Extends management user and group structure (#1268)

* extends user and group structure by introducing fields for issued and integration references * Add integration checks to group management to prevent groups added by integration. * Add integration checks to user management to prevent deleting user added by integration. * Fix broken user update tests * Initialize all user fields for testing * Change a serializer option to embedded for IntegrationReference in user and group models * Add issued field to user api response * Add IntegrationReference to Group in update groups handler * Set the default issued field for users in file store
2025-08-09 07:15:15 +02:00 · 2023-11-01 13:04:17 +03:00
parent 6d4240a5ae
commit c38d65ef4c
11 changed files with 188 additions and 61 deletions
--- a/management/server/user_test.go
+++ b/management/server/user_test.go
@ -269,6 +269,11 @@ func TestUser_Copy(t *testing.T) {
 		},
 		Blocked:   false,
 		LastLogin: time.Now(),
+		Issued:    "test",
+		IntegrationReference: IntegrationReference{
+			ID:              0,
+			IntegrationType: "test",
+		},
 	}

 	err := validateStruct(user)
@ -453,12 +458,25 @@ func TestUser_DeleteUser_SelfDelete(t *testing.T) {
 func TestUser_DeleteUser_regularUser(t *testing.T) {
 	store := newStore(t)
 	account := newAccountWithId(mockAccountID, mockUserID, "")
+
 	targetId := "user2"
 	account.Users[targetId] = &User{
 		Id:              targetId,
 		IsServiceUser:   true,
 		ServiceUserName: "user2username",
 	}
+	targetId = "user3"
+	account.Users[targetId] = &User{
+		Id:            targetId,
+		IsServiceUser: false,
+		Issued:        UserIssuedAPI,
+	}
+	targetId = "user4"
+	account.Users[targetId] = &User{
+		Id:            targetId,
+		IsServiceUser: false,
+		Issued:        UserIssuedIntegration,
+	}

 	err := store.SaveAccount(account)
 	if err != nil {
@ -470,10 +488,37 @@ func TestUser_DeleteUser_regularUser(t *testing.T) {
 		eventStore: &activity.InMemoryEventStore{},
 	}

-	err = am.DeleteUser(mockAccountID, mockUserID, targetId)
-	if err != nil {
-		t.Errorf("unexpected error: %s", err)
+	testCases := []struct {
+		name             string
+		userID           string
+		assertErrFunc    assert.ErrorAssertionFunc
+		assertErrMessage string
+	}{
+		{
+			name:          "Delete service user successfully ",
+			userID:        "user2",
+			assertErrFunc: assert.NoError,
+		},
+		{
+			name:          "Delete regular user successfully ",
+			userID:        "user3",
+			assertErrFunc: assert.NoError,
+		},
+		{
+			name:             "Delete integration regular user permission denied ",
+			userID:           "user4",
+			assertErrFunc:    assert.Error,
+			assertErrMessage: "only integration can delete this user",
+		},
 	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			err = am.DeleteUser(mockAccountID, mockUserID, testCase.userID)
+			testCase.assertErrFunc(t, err, testCase.assertErrMessage)
+		})
+	}
+
 }

 func TestDefaultAccountManager_GetUser(t *testing.T) {