Merge pull request #657 from Onlineberatung/OB-5178-set-groupchat-rol…

…e-based-on-flag

fix: add role removal logic if gropchat flag is deselected

src/main/java/de/caritas/cob/userservice/api/adapters/keycloak/KeycloakService.java

@@ -486,6 +486,35 @@ public void updateRole(final String userId, final UserRole role) {
     this.updateRole(userId, role.getValue());
   }
 
+  @Override
+  public void removeRoleIfPresent(final String userId, final String roleName) {
+    // Get realm and user resources
+    var realmResource = keycloakClient.getRealmResource();
+    UsersResource userRessource = realmResource.users();
+    UserResource user = userRessource.get(userId);
+    // Remove role
+    var optionalRole = findRole(user, roleName);
+    if (optionalRole.isPresent()) {
+      RoleRepresentation roleRepresentation =
+          realmResource.roles().get(optionalRole.get()).toRepresentation();
+      if (roleRepresentation != null) {
+        user.roles().realmLevel().remove(Collections.singletonList(roleRepresentation));
+      }
+    }
+  }
+
+  Optional<String> findRole(UserResource user, String roleName) {
+
+    List<RoleRepresentation> userRoles = user.roles().realmLevel().listAll();
+    if (userRoles != null) {
+      return userRoles.stream()
+          .filter(role -> role.getName() != null && role.getName().equals(roleName))
+          .map(RoleRepresentation::getName)
+          .findFirst();
+    }
+    return Optional.empty();
+  }
+
   /**
    * Assigns the role with the given name to the given user ID.
    *

src/main/java/de/caritas/cob/userservice/api/admin/service/consultant/update/ConsultantUpdateService.java

@@ -67,6 +67,11 @@ public Consultant updateConsultant(
         && updateConsultantDTO.getIsGroupchatConsultant()) {
       identityClient.updateRole(consultant.getId(), GROUP_CHAT_CONSULTANT.getValue());
     }
+    if ((updateConsultantDTO.getIsGroupchatConsultant() != null
+            && !updateConsultantDTO.getIsGroupchatConsultant())
+        || isNull(updateConsultantDTO.getIsGroupchatConsultant())) {
+      identityClient.removeRoleIfPresent(consultant.getId(), GROUP_CHAT_CONSULTANT.getValue());
+    }
 
     this.rocketChatService.updateUser(
         buildUserUpdateRequestDTO(consultant.getRocketChatId(), updateConsultantDTO));

src/main/java/de/caritas/cob/userservice/api/port/out/IdentityClient.java

@@ -51,6 +51,8 @@ KeycloakCreateUserResponseDTO createKeycloakUser(
 
   void updateRole(final String userId, final UserRole role);
 
+  void removeRoleIfPresent(final String userId, final String roleName);
+
   void updateRole(final String userId, final String roleName);
 
   void updatePassword(final String userId, final String password);

src/test/java/de/caritas/cob/userservice/api/adapters/keycloak/KeycloakServiceTest.java

@@ -573,6 +573,39 @@ public void updateRole_Should_updateRole_When_roleUpdateIsValid() {
     verify(roleScopeResource, times(1)).add(any());
   }
 
+  @Test
+  public void removeRole_Should_removeRole_When_rolePresent() {
+    String validRole = "role";
+
+    UserResource userResource = mock(UserResource.class);
+    UsersResource usersResource = mock(UsersResource.class);
+    when(usersResource.get(anyString())).thenReturn(userResource);
+    RoleScopeResource roleScopeResource = mock(RoleScopeResource.class);
+    RoleRepresentation keycloakRoleMock = mock(RoleRepresentation.class);
+    when(keycloakRoleMock.getName()).thenReturn(validRole);
+    when(roleScopeResource.listAll()).thenReturn(singletonList(keycloakRoleMock));
+    when(roleScopeResource.listAll()).thenReturn(singletonList(keycloakRoleMock));
+    RoleMappingResource roleMappingResource = mock(RoleMappingResource.class);
+    when(roleMappingResource.realmLevel()).thenReturn(roleScopeResource);
+    when(userResource.roles()).thenReturn(roleMappingResource);
+
+    RoleRepresentation roleRepresentation = new EasyRandom().nextObject(RoleRepresentation.class);
+    roleRepresentation.setName("role");
+    RoleResource roleResource = mock(RoleResource.class);
+    when(roleResource.toRepresentation()).thenReturn(roleRepresentation);
+    RolesResource rolesResource = mock(RolesResource.class);
+    when(rolesResource.get(any())).thenReturn(roleResource);
+
+    RealmResource realmResource = mock(RealmResource.class);
+    when(realmResource.users()).thenReturn(usersResource);
+    when(realmResource.roles()).thenReturn(rolesResource);
+    when(keycloakClient.getRealmResource()).thenReturn(realmResource);
+
+    this.keycloakService.removeRoleIfPresent("user", validRole);
+
+    verify(roleScopeResource, times(1)).remove(any());
+  }
+
   @Test
   public void updateRole_Should_updateUserWithProvidedRole() {
     UserRole validRole = UserRole.USER;

src/test/java/de/caritas/cob/userservice/api/admin/service/consultant/update/ConsultantUpdateServiceTest.java

@@ -95,4 +95,28 @@ public void updateConsultant_Should_callServicesCorrectly_When_givenConsultantDa
     verify(this.consultantService, times(1)).saveConsultant(any());
     verify(this.appointmentService, times(1)).syncConsultantData(any());
   }
+
+  @Test
+  public void
+      updateConsultant_Should_callServicesCorrectly_And_RemoveGroupChatConsultantRole_When_givenConsultantDataIsValidAndGroupChatFlagIsGiven() {
+    Consultant consultant = new EasyRandom().nextObject(Consultant.class);
+    when(this.consultantService.getConsultant(any())).thenReturn(Optional.of(consultant));
+    UpdateAdminConsultantDTO updateConsultant =
+        new EasyRandom().nextObject(UpdateAdminConsultantDTO.class);
+    updateConsultant.setIsGroupchatConsultant(false);
+
+    this.consultantUpdateService.updateConsultant("", updateConsultant);
+
+    verify(this.keycloakService)
+        .removeRoleIfPresent(consultant.getId(), UserRole.GROUP_CHAT_CONSULTANT.getValue());
+
+    verify(this.keycloakService, times(1))
+        .updateUserData(
+            eq(consultant.getId()),
+            any(UserDTO.class),
+            eq(updateConsultant.getFirstname()),
+            eq(updateConsultant.getLastname()));
+    verify(this.consultantService, times(1)).saveConsultant(any());
+    verify(this.appointmentService, times(1)).syncConsultantData(any());
+  }
 }

src/test/java/de/caritas/cob/userservice/api/testConfig/KeycloakTestConfig.java

@@ -112,6 +112,9 @@ public void updateRole(String userId, UserRole role) {}
       @Override
       public void updateRole(String userId, String roleName) {}
 
+      @Override
+      public void removeRoleIfPresent(String userId, String roleName) {}
+
       @Override
       public void updatePassword(String userId, String password) {}