!")).thenReturn(true);
when(passwordHasher.hash("NewPassword456!")).thenReturn(newPasswordHash); when(passwordHasher.hash("NewPassword456!")).thenReturn(newPasswordHash);
when(userRepository.save(any())).thenReturn(Result.success(null)); when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, Void> result = changePassword.execute(validCommand, performedBy); Result<UserError, Void> result = changePassword.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue(); assertThat(result.isSuccess()).isTrue();
verify(userRepository).save(any(User.class)); verify(userRepository).save(any(User.class));
verify(auditLogger).log(eq(AuditEvent.PASSWORD_CHANGED), eq("user-123"), eq(performedBy));
}
@Test
@DisplayName("should_FailWithUnauthorized_When_DifferentActorWithoutPermission")
void should_FailWithUnauthorized_When_DifferentActorWithoutPermission() {
ActorId otherActor = ActorId.of("other-user");
when(authPort.can(otherActor, UserManagementAction.PASSWORD_CHANGE)).thenReturn(false);
Result<UserError, Void> result = changePassword.execute(validCommand, otherActor);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).save(any());
} }
@Test @Test
@DisplayName("should_FailWithUserNotFound_When_UserIdDoesNotExist") @DisplayName("should_FailWithUserNotFound_When_UserIdDoesNotExist")
void should_FailWithUserNotFound_When_UserIdDoesNotExist() { void should_FailWithUserNotFound_When_UserIdDoesNotExist() {
// Arrange
when(userRepository.findById(UserId.of("nonexistent-id"))).thenReturn(Result.success(Optional.empty())); when(userRepository.findById(UserId.of("nonexistent-id"))).thenReturn(Result.success(Optional.empty()));
ChangePasswordCommand command = new ChangePasswordCommand("nonexistent-id", "OldPassword123!", "NewPassword456!");
ActorId actor = ActorId.of("nonexistent-id");
ChangePasswordCommand command = new ChangePasswordCommand( Result<UserError, Void> result = changePassword.execute(command, actor);
"nonexistent-id",
"OldPassword123!",
"NewPassword456!"
);
// Act
Result<UserError, Void> result = changePassword.execute(command, performedBy);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserNotFound.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserNotFound.class);
verify(userRepository, never()).save(any()); verify(userRepository, never()).save(any());
@ -109,235 +98,41 @@ class ChangePasswordTest {
@Test @Test
@DisplayName("should_FailWithInvalidCredentials_When_CurrentPasswordIncorrect") @DisplayName("should_FailWithInvalidCredentials_When_CurrentPasswordIncorrect")
void should_FailWithInvalidCredentials_When_CurrentPasswordIncorrect() { void should_FailWithInvalidCredentials_When_CurrentPasswordIncorrect() {
// Arrange
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser))); when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("WrongPassword", oldPasswordHash)).thenReturn(false); when(passwordHasher.verify("WrongPassword", oldPasswordHash)).thenReturn(false);
ChangePasswordCommand command = new ChangePasswordCommand("user-123", "WrongPassword", "NewPassword456!");
ChangePasswordCommand command = new ChangePasswordCommand(
"user-123",
"WrongPassword",
"NewPassword456!"
);
// Act
Result<UserError, Void> result = changePassword.execute(command, performedBy); Result<UserError, Void> result = changePassword.execute(command, performedBy);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidCredentials.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidCredentials.class);
verify(auditLogger).log(eq(AuditEvent.PASSWORD_CHANGE_FAILED), eq("user-123"), eq(performedBy));
verify(userRepository, never()).save(any()); verify(userRepository, never()).save(any());
} }
@Test @Test
@DisplayName("should_FailWithInvalidPassword_When_NewPasswordTooWeak") @DisplayName("should_FailWithInvalidPassword_When_NewPasswordTooWeak")
void should_FailWithInvalidPassword_When_NewPasswordTooWeak() { void should_FailWithInvalidPassword_When_NewPasswordTooWeak() {
// Arrange
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser))); when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true); when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true);
when(passwordHasher.isValidPassword("weak")).thenReturn(false); when(passwordHasher.isValidPassword("weak")).thenReturn(false);
ChangePasswordCommand command = new ChangePasswordCommand("user-123", "OldPassword123!", "weak"); ChangePasswordCommand command = new ChangePasswordCommand("user-123", "OldPassword123!", "weak");
// Act
Result<UserError, Void> result = changePassword.execute(command, performedBy); Result<UserError, Void> result = changePassword.execute(command, performedBy);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidPassword.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidPassword.class);
verify(userRepository, never()).save(any()); verify(userRepository, never()).save(any());
} }
@Test @Test
@DisplayName("should_VerifyCurrentPasswordBeforeValidatingNewPassword") @DisplayName("should_FailWithInvalidInput_When_BlankUserId")
void should_VerifyCurrentPasswordBeforeValidatingNewPassword() { void should_FailWithInvalidInput_When_BlankUserId() {
// Arrange ChangePasswordCommand command = new ChangePasswordCommand("", "OldPassword123!", "NewPassword456!");
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(false);
// Act
Result<UserError, Void> result = changePassword.execute(validCommand, performedBy);
// Assert
assertThat(result.isFailure()).isTrue();
// Password validation should not be called if current password is wrong
verify(passwordHasher, never()).isValidPassword(anyString());
}
@Test
@DisplayName("should_HashNewPassword_When_AllValidationsPass")
void should_HashNewPassword_When_AllValidationsPass() {
// Arrange
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true);
when(passwordHasher.isValidPassword("NewPassword456!")).thenReturn(true);
when(passwordHasher.hash("NewPassword456!")).thenReturn(newPasswordHash);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
changePassword.execute(validCommand, performedBy);
// Assert
verify(passwordHasher).hash("NewPassword456!");
}
@Test
@DisplayName("should_UpdateUserPassword_When_NewHashObtained")
void should_UpdateUserPassword_When_NewHashObtained() {
// Arrange
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true);
when(passwordHasher.isValidPassword("NewPassword456!")).thenReturn(true);
when(passwordHasher.hash("NewPassword456!")).thenReturn(newPasswordHash);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, Void> result = changePassword.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue();
assertThat(testUser.passwordHash()).isEqualTo(newPasswordHash);
}
@Test
@DisplayName("should_SaveUpdatedUserToRepository_When_PasswordChanged")
void should_SaveUpdatedUserToRepository_When_PasswordChanged() {
// Arrange
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true);
when(passwordHasher.isValidPassword("NewPassword456!")).thenReturn(true);
when(passwordHasher.hash("NewPassword456!")).thenReturn(newPasswordHash);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
changePassword.execute(validCommand, performedBy);
// Assert
verify(userRepository).save(any(User.class));
}
@Test
@DisplayName("should_LogPasswordChangedAuditEvent_When_PasswordSuccessfullyChanged")
void should_LogPasswordChangedAuditEvent_When_PasswordSuccessfullyChanged() {
// Arrange
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true);
when(passwordHasher.isValidPassword("NewPassword456!")).thenReturn(true);
when(passwordHasher.hash("NewPassword456!")).thenReturn(newPasswordHash);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, Void> result = changePassword.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue();
verify(auditLogger).log(eq(AuditEvent.PASSWORD_CHANGED), eq("user-123"), eq(performedBy));
}
@Test
@DisplayName("should_LogFailureAuditEvent_When_CurrentPasswordIncorrect")
void should_LogFailureAuditEvent_When_CurrentPasswordIncorrect() {
// Arrange
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("WrongPassword", oldPasswordHash)).thenReturn(false);
ChangePasswordCommand command = new ChangePasswordCommand(
"user-123",
"WrongPassword",
"NewPassword456!"
);
// Act
Result<UserError, Void> result = changePassword.execute(command, performedBy); Result<UserError, Void> result = changePassword.execute(command, performedBy);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
verify(auditLogger).log( assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidInput.class);
eq(AuditEvent.PASSWORD_CHANGED),
eq("user-123"),
eq(performedBy)
);
}
@Test
@DisplayName("should_ReturnSuccess_When_PasswordChangedSuccessfully")
void should_ReturnSuccess_When_PasswordChangedSuccessfully() {
// Arrange
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true);
when(passwordHasher.isValidPassword("NewPassword456!")).thenReturn(true);
when(passwordHasher.hash("NewPassword456!")).thenReturn(newPasswordHash);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, Void> result = changePassword.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue()).isNull();
}
@Test
@DisplayName("should_ReturnFailure_When_UserNotFound")
void should_ReturnFailure_When_UserNotFound() {
// Arrange
when(userRepository.findById(UserId.of("invalid-id"))).thenReturn(Result.success(Optional.empty()));
ChangePasswordCommand command = new ChangePasswordCommand(
"invalid-id",
"OldPassword123!",
"NewPassword456!"
);
// Act
Result<UserError, Void> result = changePassword.execute(command, performedBy);
// Assert
assertThat(result.isFailure()).isTrue();
}
@Test
@DisplayName("should_AllowPasswordChangeForActiveUser")
void should_AllowPasswordChangeForActiveUser() {
// Arrange
testUser = User.reconstitute(
UserId.of("user-123"),
"john.doe",
"john@example.com",
oldPasswordHash,
new HashSet<>(),
"branch-1",
UserStatus.ACTIVE,
LocalDateTime.now(),
null
);
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true);
when(passwordHasher.isValidPassword("NewPassword456!")).thenReturn(true);
when(passwordHasher.hash("NewPassword456!")).thenReturn(newPasswordHash);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, Void> result = changePassword.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue();
}
@Test
@DisplayName("should_UsePasswordHasherToVerifyCurrentPassword")
void should_UsePasswordHasherToVerifyCurrentPassword() {
// Arrange
when(userRepository.findById(UserId.of("user-123"))).thenReturn(Result.success(Optional.of(testUser)));
when(passwordHasher.verify("OldPassword123!", oldPasswordHash)).thenReturn(true);
when(passwordHasher.isValidPassword("NewPassword456!")).thenReturn(true);
when(passwordHasher.hash("NewPassword456!")).thenReturn(newPasswordHash);
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
changePassword.execute(validCommand, performedBy);
// Assert
verify(passwordHasher).verify("OldPassword123!", oldPasswordHash);
} }
} }

243
backend/src/test/java/de/effigenix/application/usermanagement/CreateUserTest.java
View file

@ -4,11 +4,11 @@ import de.effigenix.application.usermanagement.command.CreateUserCommand;
import de.effigenix.domain.usermanagement.*; import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.Result; import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId; import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mock; import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension; import org.mockito.junit.jupiter.MockitoExtension;
@ -21,58 +21,35 @@ import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.*; import static org.mockito.Mockito.*;
/**
* Unit tests for CreateUser Use Case.
* Tests validation, uniqueness checks, role loading, user creation, and audit logging.
*/
@ExtendWith(MockitoExtension.class) @ExtendWith(MockitoExtension.class)
@DisplayName("CreateUser Use Case") @DisplayName("CreateUser Use Case")
class CreateUserTest { class CreateUserTest {
@Mock @Mock private UserRepository userRepository;
private UserRepository userRepository; @Mock private RoleRepository roleRepository;
@Mock private PasswordHasher passwordHasher;
@Mock private AuditLogger auditLogger;
@Mock private AuthorizationPort authPort;
@Mock
private RoleRepository roleRepository;
@Mock
private PasswordHasher passwordHasher;
@Mock
private AuditLogger auditLogger;
@InjectMocks
private CreateUser createUser; private CreateUser createUser;
private CreateUserCommand validCommand; private CreateUserCommand validCommand;
private ActorId performedBy; private ActorId performedBy;
private PasswordHash validPasswordHash; private PasswordHash validPasswordHash;
@BeforeEach @BeforeEach
void setUp() { void setUp() {
createUser = new CreateUser(userRepository, roleRepository, passwordHasher, auditLogger, authPort);
performedBy = ActorId.of("admin-user"); performedBy = ActorId.of("admin-user");
validPasswordHash = new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"); validPasswordHash = new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW");
validCommand = new CreateUserCommand("john.doe", "john@example.com", "Password123!", Set.of(RoleName.PRODUCTION_WORKER), "branch-1");
validCommand = new CreateUserCommand(
"john.doe",
"john@example.com",
"Password123!",
Set.of(RoleName.PRODUCTION_WORKER),
"branch-1"
);
} }
@Test @Test
@DisplayName("should_CreateUser_When_ValidCommandAndUniqueDetailsProvided") @DisplayName("should_CreateUser_When_ValidCommandAndUniqueDetailsProvided")
void should_CreateUser_When_ValidCommandAndUniqueDetailsProvided() { void should_CreateUser_When_ValidCommandAndUniqueDetailsProvided() {
// Arrange Role role = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, new HashSet<>(), "Production Worker");
Role role = Role.reconstitute(
RoleId.generate(),
RoleName.PRODUCTION_WORKER,
new HashSet<>(),
"Production Worker"
);
when(authPort.can(performedBy, UserManagementAction.USER_CREATE)).thenReturn(true);
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true); when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false)); when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false));
when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false)); when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false));
@ -80,157 +57,103 @@ class CreateUserTest {
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(role))); when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(role)));
when(userRepository.save(any())).thenReturn(Result.success(null)); when(userRepository.save(any())).thenReturn(Result.success(null));
// Act var result = createUser.execute(validCommand, performedBy);
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue(); assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().username()).isEqualTo("john.doe"); assertThat(result.unsafeGetValue().username()).isEqualTo("john.doe");
assertThat(result.unsafeGetValue().email()).isEqualTo("john@example.com");
verify(userRepository).save(any()); verify(userRepository).save(any());
verify(auditLogger).log(AuditEvent.USER_CREATED, result.unsafeGetValue().id(), performedBy); verify(auditLogger).log(eq(AuditEvent.USER_CREATED), anyString(), eq(performedBy));
}
@Test
@DisplayName("should_FailWithUnauthorized_When_ActorLacksPermission")
void should_FailWithUnauthorized_When_ActorLacksPermission() {
when(authPort.can(performedBy, UserManagementAction.USER_CREATE)).thenReturn(false);
var result = createUser.execute(validCommand, performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).save(any());
}
@Test
@DisplayName("should_FailWithInvalidInput_When_EmptyRoleNamesProvided")
void should_FailWithInvalidInput_When_EmptyRoleNamesProvided() {
when(authPort.can(performedBy, UserManagementAction.USER_CREATE)).thenReturn(true);
var cmd = new CreateUserCommand("john.doe", "john@example.com", "Password123!", Set.of(), "branch-1");
var result = createUser.execute(cmd, performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidInput.class);
} }
@Test @Test
@DisplayName("should_FailWithInvalidPassword_When_WeakPasswordProvided") @DisplayName("should_FailWithInvalidPassword_When_WeakPasswordProvided")
void should_FailWithInvalidPassword_When_WeakPasswordProvided() { void should_FailWithInvalidPassword_When_WeakPasswordProvided() {
// Arrange when(authPort.can(performedBy, UserManagementAction.USER_CREATE)).thenReturn(true);
when(passwordHasher.isValidPassword("Password123!")).thenReturn(false); when(passwordHasher.isValidPassword("Password123!")).thenReturn(false);
// Act var result = createUser.execute(validCommand, performedBy);
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(validCommand, performedBy);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidPassword.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidPassword.class);
assertThat(result.unsafeGetError().message()).contains("at least 8 characters");
verify(userRepository, never()).save(any()); verify(userRepository, never()).save(any());
verify(auditLogger, never()).log(any(AuditEvent.class), anyString(), any());
} }
@Test @Test
@DisplayName("should_FailWithUsernameExists_When_DuplicateUsernameProvided") @DisplayName("should_FailWithUsernameExists_When_DuplicateUsernameProvided")
void should_FailWithUsernameExists_When_DuplicateUsernameProvided() { void should_FailWithUsernameExists_When_DuplicateUsernameProvided() {
// Arrange when(authPort.can(performedBy, UserManagementAction.USER_CREATE)).thenReturn(true);
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true); when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(true)); when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(true));
// Act var result = createUser.execute(validCommand, performedBy);
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(validCommand, performedBy);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UsernameAlreadyExists.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.UsernameAlreadyExists.class);
verify(userRepository, never()).save(any()); verify(userRepository, never()).save(any());
} }
@Test @Test
@DisplayName("should_FailWithEmailExists_When_DuplicateEmailProvided") @DisplayName("should_FailWithEmailExists_When_DuplicateEmailProvided")
void should_FailWithEmailExists_When_DuplicateEmailProvided() { void should_FailWithEmailExists_When_DuplicateEmailProvided() {
// Arrange when(authPort.can(performedBy, UserManagementAction.USER_CREATE)).thenReturn(true);
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true); when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false)); when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false));
when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(true)); when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(true));
// Act var result = createUser.execute(validCommand, performedBy);
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(validCommand, performedBy);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.EmailAlreadyExists.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.EmailAlreadyExists.class);
verify(userRepository, never()).save(any()); verify(userRepository, never()).save(any());
} }
@Test
@DisplayName("should_UsePasswordHasherToHashPassword_When_PasswordValid")
void should_UsePasswordHasherToHashPassword_When_PasswordValid() {
// Arrange
Role role = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, new HashSet<>(), "Worker");
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false));
when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false));
when(passwordHasher.hash("Password123!")).thenReturn(validPasswordHash);
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(role)));
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue();
verify(passwordHasher).hash("Password123!");
}
@Test
@DisplayName("should_LoadRolesByName_When_RoleNamesProvided")
void should_LoadRolesByName_When_RoleNamesProvided() {
// Arrange
Role role1 = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, new HashSet<>(), "Worker");
Role role2 = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_MANAGER, new HashSet<>(), "Manager");
CreateUserCommand commandWithMultipleRoles = new CreateUserCommand(
"john.doe",
"john@example.com",
"Password123!",
Set.of(RoleName.PRODUCTION_WORKER, RoleName.PRODUCTION_MANAGER),
"branch-1"
);
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false));
when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false));
when(passwordHasher.hash("Password123!")).thenReturn(validPasswordHash);
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(role1)));
when(roleRepository.findByName(RoleName.PRODUCTION_MANAGER)).thenReturn(Result.success(Optional.of(role2)));
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(commandWithMultipleRoles, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue();
verify(roleRepository).findByName(RoleName.PRODUCTION_WORKER);
verify(roleRepository).findByName(RoleName.PRODUCTION_MANAGER);
}
@Test @Test
@DisplayName("should_FailWithRoleNotFound_When_RoleNotFound") @DisplayName("should_FailWithRoleNotFound_When_RoleNotFound")
void should_FailWithRoleNotFound_When_RoleNotFound() { void should_FailWithRoleNotFound_When_RoleNotFound() {
// Arrange when(authPort.can(performedBy, UserManagementAction.USER_CREATE)).thenReturn(true);
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true); when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false)); when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false));
when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false)); when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false));
when(passwordHasher.hash("Password123!")).thenReturn(validPasswordHash); when(passwordHasher.hash("Password123!")).thenReturn(validPasswordHash);
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.empty())); when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.empty()));
// Act var result = createUser.execute(validCommand, performedBy);
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(validCommand, performedBy);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.RoleNotFound.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.RoleNotFound.class);
verify(userRepository, never()).save(any()); verify(userRepository, never()).save(any());
} }
@Test @Test
@DisplayName("should_CreateActiveUser_When_UserCreatedWithFactoryMethod") @DisplayName("should_CreateActiveUser_When_UserCreatedSuccessfully")
void should_CreateActiveUser_When_UserCreatedWithFactoryMethod() { void should_CreateActiveUser_When_UserCreatedSuccessfully() {
// Arrange
Role role = Role.reconstitute(RoleId.generate(), RoleName.ADMIN, new HashSet<>(), "Admin"); Role role = Role.reconstitute(RoleId.generate(), RoleName.ADMIN, new HashSet<>(), "Admin");
when(authPort.can(performedBy, UserManagementAction.USER_CREATE)).thenReturn(true);
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true); when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false)); when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false));
when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false)); when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false));
@ -238,79 +161,9 @@ class CreateUserTest {
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(role))); when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(role)));
when(userRepository.save(any())).thenReturn(Result.success(null)); when(userRepository.save(any())).thenReturn(Result.success(null));
// Act var result = createUser.execute(validCommand, performedBy);
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue(); assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().status()).isEqualTo(UserStatus.ACTIVE); assertThat(result.unsafeGetValue().status()).isEqualTo(UserStatus.ACTIVE);
} }
@Test
@DisplayName("should_LogUserCreatedAuditEvent_When_UserSuccessfullyCreated")
void should_LogUserCreatedAuditEvent_When_UserSuccessfullyCreated() {
// Arrange
Role role = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, new HashSet<>(), "Worker");
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false));
when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false));
when(passwordHasher.hash("Password123!")).thenReturn(validPasswordHash);
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(role)));
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue();
verify(auditLogger).log(eq(AuditEvent.USER_CREATED), anyString(), eq(performedBy));
}
@Test
@DisplayName("should_SaveUserToRepository_When_AllValidationsPass")
void should_SaveUserToRepository_When_AllValidationsPass() {
// Arrange
Role role = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, new HashSet<>(), "Worker");
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false));
when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false));
when(passwordHasher.hash("Password123!")).thenReturn(validPasswordHash);
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(role)));
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
createUser.execute(validCommand, performedBy);
// Assert
verify(userRepository).save(any(User.class));
}
@Test
@DisplayName("should_ReturnUserDTO_When_UserCreatedSuccessfully")
void should_ReturnUserDTO_When_UserCreatedSuccessfully() {
// Arrange
Role role = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, new HashSet<>(), "Worker");
when(passwordHasher.isValidPassword("Password123!")).thenReturn(true);
when(userRepository.existsByUsername("john.doe")).thenReturn(Result.success(false));
when(userRepository.existsByEmail("john@example.com")).thenReturn(Result.success(false));
when(passwordHasher.hash("Password123!")).thenReturn(validPasswordHash);
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(role)));
when(userRepository.save(any())).thenReturn(Result.success(null));
// Act
Result<UserError, de.effigenix.application.usermanagement.dto.UserDTO> result =
createUser.execute(validCommand, performedBy);
// Assert
assertThat(result.isSuccess()).isTrue();
var userDTO = result.unsafeGetValue();
assertThat(userDTO.username()).isEqualTo("john.doe");
assertThat(userDTO.email()).isEqualTo("john@example.com");
assertThat(userDTO.status()).isEqualTo(UserStatus.ACTIVE);
}
} }

81
backend/src/test/java/de/effigenix/application/usermanagement/GetUserTest.java Normal file
View file

@ -0,0 +1,81 @@
package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import java.time.LocalDateTime;
import java.util.HashSet;
import java.util.Optional;
import static org.assertj.core.api.Assertions.*;
import static org.mockito.Mockito.*;
@ExtendWith(MockitoExtension.class)
@DisplayName("GetUser Use Case")
class GetUserTest {
@Mock private UserRepository userRepository;
@Mock private AuthorizationPort authPort;
private GetUser getUser;
private ActorId performedBy;
private User testUser;
@BeforeEach
void setUp() {
getUser = new GetUser(userRepository, authPort);
performedBy = ActorId.of("admin-user");
testUser = User.reconstitute(
UserId.of("user-1"), "john.doe", "john@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
);
}
@Test
@DisplayName("should_ReturnUser_When_UserExistsAndAuthorized")
void should_ReturnUser_When_UserExistsAndAuthorized() {
when(authPort.can(performedBy, UserManagementAction.USER_VIEW)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(testUser)));
Result<UserError, UserDTO> result = getUser.execute("user-1", performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().username()).isEqualTo("john.doe");
assertThat(result.unsafeGetValue().email()).isEqualTo("john@example.com");
assertThat(result.unsafeGetValue().id()).isEqualTo("user-1");
}
@Test
@DisplayName("should_FailWithUnauthorized_When_ActorLacksPermission")
void should_FailWithUnauthorized_When_ActorLacksPermission() {
when(authPort.can(performedBy, UserManagementAction.USER_VIEW)).thenReturn(false);
Result<UserError, UserDTO> result = getUser.execute("user-1", performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).findById(any());
}
@Test
@DisplayName("should_FailWithUserNotFound_When_UserDoesNotExist")
void should_FailWithUserNotFound_When_UserDoesNotExist() {
when(authPort.can(performedBy, UserManagementAction.USER_VIEW)).thenReturn(true);
when(userRepository.findById(UserId.of("nonexistent"))).thenReturn(Result.success(Optional.empty()));
Result<UserError, UserDTO> result = getUser.execute("nonexistent", performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserNotFound.class);
}
}

112
backend/src/test/java/de/effigenix/application/usermanagement/ListUsersTest.java Normal file
View file

@ -0,0 +1,112 @@
package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import de.effigenix.shared.security.BranchId;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import java.time.LocalDateTime;
import java.util.HashSet;
import java.util.List;
import static org.assertj.core.api.Assertions.*;
import static org.mockito.Mockito.*;
@ExtendWith(MockitoExtension.class)
@DisplayName("ListUsers Use Case")
class ListUsersTest {
@Mock private UserRepository userRepository;
@Mock private AuthorizationPort authPort;
private ListUsers listUsers;
private ActorId performedBy;
private User user1;
private User user2;
@BeforeEach
void setUp() {
listUsers = new ListUsers(userRepository, authPort);
performedBy = ActorId.of("admin-user");
user1 = User.reconstitute(
UserId.of("user-1"), "john.doe", "john@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
);
user2 = User.reconstitute(
UserId.of("user-2"), "jane.doe", "jane@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
);
}
@Test
@DisplayName("should_ReturnAllUsers_When_Authorized")
void should_ReturnAllUsers_When_Authorized() {
when(authPort.can(performedBy, UserManagementAction.USER_LIST)).thenReturn(true);
when(userRepository.findAll()).thenReturn(Result.success(List.of(user1, user2)));
Result<UserError, List<UserDTO>> result = listUsers.execute(performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue()).hasSize(2);
assertThat(result.unsafeGetValue()).extracting(UserDTO::username)
.containsExactlyInAnyOrder("john.doe", "jane.doe");
}
@Test
@DisplayName("should_ReturnEmptyList_When_NoUsersExist")
void should_ReturnEmptyList_When_NoUsersExist() {
when(authPort.can(performedBy, UserManagementAction.USER_LIST)).thenReturn(true);
when(userRepository.findAll()).thenReturn(Result.success(List.of()));
Result<UserError, List<UserDTO>> result = listUsers.execute(performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue()).isEmpty();
}
@Test
@DisplayName("should_FailWithUnauthorized_When_ActorLacksPermission")
void should_FailWithUnauthorized_When_ActorLacksPermission() {
when(authPort.can(performedBy, UserManagementAction.USER_LIST)).thenReturn(false);
Result<UserError, List<UserDTO>> result = listUsers.execute(performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).findAll();
}
@Test
@DisplayName("should_ReturnBranchUsers_When_FilteredByBranch")
void should_ReturnBranchUsers_When_FilteredByBranch() {
when(authPort.can(performedBy, UserManagementAction.USER_LIST)).thenReturn(true);
when(userRepository.findByBranchId("branch-1")).thenReturn(Result.success(List.of(user1, user2)));
Result<UserError, List<UserDTO>> result = listUsers.executeForBranch(BranchId.of("branch-1"), performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue()).hasSize(2);
}
@Test
@DisplayName("should_FailWithUnauthorized_When_ActorLacksPermissionForBranchList")
void should_FailWithUnauthorized_When_ActorLacksPermissionForBranchList() {
when(authPort.can(performedBy, UserManagementAction.USER_LIST)).thenReturn(false);
Result<UserError, List<UserDTO>> result = listUsers.executeForBranch(BranchId.of("branch-1"), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).findByBranchId(anyString());
}
}

131
backend/src/test/java/de/effigenix/application/usermanagement/LockUserTest.java Normal file
View file

@ -0,0 +1,131 @@
package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.LockUserCommand;
import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import java.time.LocalDateTime;
import java.util.HashSet;
import java.util.Optional;
import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
@ExtendWith(MockitoExtension.class)
@DisplayName("LockUser Use Case")
class LockUserTest {
@Mock private UserRepository userRepository;
@Mock private AuditLogger auditLogger;
@Mock private AuthorizationPort authPort;
private LockUser lockUser;
private ActorId performedBy;
private User activeUser;
@BeforeEach
void setUp() {
lockUser = new LockUser(userRepository, auditLogger, authPort);
performedBy = ActorId.of("admin-user");
activeUser = User.reconstitute(
UserId.of("user-1"), "john.doe", "john@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
);
}
@Test
@DisplayName("should_LockUser_When_UserIsActive")
void should_LockUser_When_UserIsActive() {
when(authPort.can(performedBy, UserManagementAction.USER_LOCK)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(activeUser)));
when(userRepository.save(any())).thenReturn(Result.success(null));
Result<UserError, UserDTO> result = lockUser.execute(new LockUserCommand("user-1"), performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().status()).isEqualTo(UserStatus.LOCKED);
verify(userRepository).save(argThat(user -> user.status() == UserStatus.LOCKED));
verify(auditLogger).log(eq(AuditEvent.USER_LOCKED), eq("user-1"), eq(performedBy));
}
@Test
@DisplayName("should_FailWithUnauthorized_When_ActorLacksPermission")
void should_FailWithUnauthorized_When_ActorLacksPermission() {
when(authPort.can(performedBy, UserManagementAction.USER_LOCK)).thenReturn(false);
Result<UserError, UserDTO> result = lockUser.execute(new LockUserCommand("user-1"), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).save(any());
}
@Test
@DisplayName("should_FailWithInvalidInput_When_UserIdIsBlank")
void should_FailWithInvalidInput_When_UserIdIsBlank() {
when(authPort.can(performedBy, UserManagementAction.USER_LOCK)).thenReturn(true);
Result<UserError, UserDTO> result = lockUser.execute(new LockUserCommand(""), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidInput.class);
}
@Test
@DisplayName("should_FailWithUserNotFound_When_UserDoesNotExist")
void should_FailWithUserNotFound_When_UserDoesNotExist() {
when(authPort.can(performedBy, UserManagementAction.USER_LOCK)).thenReturn(true);
when(userRepository.findById(UserId.of("nonexistent"))).thenReturn(Result.success(Optional.empty()));
Result<UserError, UserDTO> result = lockUser.execute(new LockUserCommand("nonexistent"), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserNotFound.class);
}
@Test
@DisplayName("should_FailWithInvalidStatusTransition_When_UserAlreadyLocked")
void should_FailWithInvalidStatusTransition_When_UserAlreadyLocked() {
User lockedUser = User.reconstitute(
UserId.of("user-2"), "jane.doe", "jane@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.LOCKED, LocalDateTime.now(), null
);
when(authPort.can(performedBy, UserManagementAction.USER_LOCK)).thenReturn(true);
when(userRepository.findById(UserId.of("user-2"))).thenReturn(Result.success(Optional.of(lockedUser)));
Result<UserError, UserDTO> result = lockUser.execute(new LockUserCommand("user-2"), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidStatusTransition.class);
verify(userRepository, never()).save(any());
}
@Test
@DisplayName("should_FailWithInvalidStatusTransition_When_UserIsInactive")
void should_FailWithInvalidStatusTransition_When_UserIsInactive() {
User inactiveUser = User.reconstitute(
UserId.of("user-3"), "bob", "bob@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.INACTIVE, LocalDateTime.now(), null
);
when(authPort.can(performedBy, UserManagementAction.USER_LOCK)).thenReturn(true);
when(userRepository.findById(UserId.of("user-3"))).thenReturn(Result.success(Optional.of(inactiveUser)));
Result<UserError, UserDTO> result = lockUser.execute(new LockUserCommand("user-3"), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidStatusTransition.class);
}
}

132
backend/src/test/java/de/effigenix/application/usermanagement/RemoveRoleTest.java Normal file
View file

@ -0,0 +1,132 @@
package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.RemoveRoleCommand;
import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import java.time.LocalDateTime;
import java.util.HashSet;
import java.util.Optional;
import java.util.Set;
import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
@ExtendWith(MockitoExtension.class)
@DisplayName("RemoveRole Use Case")
class RemoveRoleTest {
@Mock private UserRepository userRepository;
@Mock private RoleRepository roleRepository;
@Mock private AuditLogger auditLogger;
@Mock private AuthorizationPort authPort;
private RemoveRole removeRole;
private ActorId performedBy;
private Role workerRole;
private User userWithRole;
@BeforeEach
void setUp() {
removeRole = new RemoveRole(userRepository, roleRepository, auditLogger, authPort);
performedBy = ActorId.of("admin-user");
workerRole = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, new HashSet<>(), "Production Worker");
userWithRole = User.reconstitute(
UserId.of("user-1"), "john.doe", "john@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(Set.of(workerRole)), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
);
}
@Test
@DisplayName("should_RemoveRole_When_ValidCommandProvided")
void should_RemoveRole_When_ValidCommandProvided() {
when(authPort.can(performedBy, UserManagementAction.ROLE_REMOVE)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(userWithRole)));
when(roleRepository.findByName(RoleName.PRODUCTION_WORKER)).thenReturn(Result.success(Optional.of(workerRole)));
when(userRepository.save(any())).thenReturn(Result.success(null));
Result<UserError, UserDTO> result = removeRole.execute(
new RemoveRoleCommand("user-1", RoleName.PRODUCTION_WORKER), performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().roles()).isEmpty();
verify(userRepository).save(argThat(user -> user.roles().isEmpty()));
verify(auditLogger).log(eq(AuditEvent.ROLE_REMOVED), eq("user-1"), anyString(), eq(performedBy));
}
@Test
@DisplayName("should_FailWithUnauthorized_When_ActorLacksPermission")
void should_FailWithUnauthorized_When_ActorLacksPermission() {
when(authPort.can(performedBy, UserManagementAction.ROLE_REMOVE)).thenReturn(false);
Result<UserError, UserDTO> result = removeRole.execute(
new RemoveRoleCommand("user-1", RoleName.PRODUCTION_WORKER), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).save(any());
}
@Test
@DisplayName("should_FailWithInvalidInput_When_UserIdIsBlank")
void should_FailWithInvalidInput_When_UserIdIsBlank() {
when(authPort.can(performedBy, UserManagementAction.ROLE_REMOVE)).thenReturn(true);
Result<UserError, UserDTO> result = removeRole.execute(
new RemoveRoleCommand("", RoleName.PRODUCTION_WORKER), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidInput.class);
}
@Test
@DisplayName("should_FailWithInvalidInput_When_RoleNameIsNull")
void should_FailWithInvalidInput_When_RoleNameIsNull() {
when(authPort.can(performedBy, UserManagementAction.ROLE_REMOVE)).thenReturn(true);
Result<UserError, UserDTO> result = removeRole.execute(
new RemoveRoleCommand("user-1", null), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidInput.class);
}
@Test
@DisplayName("should_FailWithUserNotFound_When_UserDoesNotExist")
void should_FailWithUserNotFound_When_UserDoesNotExist() {
when(authPort.can(performedBy, UserManagementAction.ROLE_REMOVE)).thenReturn(true);
when(userRepository.findById(UserId.of("nonexistent"))).thenReturn(Result.success(Optional.empty()));
Result<UserError, UserDTO> result = removeRole.execute(
new RemoveRoleCommand("nonexistent", RoleName.PRODUCTION_WORKER), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserNotFound.class);
}
@Test
@DisplayName("should_FailWithRoleNotFound_When_RoleDoesNotExist")
void should_FailWithRoleNotFound_When_RoleDoesNotExist() {
when(authPort.can(performedBy, UserManagementAction.ROLE_REMOVE)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(userWithRole)));
when(roleRepository.findByName(RoleName.ADMIN)).thenReturn(Result.success(Optional.empty()));
Result<UserError, UserDTO> result = removeRole.execute(
new RemoveRoleCommand("user-1", RoleName.ADMIN), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.RoleNotFound.class);
verify(userRepository, never()).save(any());
}
}

131
backend/src/test/java/de/effigenix/application/usermanagement/UnlockUserTest.java Normal file
View file

@ -0,0 +1,131 @@
package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.UnlockUserCommand;
import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import java.time.LocalDateTime;
import java.util.HashSet;
import java.util.Optional;
import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
@ExtendWith(MockitoExtension.class)
@DisplayName("UnlockUser Use Case")
class UnlockUserTest {
@Mock private UserRepository userRepository;
@Mock private AuditLogger auditLogger;
@Mock private AuthorizationPort authPort;
private UnlockUser unlockUser;
private ActorId performedBy;
private User lockedUser;
@BeforeEach
void setUp() {
unlockUser = new UnlockUser(userRepository, auditLogger, authPort);
performedBy = ActorId.of("admin-user");
lockedUser = User.reconstitute(
UserId.of("user-1"), "john.doe", "john@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.LOCKED, LocalDateTime.now(), null
);
}
@Test
@DisplayName("should_UnlockUser_When_UserIsLocked")
void should_UnlockUser_When_UserIsLocked() {
when(authPort.can(performedBy, UserManagementAction.USER_UNLOCK)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(lockedUser)));
when(userRepository.save(any())).thenReturn(Result.success(null));
Result<UserError, UserDTO> result = unlockUser.execute(new UnlockUserCommand("user-1"), performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().status()).isEqualTo(UserStatus.ACTIVE);
verify(userRepository).save(argThat(user -> user.status() == UserStatus.ACTIVE));
verify(auditLogger).log(eq(AuditEvent.USER_UNLOCKED), eq("user-1"), eq(performedBy));
}
@Test
@DisplayName("should_FailWithUnauthorized_When_ActorLacksPermission")
void should_FailWithUnauthorized_When_ActorLacksPermission() {
when(authPort.can(performedBy, UserManagementAction.USER_UNLOCK)).thenReturn(false);
Result<UserError, UserDTO> result = unlockUser.execute(new UnlockUserCommand("user-1"), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).save(any());
}
@Test
@DisplayName("should_FailWithInvalidInput_When_UserIdIsBlank")
void should_FailWithInvalidInput_When_UserIdIsBlank() {
when(authPort.can(performedBy, UserManagementAction.USER_UNLOCK)).thenReturn(true);
Result<UserError, UserDTO> result = unlockUser.execute(new UnlockUserCommand(""), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidInput.class);
}
@Test
@DisplayName("should_FailWithUserNotFound_When_UserDoesNotExist")
void should_FailWithUserNotFound_When_UserDoesNotExist() {
when(authPort.can(performedBy, UserManagementAction.USER_UNLOCK)).thenReturn(true);
when(userRepository.findById(UserId.of("nonexistent"))).thenReturn(Result.success(Optional.empty()));
Result<UserError, UserDTO> result = unlockUser.execute(new UnlockUserCommand("nonexistent"), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserNotFound.class);
}
@Test
@DisplayName("should_FailWithInvalidStatusTransition_When_UserIsActive")
void should_FailWithInvalidStatusTransition_When_UserIsActive() {
User activeUser = User.reconstitute(
UserId.of("user-2"), "jane.doe", "jane@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
);
when(authPort.can(performedBy, UserManagementAction.USER_UNLOCK)).thenReturn(true);
when(userRepository.findById(UserId.of("user-2"))).thenReturn(Result.success(Optional.of(activeUser)));
Result<UserError, UserDTO> result = unlockUser.execute(new UnlockUserCommand("user-2"), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidStatusTransition.class);
verify(userRepository, never()).save(any());
}
@Test
@DisplayName("should_FailWithInvalidStatusTransition_When_UserIsInactive")
void should_FailWithInvalidStatusTransition_When_UserIsInactive() {
User inactiveUser = User.reconstitute(
UserId.of("user-3"), "bob", "bob@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.INACTIVE, LocalDateTime.now(), null
);
when(authPort.can(performedBy, UserManagementAction.USER_UNLOCK)).thenReturn(true);
when(userRepository.findById(UserId.of("user-3"))).thenReturn(Result.success(Optional.of(inactiveUser)));
Result<UserError, UserDTO> result = unlockUser.execute(new UnlockUserCommand("user-3"), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidStatusTransition.class);
}
}

149
backend/src/test/java/de/effigenix/application/usermanagement/UpdateUserTest.java Normal file
View file

@ -0,0 +1,149 @@
package de.effigenix.application.usermanagement;
import de.effigenix.application.usermanagement.command.UpdateUserCommand;
import de.effigenix.application.usermanagement.dto.UserDTO;
import de.effigenix.domain.usermanagement.*;
import de.effigenix.shared.common.Result;
import de.effigenix.shared.security.ActorId;
import de.effigenix.shared.security.AuthorizationPort;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import java.time.LocalDateTime;
import java.util.HashSet;
import java.util.Optional;
import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
@ExtendWith(MockitoExtension.class)
@DisplayName("UpdateUser Use Case")
class UpdateUserTest {
@Mock private UserRepository userRepository;
@Mock private AuditLogger auditLogger;
@Mock private AuthorizationPort authPort;
private UpdateUser updateUser;
private ActorId performedBy;
private User testUser;
@BeforeEach
void setUp() {
updateUser = new UpdateUser(userRepository, auditLogger, authPort);
performedBy = ActorId.of("admin-user");
testUser = User.reconstitute(
UserId.of("user-1"), "john.doe", "john@example.com",
new PasswordHash("$2a$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"),
new HashSet<>(), "branch-1", UserStatus.ACTIVE, LocalDateTime.now(), null
);
}
@Test
@DisplayName("should_UpdateEmail_When_NewEmailProvided")
void should_UpdateEmail_When_NewEmailProvided() {
when(authPort.can(performedBy, UserManagementAction.USER_UPDATE)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(testUser)));
when(userRepository.existsByEmail("newemail@example.com")).thenReturn(Result.success(false));
when(userRepository.save(any())).thenReturn(Result.success(null));
Result<UserError, UserDTO> result = updateUser.execute(
new UpdateUserCommand("user-1", "newemail@example.com", null), performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().email()).isEqualTo("newemail@example.com");
verify(userRepository).save(argThat(user -> "newemail@example.com".equals(user.email())));
verify(auditLogger).log(eq(AuditEvent.USER_UPDATED), eq("user-1"), eq(performedBy));
}
@Test
@DisplayName("should_UpdateBranch_When_NewBranchProvided")
void should_UpdateBranch_When_NewBranchProvided() {
when(authPort.can(performedBy, UserManagementAction.USER_UPDATE)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(testUser)));
when(userRepository.save(any())).thenReturn(Result.success(null));
Result<UserError, UserDTO> result = updateUser.execute(
new UpdateUserCommand("user-1", null, "branch-2"), performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().branchId()).isEqualTo("branch-2");
verify(userRepository).save(argThat(user -> "branch-2".equals(user.branchId())));
}
@Test
@DisplayName("should_UpdateEmailAndBranch_When_BothProvided")
void should_UpdateEmailAndBranch_When_BothProvided() {
when(authPort.can(performedBy, UserManagementAction.USER_UPDATE)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(testUser)));
when(userRepository.existsByEmail("new@example.com")).thenReturn(Result.success(false));
when(userRepository.save(any())).thenReturn(Result.success(null));
Result<UserError, UserDTO> result = updateUser.execute(
new UpdateUserCommand("user-1", "new@example.com", "branch-2"), performedBy);
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().email()).isEqualTo("new@example.com");
assertThat(result.unsafeGetValue().branchId()).isEqualTo("branch-2");
}
@Test
@DisplayName("should_FailWithUnauthorized_When_ActorLacksPermission")
void should_FailWithUnauthorized_When_ActorLacksPermission() {
when(authPort.can(performedBy, UserManagementAction.USER_UPDATE)).thenReturn(false);
Result<UserError, UserDTO> result = updateUser.execute(
new UpdateUserCommand("user-1", "new@example.com", null), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.Unauthorized.class);
verify(userRepository, never()).save(any());
}
@Test
@DisplayName("should_FailWithUserNotFound_When_UserDoesNotExist")
void should_FailWithUserNotFound_When_UserDoesNotExist() {
when(authPort.can(performedBy, UserManagementAction.USER_UPDATE)).thenReturn(true);
when(userRepository.findById(UserId.of("nonexistent"))).thenReturn(Result.success(Optional.empty()));
Result<UserError, UserDTO> result = updateUser.execute(
new UpdateUserCommand("nonexistent", "new@example.com", null), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.UserNotFound.class);
}
@Test
@DisplayName("should_FailWithEmailAlreadyExists_When_DuplicateEmail")
void should_FailWithEmailAlreadyExists_When_DuplicateEmail() {
when(authPort.can(performedBy, UserManagementAction.USER_UPDATE)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(testUser)));
when(userRepository.existsByEmail("taken@example.com")).thenReturn(Result.success(true));
Result<UserError, UserDTO> result = updateUser.execute(
new UpdateUserCommand("user-1", "taken@example.com", null), performedBy);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.EmailAlreadyExists.class);
verify(userRepository, never()).save(any());
}
@Test
@DisplayName("should_NotCheckEmailUniqueness_When_EmailUnchanged")
void should_NotCheckEmailUniqueness_When_EmailUnchanged() {
when(authPort.can(performedBy, UserManagementAction.USER_UPDATE)).thenReturn(true);
when(userRepository.findById(UserId.of("user-1"))).thenReturn(Result.success(Optional.of(testUser)));
when(userRepository.save(any())).thenReturn(Result.success(null));
Result<UserError, UserDTO> result = updateUser.execute(
new UpdateUserCommand("user-1", "john@example.com", "branch-2"), performedBy);
assertThat(result.isSuccess()).isTrue();
verify(userRepository, never()).existsByEmail(anyString());
}
}

171
backend/src/test/java/de/effigenix/domain/usermanagement/RoleTest.java
View file

@ -11,7 +11,7 @@ import static org.assertj.core.api.Assertions.*;
/** /**
* Unit tests for Role Entity. * Unit tests for Role Entity.
* Tests validation, permission management, factory methods, and equality. * Tests validation, immutable permission management, factory methods, and equality.
*/ */
@DisplayName("Role Entity") @DisplayName("Role Entity")
class RoleTest { class RoleTest {
@ -25,21 +25,15 @@ class RoleTest {
void setUp() { void setUp() {
roleId = RoleId.generate(); roleId = RoleId.generate();
roleName = RoleName.ADMIN; roleName = RoleName.ADMIN;
permissions = new HashSet<>(Set.of( permissions = new HashSet<>(Set.of(Permission.USER_READ, Permission.USER_WRITE, Permission.ROLE_READ));
Permission.USER_READ,
Permission.USER_WRITE,
Permission.ROLE_READ
));
description = "Administrator role with full access"; description = "Administrator role with full access";
} }
@Test @Test
@DisplayName("should_CreateRole_When_ValidDataProvided") @DisplayName("should_CreateRole_When_ValidDataProvided")
void should_CreateRole_When_ValidDataProvided() { void should_CreateRole_When_ValidDataProvided() {
// Act
Role role = Role.reconstitute(roleId, roleName, permissions, description); Role role = Role.reconstitute(roleId, roleName, permissions, description);
// Assert
assertThat(role.id()).isEqualTo(roleId); assertThat(role.id()).isEqualTo(roleId);
assertThat(role.name()).isEqualTo(roleName); assertThat(role.name()).isEqualTo(roleName);
assertThat(role.permissions()).contains(Permission.USER_READ, Permission.USER_WRITE); assertThat(role.permissions()).contains(Permission.USER_READ, Permission.USER_WRITE);
@ -49,10 +43,8 @@ class RoleTest {
@Test @Test
@DisplayName("should_ReturnFailure_When_NullRoleNameProvided") @DisplayName("should_ReturnFailure_When_NullRoleNameProvided")
void should_ReturnFailure_When_NullRoleNameProvided() { void should_ReturnFailure_When_NullRoleNameProvided() {
// Act
Result<UserError, Role> result = Role.create(null, permissions, description); Result<UserError, Role> result = Role.create(null, permissions, description);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullRole.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullRole.class);
} }
@ -60,30 +52,24 @@ class RoleTest {
@Test @Test
@DisplayName("should_CreateRoleWithEmptyPermissions_When_NullPermissionsProvided") @DisplayName("should_CreateRoleWithEmptyPermissions_When_NullPermissionsProvided")
void should_CreateRoleWithEmptyPermissions_When_NullPermissionsProvided() { void should_CreateRoleWithEmptyPermissions_When_NullPermissionsProvided() {
// Act
Role role = Role.reconstitute(roleId, roleName, null, description); Role role = Role.reconstitute(roleId, roleName, null, description);
// Assert
assertThat(role.permissions()).isEmpty(); assertThat(role.permissions()).isEmpty();
} }
@Test @Test
@DisplayName("should_CreateRoleWithNullDescription_When_DescriptionNotProvided") @DisplayName("should_CreateRoleWithNullDescription_When_DescriptionNotProvided")
void should_CreateRoleWithNullDescription_When_DescriptionNotProvided() { void should_CreateRoleWithNullDescription_When_DescriptionNotProvided() {
// Act
Role role = Role.reconstitute(roleId, roleName, permissions, null); Role role = Role.reconstitute(roleId, roleName, permissions, null);
// Assert
assertThat(role.description()).isNull(); assertThat(role.description()).isNull();
} }
@Test @Test
@DisplayName("should_CreateRole_When_FactoryMethodCalled") @DisplayName("should_CreateRole_When_FactoryMethodCalled")
void should_CreateRole_When_FactoryMethodCalled() { void should_CreateRole_When_FactoryMethodCalled() {
// Act
Role role = Role.create(roleName, permissions, description).unsafeGetValue(); Role role = Role.create(roleName, permissions, description).unsafeGetValue();
// Assert
assertThat(role.id()).isNotNull(); assertThat(role.id()).isNotNull();
assertThat(role.name()).isEqualTo(roleName); assertThat(role.name()).isEqualTo(roleName);
assertThat(role.permissions()).isEqualTo(permissions); assertThat(role.permissions()).isEqualTo(permissions);
@ -91,135 +77,106 @@ class RoleTest {
} }
@Test @Test
@DisplayName("should_AddPermission_When_ValidPermissionProvided") @DisplayName("should_ReturnNewRoleWithPermission_When_AddPermissionCalled")
void should_AddPermission_When_ValidPermissionProvided() { void should_ReturnNewRoleWithPermission_When_AddPermissionCalled() {
// Arrange
Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description); Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description);
// Act Result<UserError, Role> result = role.addPermission(Permission.USER_DELETE);
Result<UserError, Void> result = role.addPermission(Permission.USER_DELETE);
// Assert
assertThat(result.isSuccess()).isTrue(); assertThat(result.isSuccess()).isTrue();
assertThat(role.permissions()).contains(Permission.USER_DELETE); assertThat(result.unsafeGetValue().permissions()).contains(Permission.USER_DELETE);
assertThat(role.permissions()).doesNotContain(Permission.USER_DELETE); // original unchanged
} }
@Test @Test
@DisplayName("should_ReturnFailure_When_NullPermissionProvidedToAddPermission") @DisplayName("should_ReturnFailure_When_NullPermissionProvidedToAddPermission")
void should_ReturnFailure_When_NullPermissionProvidedToAddPermission() { void should_ReturnFailure_When_NullPermissionProvidedToAddPermission() {
// Arrange
Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description); Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description);
// Act Result<UserError, Role> result = role.addPermission(null);
Result<UserError, Void> result = role.addPermission(null);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullRole.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullPermission.class);
} }
@Test @Test
@DisplayName("should_AddMultiplePermissions_When_MethodCalledRepeatedly") @DisplayName("should_ReturnNewRoleWithMultiplePermissions_When_AddedSequentially")
void should_AddMultiplePermissions_When_MethodCalledRepeatedly() { void should_ReturnNewRoleWithMultiplePermissions_When_AddedSequentially() {
// Arrange
Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description); Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description);
// Act Role updated = role.addPermission(Permission.USER_READ).unsafeGetValue()
role.addPermission(Permission.USER_READ); .addPermission(Permission.USER_WRITE).unsafeGetValue()
role.addPermission(Permission.USER_WRITE); .addPermission(Permission.USER_DELETE).unsafeGetValue();
role.addPermission(Permission.USER_DELETE);
// Assert assertThat(updated.permissions()).hasSize(3);
assertThat(role.permissions()).hasSize(3); assertThat(updated.permissions()).contains(Permission.USER_READ, Permission.USER_WRITE, Permission.USER_DELETE);
assertThat(role.permissions()).contains( assertThat(role.permissions()).isEmpty(); // original unchanged
Permission.USER_READ,
Permission.USER_WRITE,
Permission.USER_DELETE
);
} }
@Test @Test
@DisplayName("should_NotAddDuplicatePermission_When_SamePermissionAddedTwice") @DisplayName("should_NotAddDuplicatePermission_When_SamePermissionAddedTwice")
void should_NotAddDuplicatePermission_When_SamePermissionAddedTwice() { void should_NotAddDuplicatePermission_When_SamePermissionAddedTwice() {
// Arrange
Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description); Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description);
// Act Role updated = role.addPermission(Permission.USER_READ).unsafeGetValue()
role.addPermission(Permission.USER_READ); .addPermission(Permission.USER_READ).unsafeGetValue();
role.addPermission(Permission.USER_READ);
// Assert assertThat(updated.permissions()).hasSize(1);
assertThat(role.permissions()).hasSize(1);
} }
@Test @Test
@DisplayName("should_RemovePermission_When_PermissionProvided") @DisplayName("should_ReturnNewRoleWithoutPermission_When_RemovePermissionCalled")
void should_RemovePermission_When_PermissionProvided() { void should_ReturnNewRoleWithoutPermission_When_RemovePermissionCalled() {
// Arrange Set<Permission> initialPermissions = new HashSet<>(Set.of(Permission.USER_READ, Permission.USER_WRITE));
Set<Permission> initialPermissions = new HashSet<>(Set.of(
Permission.USER_READ,
Permission.USER_WRITE
));
Role role = Role.reconstitute(roleId, roleName, initialPermissions, description); Role role = Role.reconstitute(roleId, roleName, initialPermissions, description);
// Act Result<UserError, Role> result = role.removePermission(Permission.USER_READ);
role.removePermission(Permission.USER_READ);
// Assert assertThat(result.isSuccess()).isTrue();
assertThat(role.permissions()).doesNotContain(Permission.USER_READ); assertThat(result.unsafeGetValue().permissions()).doesNotContain(Permission.USER_READ);
assertThat(role.permissions()).contains(Permission.USER_WRITE); assertThat(result.unsafeGetValue().permissions()).contains(Permission.USER_WRITE);
assertThat(role.permissions()).contains(Permission.USER_READ); // original unchanged
} }
@Test @Test
@DisplayName("should_NotThrowException_When_RemovingNonExistentPermission") @DisplayName("should_ReturnFailure_When_NullPermissionProvidedToRemovePermission")
void should_NotThrowException_When_RemovingNonExistentPermission() { void should_ReturnFailure_When_NullPermissionProvidedToRemovePermission() {
// Arrange
Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description); Role role = Role.reconstitute(roleId, roleName, new HashSet<>(), description);
// Act & Assert Result<UserError, Role> result = role.removePermission(null);
assertThatCode(() -> role.removePermission(Permission.USER_READ))
.doesNotThrowAnyException(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullPermission.class);
} }
@Test @Test
@DisplayName("should_UpdateDescription_When_NewDescriptionProvided") @DisplayName("should_ReturnNewRoleWithDescription_When_UpdateDescriptionCalled")
void should_UpdateDescription_When_NewDescriptionProvided() { void should_ReturnNewRoleWithDescription_When_UpdateDescriptionCalled() {
// Arrange
Role role = Role.reconstitute(roleId, roleName, permissions, description); Role role = Role.reconstitute(roleId, roleName, permissions, description);
String newDescription = "Updated administrator role"; String newDescription = "Updated administrator role";
// Act Result<UserError, Role> result = role.updateDescription(newDescription);
role.updateDescription(newDescription);
// Assert assertThat(result.isSuccess()).isTrue();
assertThat(role.description()).isEqualTo(newDescription); assertThat(result.unsafeGetValue().description()).isEqualTo(newDescription);
assertThat(role.description()).isEqualTo(description); // original unchanged
} }
@Test @Test
@DisplayName("should_SetDescriptionToNull_When_NullDescriptionProvided") @DisplayName("should_SetDescriptionToNull_When_NullDescriptionProvided")
void should_SetDescriptionToNull_When_NullDescriptionProvided() { void should_SetDescriptionToNull_When_NullDescriptionProvided() {
// Arrange
Role role = Role.reconstitute(roleId, roleName, permissions, description); Role role = Role.reconstitute(roleId, roleName, permissions, description);
// Act Role updated = role.updateDescription(null).unsafeGetValue();
role.updateDescription(null);
// Assert assertThat(updated.description()).isNull();
assertThat(role.description()).isNull();
} }
@Test @Test
@DisplayName("should_CheckPermission_When_RoleHasPermission") @DisplayName("should_CheckPermission_When_RoleHasPermission")
void should_CheckPermission_When_RoleHasPermission() { void should_CheckPermission_When_RoleHasPermission() {
// Arrange Role role = Role.reconstitute(roleId, roleName, new HashSet<>(Set.of(Permission.USER_READ, Permission.USER_WRITE)), description);
Role role = Role.reconstitute(
roleId,
roleName,
new HashSet<>(Set.of(Permission.USER_READ, Permission.USER_WRITE)),
description
);
// Act & Assert
assertThat(role.hasPermission(Permission.USER_READ)).isTrue(); assertThat(role.hasPermission(Permission.USER_READ)).isTrue();
assertThat(role.hasPermission(Permission.USER_WRITE)).isTrue(); assertThat(role.hasPermission(Permission.USER_WRITE)).isTrue();
} }
@ -227,26 +184,17 @@ class RoleTest {
@Test @Test
@DisplayName("should_CheckPermission_When_RoleLacksPermission") @DisplayName("should_CheckPermission_When_RoleLacksPermission")
void should_CheckPermission_When_RoleLacksPermission() { void should_CheckPermission_When_RoleLacksPermission() {
// Arrange Role role = Role.reconstitute(roleId, roleName, new HashSet<>(Set.of(Permission.USER_READ)), description);
Role role = Role.reconstitute(
roleId,
roleName,
new HashSet<>(Set.of(Permission.USER_READ)),
description
);
// Act & Assert
assertThat(role.hasPermission(Permission.USER_DELETE)).isFalse(); assertThat(role.hasPermission(Permission.USER_DELETE)).isFalse();
} }
@Test @Test
@DisplayName("should_BeEqualToAnother_When_BothHaveSameId") @DisplayName("should_BeEqualToAnother_When_BothHaveSameId")
void should_BeEqualToAnother_When_BothHaveSameId() { void should_BeEqualToAnother_When_BothHaveSameId() {
// Arrange
Role role1 = Role.reconstitute(roleId, RoleName.ADMIN, permissions, description); Role role1 = Role.reconstitute(roleId, RoleName.ADMIN, permissions, description);
Role role2 = Role.reconstitute(roleId, RoleName.PRODUCTION_MANAGER, new HashSet<>(), "Different role"); Role role2 = Role.reconstitute(roleId, RoleName.PRODUCTION_MANAGER, new HashSet<>(), "Different role");
// Act & Assert
assertThat(role1).isEqualTo(role2); assertThat(role1).isEqualTo(role2);
assertThat(role1.hashCode()).isEqualTo(role2.hashCode()); assertThat(role1.hashCode()).isEqualTo(role2.hashCode());
} }
@ -254,24 +202,19 @@ class RoleTest {
@Test @Test
@DisplayName("should_NotBeEqual_When_DifferentIds") @DisplayName("should_NotBeEqual_When_DifferentIds")
void should_NotBeEqual_When_DifferentIds() { void should_NotBeEqual_When_DifferentIds() {
// Arrange
Role role1 = Role.reconstitute(RoleId.generate(), roleName, permissions, description); Role role1 = Role.reconstitute(RoleId.generate(), roleName, permissions, description);
Role role2 = Role.reconstitute(RoleId.generate(), roleName, permissions, description); Role role2 = Role.reconstitute(RoleId.generate(), roleName, permissions, description);
// Act & Assert
assertThat(role1).isNotEqualTo(role2); assertThat(role1).isNotEqualTo(role2);
} }
@Test @Test
@DisplayName("should_ReturnUnmodifiablePermissionSet_When_PermissionsRetrieved") @DisplayName("should_ReturnUnmodifiablePermissionSet_When_PermissionsRetrieved")
void should_ReturnUnmodifiablePermissionSet_When_PermissionsRetrieved() { void should_ReturnUnmodifiablePermissionSet_When_PermissionsRetrieved() {
// Arrange
Role role = Role.reconstitute(roleId, roleName, permissions, description); Role role = Role.reconstitute(roleId, roleName, permissions, description);
// Act
Set<Permission> retrievedPermissions = role.permissions(); Set<Permission> retrievedPermissions = role.permissions();
// Assert
assertThatThrownBy(() -> retrievedPermissions.add(Permission.USER_DELETE)) assertThatThrownBy(() -> retrievedPermissions.add(Permission.USER_DELETE))
.isInstanceOf(UnsupportedOperationException.class); .isInstanceOf(UnsupportedOperationException.class);
} }
@ -279,49 +222,23 @@ class RoleTest {
@Test @Test
@DisplayName("should_PreserveImmutabilityOfPermissions_When_PermissionsModified") @DisplayName("should_PreserveImmutabilityOfPermissions_When_PermissionsModified")
void should_PreserveImmutabilityOfPermissions_When_PermissionsModified() { void should_PreserveImmutabilityOfPermissions_When_PermissionsModified() {
// Arrange
Set<Permission> initialPermissions = new HashSet<>(Set.of(Permission.USER_READ)); Set<Permission> initialPermissions = new HashSet<>(Set.of(Permission.USER_READ));
Role role = Role.reconstitute(roleId, roleName, initialPermissions, description); Role role = Role.reconstitute(roleId, roleName, initialPermissions, description);
// Act - Modify the original set passed to constructor
initialPermissions.add(Permission.USER_WRITE); initialPermissions.add(Permission.USER_WRITE);
// Assert - Role should not be affected
assertThat(role.permissions()).doesNotContain(Permission.USER_WRITE); assertThat(role.permissions()).doesNotContain(Permission.USER_WRITE);
} }
@Test @Test
@DisplayName("should_SupportMultipleRoleNames_When_DifferentNamesUsed") @DisplayName("should_SupportMultipleRoleNames_When_DifferentNamesUsed")
void should_SupportMultipleRoleNames_When_DifferentNamesUsed() { void should_SupportMultipleRoleNames_When_DifferentNamesUsed() {
// Arrange & Act
Role adminRole = Role.reconstitute(RoleId.generate(), RoleName.ADMIN, permissions, "Admin"); Role adminRole = Role.reconstitute(RoleId.generate(), RoleName.ADMIN, permissions, "Admin");
Role managerRole = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_MANAGER, permissions, "Manager"); Role managerRole = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_MANAGER, permissions, "Manager");
Role workerRole = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, permissions, "Worker"); Role workerRole = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, permissions, "Worker");
// Assert
assertThat(adminRole.name()).isEqualTo(RoleName.ADMIN); assertThat(adminRole.name()).isEqualTo(RoleName.ADMIN);
assertThat(managerRole.name()).isEqualTo(RoleName.PRODUCTION_MANAGER); assertThat(managerRole.name()).isEqualTo(RoleName.PRODUCTION_MANAGER);
assertThat(workerRole.name()).isEqualTo(RoleName.PRODUCTION_WORKER); assertThat(workerRole.name()).isEqualTo(RoleName.PRODUCTION_WORKER);
} }
@Test
@DisplayName("should_AllowDifferentPermissionSets_When_MultipleRolesCreated")
void should_AllowDifferentPermissionSets_When_MultipleRolesCreated() {
// Arrange
Set<Permission> adminPerms = new HashSet<>(Set.of(
Permission.USER_READ, Permission.USER_WRITE, Permission.USER_DELETE
));
Set<Permission> readerPerms = new HashSet<>(Set.of(
Permission.USER_READ
));
// Act
Role adminRole = Role.reconstitute(RoleId.generate(), RoleName.ADMIN, adminPerms, "Admin");
Role readerRole = Role.reconstitute(RoleId.generate(), RoleName.PRODUCTION_WORKER, readerPerms, "Reader");
// Assert
assertThat(adminRole.permissions()).hasSize(3);
assertThat(readerRole.permissions()).hasSize(1);
assertThat(adminRole.permissions()).isNotEqualTo(readerRole.permissions());
}
} }

410
backend/src/test/java/de/effigenix/domain/usermanagement/UserTest.java
View file

@ -14,7 +14,7 @@ import static org.assertj.core.api.Assertions.*;
/** /**
* Unit tests for User Entity. * Unit tests for User Entity.
* Tests validation, business methods, status management, role assignment, and permissions. * Tests validation, immutable business methods, status transitions, role assignment, and permissions.
*/ */
@DisplayName("User Entity") @DisplayName("User Entity")
class UserTest { class UserTest {
@ -41,20 +41,8 @@ class UserTest {
@Test @Test
@DisplayName("should_CreateUser_When_ValidDataProvided") @DisplayName("should_CreateUser_When_ValidDataProvided")
void should_CreateUser_When_ValidDataProvided() { void should_CreateUser_When_ValidDataProvided() {
// Act User user = User.reconstitute(userId, username, email, passwordHash, roles, branchId, UserStatus.ACTIVE, createdAt, null);
User user = User.reconstitute(
userId,
username,
email,
passwordHash,
roles,
branchId,
UserStatus.ACTIVE,
createdAt,
null
);
// Assert
assertThat(user.id()).isEqualTo(userId); assertThat(user.id()).isEqualTo(userId);
assertThat(user.username()).isEqualTo(username); assertThat(user.username()).isEqualTo(username);
assertThat(user.email()).isEqualTo(email); assertThat(user.email()).isEqualTo(email);
@ -68,22 +56,10 @@ class UserTest {
@Test @Test
@DisplayName("should_SetDefaultCreatedAtToNow_When_NullProvidedForCreatedAt") @DisplayName("should_SetDefaultCreatedAtToNow_When_NullProvidedForCreatedAt")
void should_SetDefaultCreatedAtToNow_When_NullProvidedForCreatedAt() { void should_SetDefaultCreatedAtToNow_When_NullProvidedForCreatedAt() {
// Act
LocalDateTime before = LocalDateTime.now(); LocalDateTime before = LocalDateTime.now();
User user = User.reconstitute( User user = User.reconstitute(userId, username, email, passwordHash, roles, branchId, UserStatus.ACTIVE, null, null);
userId,
username,
email,
passwordHash,
roles,
branchId,
UserStatus.ACTIVE,
null,
null
);
LocalDateTime after = LocalDateTime.now(); LocalDateTime after = LocalDateTime.now();
// Assert
assertThat(user.createdAt()).isNotNull(); assertThat(user.createdAt()).isNotNull();
assertThat(user.createdAt()).isBetween(before, after); assertThat(user.createdAt()).isBetween(before, after);
} }
@ -91,10 +67,8 @@ class UserTest {
@Test @Test
@DisplayName("should_ReturnFailure_When_NullUsernameProvided") @DisplayName("should_ReturnFailure_When_NullUsernameProvided")
void should_ReturnFailure_When_NullUsernameProvided() { void should_ReturnFailure_When_NullUsernameProvided() {
// Act
Result<UserError, User> result = User.create(null, email, passwordHash, roles, branchId); Result<UserError, User> result = User.create(null, email, passwordHash, roles, branchId);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidUsername.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidUsername.class);
} }
@ -102,10 +76,8 @@ class UserTest {
@Test @Test
@DisplayName("should_ReturnFailure_When_EmptyUsernameProvided") @DisplayName("should_ReturnFailure_When_EmptyUsernameProvided")
void should_ReturnFailure_When_EmptyUsernameProvided() { void should_ReturnFailure_When_EmptyUsernameProvided() {
// Act
Result<UserError, User> result = User.create("", email, passwordHash, roles, branchId); Result<UserError, User> result = User.create("", email, passwordHash, roles, branchId);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidUsername.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidUsername.class);
} }
@ -113,10 +85,8 @@ class UserTest {
@Test @Test
@DisplayName("should_ReturnFailure_When_InvalidEmailProvided") @DisplayName("should_ReturnFailure_When_InvalidEmailProvided")
void should_ReturnFailure_When_InvalidEmailProvided() { void should_ReturnFailure_When_InvalidEmailProvided() {
// Act
Result<UserError, User> result = User.create(username, "invalid-email", passwordHash, roles, branchId); Result<UserError, User> result = User.create(username, "invalid-email", passwordHash, roles, branchId);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidEmail.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidEmail.class);
} }
@ -125,10 +95,8 @@ class UserTest {
@ValueSource(strings = {"", " ", "notanemail"}) @ValueSource(strings = {"", " ", "notanemail"})
@DisplayName("should_ReturnFailure_When_InvalidEmailFormatsProvided") @DisplayName("should_ReturnFailure_When_InvalidEmailFormatsProvided")
void should_ReturnFailure_When_InvalidEmailFormatsProvided(String invalidEmail) { void should_ReturnFailure_When_InvalidEmailFormatsProvided(String invalidEmail) {
// Act
Result<UserError, User> result = User.create(username, invalidEmail, passwordHash, roles, branchId); Result<UserError, User> result = User.create(username, invalidEmail, passwordHash, roles, branchId);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidEmail.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidEmail.class);
} }
@ -136,10 +104,8 @@ class UserTest {
@Test @Test
@DisplayName("should_ReturnFailure_When_NullPasswordHashProvided") @DisplayName("should_ReturnFailure_When_NullPasswordHashProvided")
void should_ReturnFailure_When_NullPasswordHashProvided() { void should_ReturnFailure_When_NullPasswordHashProvided() {
// Act
Result<UserError, User> result = User.create(username, email, null, roles, branchId); Result<UserError, User> result = User.create(username, email, null, roles, branchId);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullPasswordHash.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullPasswordHash.class);
} }
@ -147,16 +113,8 @@ class UserTest {
@Test @Test
@DisplayName("should_CreateUser_When_FactoryMethodCalled") @DisplayName("should_CreateUser_When_FactoryMethodCalled")
void should_CreateUser_When_FactoryMethodCalled() { void should_CreateUser_When_FactoryMethodCalled() {
// Act User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
User user = User.create(
username,
email,
passwordHash,
roles,
branchId
).unsafeGetValue();
// Assert
assertThat(user.username()).isEqualTo(username); assertThat(user.username()).isEqualTo(username);
assertThat(user.email()).isEqualTo(email); assertThat(user.email()).isEqualTo(email);
assertThat(user.passwordHash()).isEqualTo(passwordHash); assertThat(user.passwordHash()).isEqualTo(passwordHash);
@ -168,137 +126,181 @@ class UserTest {
} }
@Test @Test
@DisplayName("should_UpdateLastLogin_When_MethodCalled") @DisplayName("should_ReturnNewUserWithLastLogin_When_WithLastLoginCalled")
void should_UpdateLastLogin_When_MethodCalled() { void should_ReturnNewUserWithLastLogin_When_WithLastLoginCalled() {
// Arrange
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
LocalDateTime now = LocalDateTime.now(); LocalDateTime now = LocalDateTime.now();
// Act User updated = user.withLastLogin(now).unsafeGetValue();
user.updateLastLogin(now);
// Assert assertThat(updated.lastLogin()).isEqualTo(now);
assertThat(user.lastLogin()).isEqualTo(now); assertThat(user.lastLogin()).isNull(); // original unchanged
assertThat(updated.id()).isEqualTo(user.id());
} }
@Test @Test
@DisplayName("should_ChangePassword_When_NewHashProvided") @DisplayName("should_ReturnNewUserWithPassword_When_ChangePasswordCalled")
void should_ChangePassword_When_NewHashProvided() { void should_ReturnNewUserWithPassword_When_ChangePasswordCalled() {
// Arrange
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
PasswordHash newHash = new PasswordHash("$2b$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW"); PasswordHash newHash = new PasswordHash("$2b$12$R9h/cIPz0gi.URNN3kh2OPST9EBwVeL00lzQRYe3z08MZx3e8YCWW");
// Act Result<UserError, User> result = user.changePassword(newHash);
Result<UserError, Void> result = user.changePassword(newHash);
// Assert
assertThat(result.isSuccess()).isTrue(); assertThat(result.isSuccess()).isTrue();
assertThat(user.passwordHash()).isEqualTo(newHash); assertThat(result.unsafeGetValue().passwordHash()).isEqualTo(newHash);
assertThat(user.passwordHash()).isNotEqualTo(passwordHash); assertThat(user.passwordHash()).isEqualTo(passwordHash); // original unchanged
} }
@Test @Test
@DisplayName("should_ReturnFailure_When_NullPasswordHashProvidedToChangePassword") @DisplayName("should_ReturnFailure_When_NullPasswordHashProvidedToChangePassword")
void should_ReturnFailure_When_NullPasswordHashProvidedToChangePassword() { void should_ReturnFailure_When_NullPasswordHashProvidedToChangePassword() {
// Arrange
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
// Act Result<UserError, User> result = user.changePassword(null);
Result<UserError, Void> result = user.changePassword(null);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullPasswordHash.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullPasswordHash.class);
} }
// ==================== Status Transition Tests ====================
@Test @Test
@DisplayName("should_LockUser_When_LockMethodCalled") @DisplayName("should_LockUser_When_StatusIsActive")
void should_LockUser_When_LockMethodCalled() { void should_LockUser_When_StatusIsActive() {
// Arrange
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
assertThat(user.status()).isEqualTo(UserStatus.ACTIVE);
// Act Result<UserError, User> result = user.lock();
user.lock();
// Assert assertThat(result.isSuccess()).isTrue();
assertThat(user.status()).isEqualTo(UserStatus.LOCKED); assertThat(result.unsafeGetValue().status()).isEqualTo(UserStatus.LOCKED);
assertThat(user.isLocked()).isTrue(); assertThat(result.unsafeGetValue().isLocked()).isTrue();
assertThat(user.isActive()).isFalse(); assertThat(user.status()).isEqualTo(UserStatus.ACTIVE); // original unchanged
} }
@Test @Test
@DisplayName("should_UnlockUser_When_UnlockMethodCalled") @DisplayName("should_FailLock_When_StatusIsLocked")
void should_UnlockUser_When_UnlockMethodCalled() { void should_FailLock_When_StatusIsLocked() {
// Arrange User user = User.reconstitute(userId, username, email, passwordHash, roles, branchId, UserStatus.LOCKED, createdAt, null);
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
user.lock();
assertThat(user.status()).isEqualTo(UserStatus.LOCKED);
// Act Result<UserError, User> result = user.lock();
user.unlock();
// Assert assertThat(result.isFailure()).isTrue();
assertThat(user.status()).isEqualTo(UserStatus.ACTIVE); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidStatusTransition.class);
assertThat(user.isActive()).isTrue();
assertThat(user.isLocked()).isFalse();
} }
@Test @Test
@DisplayName("should_DeactivateUser_When_DeactivateMethodCalled") @DisplayName("should_FailLock_When_StatusIsInactive")
void should_DeactivateUser_When_DeactivateMethodCalled() { void should_FailLock_When_StatusIsInactive() {
// Arrange User user = User.reconstitute(userId, username, email, passwordHash, roles, branchId, UserStatus.INACTIVE, createdAt, null);
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
// Act Result<UserError, User> result = user.lock();
user.deactivate();
// Assert assertThat(result.isFailure()).isTrue();
assertThat(user.status()).isEqualTo(UserStatus.INACTIVE); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidStatusTransition.class);
assertThat(user.isActive()).isFalse();
} }
@Test @Test
@DisplayName("should_ActivateUser_When_ActivateMethodCalled") @DisplayName("should_UnlockUser_When_StatusIsLocked")
void should_ActivateUser_When_ActivateMethodCalled() { void should_UnlockUser_When_StatusIsLocked() {
// Arrange
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
user.deactivate(); User locked = user.lock().unsafeGetValue();
assertThat(user.status()).isEqualTo(UserStatus.INACTIVE);
// Act Result<UserError, User> result = locked.unlock();
user.activate();
// Assert assertThat(result.isSuccess()).isTrue();
assertThat(user.status()).isEqualTo(UserStatus.ACTIVE); assertThat(result.unsafeGetValue().status()).isEqualTo(UserStatus.ACTIVE);
assertThat(user.isActive()).isTrue(); assertThat(result.unsafeGetValue().isActive()).isTrue();
} }
@Test
@DisplayName("should_FailUnlock_When_StatusIsActive")
void should_FailUnlock_When_StatusIsActive() {
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
Result<UserError, User> result = user.unlock();
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidStatusTransition.class);
}
@Test
@DisplayName("should_DeactivateUser_When_StatusIsActive")
void should_DeactivateUser_When_StatusIsActive() {
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
Result<UserError, User> result = user.deactivate();
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().status()).isEqualTo(UserStatus.INACTIVE);
}
@Test
@DisplayName("should_DeactivateUser_When_StatusIsLocked")
void should_DeactivateUser_When_StatusIsLocked() {
User user = User.reconstitute(userId, username, email, passwordHash, roles, branchId, UserStatus.LOCKED, createdAt, null);
Result<UserError, User> result = user.deactivate();
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().status()).isEqualTo(UserStatus.INACTIVE);
}
@Test
@DisplayName("should_FailDeactivate_When_StatusIsInactive")
void should_FailDeactivate_When_StatusIsInactive() {
User user = User.reconstitute(userId, username, email, passwordHash, roles, branchId, UserStatus.INACTIVE, createdAt, null);
Result<UserError, User> result = user.deactivate();
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidStatusTransition.class);
}
@Test
@DisplayName("should_ActivateUser_When_StatusIsInactive")
void should_ActivateUser_When_StatusIsInactive() {
User user = User.reconstitute(userId, username, email, passwordHash, roles, branchId, UserStatus.INACTIVE, createdAt, null);
Result<UserError, User> result = user.activate();
assertThat(result.isSuccess()).isTrue();
assertThat(result.unsafeGetValue().status()).isEqualTo(UserStatus.ACTIVE);
assertThat(result.unsafeGetValue().isActive()).isTrue();
}
@Test
@DisplayName("should_FailActivate_When_StatusIsActive")
void should_FailActivate_When_StatusIsActive() {
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
Result<UserError, User> result = user.activate();
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidStatusTransition.class);
}
// ==================== Role Tests ====================
@Test @Test
@DisplayName("should_AssignRole_When_RoleProvided") @DisplayName("should_AssignRole_When_RoleProvided")
void should_AssignRole_When_RoleProvided() { void should_AssignRole_When_RoleProvided() {
// Arrange
User user = User.create(username, email, passwordHash, new HashSet<>(), branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, new HashSet<>(), branchId).unsafeGetValue();
Role role = createTestRole("ADMIN"); Role role = createTestRole("ADMIN");
// Act Result<UserError, User> result = user.assignRole(role);
Result<UserError, Void> result = user.assignRole(role);
// Assert
assertThat(result.isSuccess()).isTrue(); assertThat(result.isSuccess()).isTrue();
assertThat(user.roles()).contains(role); assertThat(result.unsafeGetValue().roles()).contains(role);
assertThat(user.roles()).doesNotContain(role); // original unchanged
} }
@Test @Test
@DisplayName("should_ReturnFailure_When_NullRoleProvidedToAssignRole") @DisplayName("should_ReturnFailure_When_NullRoleProvidedToAssignRole")
void should_ReturnFailure_When_NullRoleProvidedToAssignRole() { void should_ReturnFailure_When_NullRoleProvidedToAssignRole() {
// Arrange
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
// Act Result<UserError, User> result = user.assignRole(null);
Result<UserError, Void> result = user.assignRole(null);
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullRole.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullRole.class);
} }
@ -306,43 +308,49 @@ class UserTest {
@Test @Test
@DisplayName("should_RemoveRole_When_RoleProvided") @DisplayName("should_RemoveRole_When_RoleProvided")
void should_RemoveRole_When_RoleProvided() { void should_RemoveRole_When_RoleProvided() {
// Arrange
Role role = createTestRole("ADMIN"); Role role = createTestRole("ADMIN");
User user = User.create(username, email, passwordHash, new HashSet<>(Set.of(role)), branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, new HashSet<>(Set.of(role)), branchId).unsafeGetValue();
assertThat(user.roles()).contains(role);
// Act Result<UserError, User> result = user.removeRole(role);
user.removeRole(role);
// Assert assertThat(result.isSuccess()).isTrue();
assertThat(user.roles()).doesNotContain(role); assertThat(result.unsafeGetValue().roles()).doesNotContain(role);
assertThat(user.roles()).contains(role); // original unchanged
} }
@Test
@DisplayName("should_ReturnFailure_When_NullRoleProvidedToRemoveRole")
void should_ReturnFailure_When_NullRoleProvidedToRemoveRole() {
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
Result<UserError, User> result = user.removeRole(null);
assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.NullRole.class);
}
// ==================== Email & Branch Tests ====================
@Test @Test
@DisplayName("should_UpdateEmail_When_ValidEmailProvided") @DisplayName("should_UpdateEmail_When_ValidEmailProvided")
void should_UpdateEmail_When_ValidEmailProvided() { void should_UpdateEmail_When_ValidEmailProvided() {
// Arrange
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
String newEmail = "newemail@example.com"; String newEmail = "newemail@example.com";
// Act Result<UserError, User> result = user.updateEmail(newEmail);
Result<UserError, Void> result = user.updateEmail(newEmail);
// Assert
assertThat(result.isSuccess()).isTrue(); assertThat(result.isSuccess()).isTrue();
assertThat(user.email()).isEqualTo(newEmail); assertThat(result.unsafeGetValue().email()).isEqualTo(newEmail);
assertThat(user.email()).isEqualTo(email); // original unchanged
} }
@Test @Test
@DisplayName("should_ReturnFailure_When_InvalidEmailProvidedToUpdateEmail") @DisplayName("should_ReturnFailure_When_InvalidEmailProvidedToUpdateEmail")
void should_ReturnFailure_When_InvalidEmailProvidedToUpdateEmail() { void should_ReturnFailure_When_InvalidEmailProvidedToUpdateEmail() {
// Arrange
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
// Act Result<UserError, User> result = user.updateEmail("invalid-email");
Result<UserError, Void> result = user.updateEmail("invalid-email");
// Assert
assertThat(result.isFailure()).isTrue(); assertThat(result.isFailure()).isTrue();
assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidEmail.class); assertThat(result.unsafeGetError()).isInstanceOf(UserError.InvalidEmail.class);
} }
@ -350,71 +358,46 @@ class UserTest {
@Test @Test
@DisplayName("should_UpdateBranch_When_BranchIdProvided") @DisplayName("should_UpdateBranch_When_BranchIdProvided")
void should_UpdateBranch_When_BranchIdProvided() { void should_UpdateBranch_When_BranchIdProvided() {
// Arrange
User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
String newBranchId = "branch-2"; String newBranchId = "branch-2";
// Act Result<UserError, User> result = user.updateBranch(newBranchId);
user.updateBranch(newBranchId);
// Assert assertThat(result.isSuccess()).isTrue();
assertThat(user.branchId()).isEqualTo(newBranchId); assertThat(result.unsafeGetValue().branchId()).isEqualTo(newBranchId);
assertThat(user.branchId()).isEqualTo(branchId); // original unchanged
} }
// ==================== Permission Tests ====================
@Test @Test
@DisplayName("should_ReturnAllPermissions_When_GetAllPermissionsMethodCalled") @DisplayName("should_ReturnAllPermissions_When_GetAllPermissionsMethodCalled")
void should_ReturnAllPermissions_When_GetAllPermissionsMethodCalled() { void should_ReturnAllPermissions_When_GetAllPermissionsMethodCalled() {
// Arrange
Set<Permission> role1Perms = Set.of(Permission.USER_READ, Permission.USER_WRITE); Set<Permission> role1Perms = Set.of(Permission.USER_READ, Permission.USER_WRITE);
Set<Permission> role2Perms = Set.of(Permission.ROLE_READ, Permission.ROLE_WRITE); Set<Permission> role2Perms = Set.of(Permission.ROLE_READ, Permission.ROLE_WRITE);
Role role1 = createRoleWithPermissions("ADMIN", role1Perms); Role role1 = createRoleWithPermissions("ADMIN", role1Perms);
Role role2 = createRoleWithPermissions("PRODUCTION_MANAGER", role2Perms); Role role2 = createRoleWithPermissions("PRODUCTION_MANAGER", role2Perms);
User user = User.create( User user = User.create(username, email, passwordHash, new HashSet<>(Set.of(role1, role2)), branchId).unsafeGetValue();
username,
email,
passwordHash,
new HashSet<>(Set.of(role1, role2)),
branchId
).unsafeGetValue();
// Act
Set<Permission> allPermissions = user.getAllPermissions(); Set<Permission> allPermissions = user.getAllPermissions();
// Assert assertThat(allPermissions).contains(Permission.USER_READ, Permission.USER_WRITE, Permission.ROLE_READ, Permission.ROLE_WRITE);
assertThat(allPermissions).contains(Permission.USER_READ, Permission.USER_WRITE,
Permission.ROLE_READ, Permission.ROLE_WRITE);
} }
@Test @Test
@DisplayName("should_ReturnEmptyPermissions_When_UserHasNoRoles") @DisplayName("should_ReturnEmptyPermissions_When_UserHasNoRoles")
void should_ReturnEmptyPermissions_When_UserHasNoRoles() { void should_ReturnEmptyPermissions_When_UserHasNoRoles() {
// Arrange
User user = User.create(username, email, passwordHash, new HashSet<>(), branchId).unsafeGetValue(); User user = User.create(username, email, passwordHash, new HashSet<>(), branchId).unsafeGetValue();
// Act assertThat(user.getAllPermissions()).isEmpty();
Set<Permission> permissions = user.getAllPermissions();
// Assert
assertThat(permissions).isEmpty();
} }
@Test @Test
@DisplayName("should_CheckPermission_When_UserHasPermission") @DisplayName("should_CheckPermission_When_UserHasPermission")
void should_CheckPermission_When_UserHasPermission() { void should_CheckPermission_When_UserHasPermission() {
// Arrange Role role = createRoleWithPermissions("ADMIN", Set.of(Permission.USER_READ, Permission.USER_WRITE));
Role role = createRoleWithPermissions( User user = User.create(username, email, passwordHash, new HashSet<>(Set.of(role)), branchId).unsafeGetValue();
"ADMIN",
Set.of(Permission.USER_READ, Permission.USER_WRITE)
);
User user = User.create(
username,
email,
passwordHash,
new HashSet<>(Set.of(role)),
branchId
).unsafeGetValue();
// Act & Assert
assertThat(user.hasPermission(Permission.USER_READ)).isTrue(); assertThat(user.hasPermission(Permission.USER_READ)).isTrue();
assertThat(user.hasPermission(Permission.USER_WRITE)).isTrue(); assertThat(user.hasPermission(Permission.USER_WRITE)).isTrue();
} }
@ -422,51 +405,20 @@ class UserTest {
@Test @Test
@DisplayName("should_CheckPermission_When_UserLacksPermission") @DisplayName("should_CheckPermission_When_UserLacksPermission")
void should_CheckPermission_When_UserLacksPermission() { void should_CheckPermission_When_UserLacksPermission() {
// Arrange Role role = createRoleWithPermissions("PRODUCTION_WORKER", Set.of(Permission.USER_READ));
Role role = createRoleWithPermissions( User user = User.create(username, email, passwordHash, new HashSet<>(Set.of(role)), branchId).unsafeGetValue();
"PRODUCTION_WORKER",
Set.of(Permission.USER_READ)
);
User user = User.create(
username,
email,
passwordHash,
new HashSet<>(Set.of(role)),
branchId
).unsafeGetValue();
// Act & Assert
assertThat(user.hasPermission(Permission.USER_DELETE)).isFalse(); assertThat(user.hasPermission(Permission.USER_DELETE)).isFalse();
} }
// ==================== Equality Tests ====================
@Test @Test
@DisplayName("should_BeEqualToAnother_When_BothHaveSameId") @DisplayName("should_BeEqualToAnother_When_BothHaveSameId")
void should_BeEqualToAnother_When_BothHaveSameId() { void should_BeEqualToAnother_When_BothHaveSameId() {
// Arrange User user1 = User.reconstitute(userId, username, email, passwordHash, roles, branchId, UserStatus.ACTIVE, createdAt, null);
User user1 = User.reconstitute( User user2 = User.reconstitute(userId, "different_username", "different@example.com", passwordHash, roles, "different-branch", UserStatus.INACTIVE, createdAt, null);
userId,
username,
email,
passwordHash,
roles,
branchId,
UserStatus.ACTIVE,
createdAt,
null
);
User user2 = User.reconstitute(
userId,
"different_username",
"different@example.com",
passwordHash,
roles,
"different-branch",
UserStatus.INACTIVE,
createdAt,
null
);
// Act & Assert
assertThat(user1).isEqualTo(user2); assertThat(user1).isEqualTo(user2);
assertThat(user1.hashCode()).isEqualTo(user2.hashCode()); assertThat(user1.hashCode()).isEqualTo(user2.hashCode());
} }
@ -474,31 +426,20 @@ class UserTest {
@Test @Test
@DisplayName("should_NotBeEqual_When_DifferentIds") @DisplayName("should_NotBeEqual_When_DifferentIds")
void should_NotBeEqual_When_DifferentIds() { void should_NotBeEqual_When_DifferentIds() {
// Arrange
User user1 = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user1 = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
User user2 = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue(); User user2 = User.create(username, email, passwordHash, roles, branchId).unsafeGetValue();
// Act & Assert
assertThat(user1).isNotEqualTo(user2); assertThat(user1).isNotEqualTo(user2);
} }
@Test @Test
@DisplayName("should_ReturnUnmodifiableRoleSet_When_RolesRetrieved") @DisplayName("should_ReturnUnmodifiableRoleSet_When_RolesRetrieved")
void should_ReturnUnmodifiableRoleSet_When_RolesRetrieved() { void should_ReturnUnmodifiableRoleSet_When_RolesRetrieved() {
// Arrange
Role role = createTestRole("ADMIN"); Role role = createTestRole("ADMIN");
User user = User.create( User user = User.create(username, email, passwordHash, new HashSet<>(Set.of(role)), branchId).unsafeGetValue();
username,
email,
passwordHash,
new HashSet<>(Set.of(role)),
branchId
).unsafeGetValue();
// Act
Set<Role> retrievedRoles = user.roles(); Set<Role> retrievedRoles = user.roles();
// Assert
assertThatThrownBy(() -> retrievedRoles.add(createTestRole("PRODUCTION_MANAGER"))) assertThatThrownBy(() -> retrievedRoles.add(createTestRole("PRODUCTION_MANAGER")))
.isInstanceOf(UnsupportedOperationException.class); .isInstanceOf(UnsupportedOperationException.class);
} }
@ -506,20 +447,11 @@ class UserTest {
@Test @Test
@DisplayName("should_ReturnUnmodifiablePermissionSet_When_PermissionsRetrieved") @DisplayName("should_ReturnUnmodifiablePermissionSet_When_PermissionsRetrieved")
void should_ReturnUnmodifiablePermissionSet_When_PermissionsRetrieved() { void should_ReturnUnmodifiablePermissionSet_When_PermissionsRetrieved() {
// Arrange
Role role = createRoleWithPermissions("ADMIN", Set.of(Permission.USER_READ)); Role role = createRoleWithPermissions("ADMIN", Set.of(Permission.USER_READ));
User user = User.create( User user = User.create(username, email, passwordHash, new HashSet<>(Set.of(role)), branchId).unsafeGetValue();
username,
email,
passwordHash,
new HashSet<>(Set.of(role)),
branchId
).unsafeGetValue();
// Act
Set<Permission> permissions = user.getAllPermissions(); Set<Permission> permissions = user.getAllPermissions();
// Assert
assertThatThrownBy(() -> permissions.add(Permission.USER_WRITE)) assertThatThrownBy(() -> permissions.add(Permission.USER_WRITE))
.isInstanceOf(UnsupportedOperationException.class); .isInstanceOf(UnsupportedOperationException.class);
} }
@ -527,40 +459,18 @@ class UserTest {
@Test @Test
@DisplayName("should_PreserveNullRolesAsEmptySet_When_NullRolesProvided") @DisplayName("should_PreserveNullRolesAsEmptySet_When_NullRolesProvided")
void should_PreserveNullRolesAsEmptySet_When_NullRolesProvided() { void should_PreserveNullRolesAsEmptySet_When_NullRolesProvided() {
// Act User user = User.reconstitute(userId, username, email, passwordHash, null, branchId, UserStatus.ACTIVE, createdAt, null);
User user = User.reconstitute(
userId,
username,
email,
passwordHash,
null,
branchId,
UserStatus.ACTIVE,
createdAt,
null
);
// Assert
assertThat(user.roles()).isEmpty(); assertThat(user.roles()).isEmpty();
} }
// ==================== Helper Methods ==================== // ==================== Helper Methods ====================
private Role createTestRole(String roleName) { private Role createTestRole(String roleName) {
return Role.reconstitute( return Role.reconstitute(RoleId.generate(), RoleName.valueOf(roleName), new HashSet<>(), "Test role: " + roleName);
RoleId.generate(),
RoleName.valueOf(roleName),
new HashSet<>(),
"Test role: " + roleName
);
} }
private Role createRoleWithPermissions(String roleName, Set<Permission> permissions) { private Role createRoleWithPermissions(String roleName, Set<Permission> permissions) {
return Role.reconstitute( return Role.reconstitute(RoleId.generate(), RoleName.valueOf(roleName), new HashSet<>(permissions), "Test role: " + roleName);
RoleId.generate(),
RoleName.valueOf(roleName),
new HashSet<>(permissions),
"Test role: " + roleName
);
} }
} }

5
backend/src/test/java/de/effigenix/infrastructure/usermanagement/web/UserControllerIntegrationTest.java
View file

@ -564,7 +564,7 @@ class UserControllerIntegrationTest {
} }
@Test @Test
@DisplayName("Change password for non-existent user should return 404 Not Found") @DisplayName("Change password for non-existent user should return 403 when not self-service")
void testChangePasswordForNonExistentUser() throws Exception { void testChangePasswordForNonExistentUser() throws Exception {
String nonExistentId = UUID.randomUUID().toString(); String nonExistentId = UUID.randomUUID().toString();
ChangePasswordRequest request = new ChangePasswordRequest( ChangePasswordRequest request = new ChangePasswordRequest(
@ -572,11 +572,12 @@ class UserControllerIntegrationTest {
"NewSecurePass456!" "NewSecurePass456!"
); );
// Regular user has no PASSWORD_CHANGE permission for other users 403 before user lookup
mockMvc.perform(put("/api/users/{id}/password", nonExistentId) mockMvc.perform(put("/api/users/{id}/password", nonExistentId)
.header("Authorization", "Bearer " + regularUserToken) .header("Authorization", "Bearer " + regularUserToken)
.contentType(MediaType.APPLICATION_JSON) .contentType(MediaType.APPLICATION_JSON)
.content(objectMapper.writeValueAsString(request))) .content(objectMapper.writeValueAsString(request)))
.andExpect(status().isNotFound()) .andExpect(status().isForbidden())
.andReturn(); .andReturn();
} }