users) {
+ delete("realmName", realmName);
+ persist(users);
+ }
+}
+
diff --git a/src/main/java/dev/lions/user/manager/service/impl/AuditServiceImpl.java b/src/main/java/dev/lions/user/manager/service/impl/AuditServiceImpl.java
index 2924283..a856519 100644
--- a/src/main/java/dev/lions/user/manager/service/impl/AuditServiceImpl.java
+++ b/src/main/java/dev/lions/user/manager/service/impl/AuditServiceImpl.java
@@ -2,11 +2,15 @@ package dev.lions.user.manager.service.impl;
import dev.lions.user.manager.dto.audit.AuditLogDTO;
import dev.lions.user.manager.enums.audit.TypeActionAudit;
+// import dev.lions.user.manager.mapper.AuditLogMapper; // DELETE - Wrong package
+import dev.lions.user.manager.server.impl.mapper.AuditLogMapper; // ADD - Correct package
import dev.lions.user.manager.server.impl.entity.AuditLogEntity;
-import dev.lions.user.manager.server.impl.mapper.AuditLogMapper;
+import dev.lions.user.manager.server.impl.repository.AuditLogRepository;
import dev.lions.user.manager.service.AuditService;
+import io.quarkus.hibernate.orm.panache.PanacheQuery;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
+import jakarta.persistence.EntityManager;
import jakarta.transaction.Transactional;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotBlank;
@@ -15,596 +19,344 @@ import lombok.extern.slf4j.Slf4j;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import java.time.LocalDateTime;
-import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.UUID;
-import java.util.concurrent.ConcurrentHashMap;
import java.util.stream.Collectors;
-/**
- * Implémentation du service d'audit avec support de la persistance PostgreSQL.
- *
- * Architecture Hybride:
- *
- * - Cache en mémoire - Pour les logs récents (performances)
- * - Persistance PostgreSQL - Pour l'historique long terme (activable via config)
- *
- *
- * Configuration:
- *
- * - {@code lions.audit.enabled} - Active/désactive l'audit (défaut: true)
- * - {@code lions.audit.log-to-database} - Active la persistance DB (défaut: false en dev, true en prod)
- * - {@code lions.audit.cache-size} - Taille max du cache mémoire (défaut: 10000)
- * - {@code lions.audit.retention-days} - Durée de rétention en jours (défaut: 365)
- *
- *
- * Modes de Fonctionnement:
- *
- * Mode DEV (logToDatabase=false):
- * - Stockage en mémoire uniquement
- * - Logs perdus au redémarrage
- * - Performances maximales
- *
- * Mode PROD (logToDatabase=true):
- * - Persistance PostgreSQL
- * - Cache mémoire pour requêtes fréquentes
- * - Historique complet préservé
- *
- *
- * @author Lions Development Team
- * @version 2.0.0
- * @since 2026-01-02
- */
@ApplicationScoped
@Slf4j
public class AuditServiceImpl implements AuditService {
- // ==================== DÉPENDANCES ====================
+ @Inject
+ AuditLogRepository auditLogRepository;
@Inject
AuditLogMapper auditLogMapper;
- // ==================== CONFIGURATION ====================
+ @Inject
+ EntityManager entityManager;
@ConfigProperty(name = "lions.audit.enabled", defaultValue = "true")
boolean auditEnabled;
- @ConfigProperty(name = "lions.audit.log-to-database", defaultValue = "false")
+ @ConfigProperty(name = "lions.audit.log-to-database", defaultValue = "true")
boolean logToDatabase;
- @ConfigProperty(name = "lions.audit.cache-size", defaultValue = "10000")
- int cacheSize;
-
- @ConfigProperty(name = "lions.audit.retention-days", defaultValue = "365")
- int retentionDays;
-
- // ==================== STOCKAGE ====================
-
- /**
- * Cache en mémoire pour les logs récents.
- * Limité à {@code cacheSize} entrées. Les plus anciens sont supprimés automatiquement.
- */
- private final Map auditLogsCache = new ConcurrentHashMap<>();
-
- // ==================== MÉTHODES PRINCIPALES ====================
-
@Override
- @Transactional
+ @Transactional(Transactional.TxType.REQUIRES_NEW)
public AuditLogDTO logAction(@Valid @NotNull AuditLogDTO auditLog) {
if (!auditEnabled) {
- log.debug("Audit désactivé, log ignoré");
+ log.debug("Audit désactivé, action ignorée: {}", auditLog.getTypeAction());
return auditLog;
}
- // Générer un ID si nécessaire
- if (auditLog.getId() == null) {
- auditLog.setId(UUID.randomUUID().toString());
- }
+ log.info("AUDIT: [{}] {} - user:{} - ressource:{}/{} - status:{}",
+ auditLog.getRealmName(),
+ auditLog.getTypeAction(),
+ auditLog.getActeurUsername(), // ou getActeurUserId()
+ auditLog.getRessourceType(),
+ auditLog.getRessourceId(),
+ auditLog.getSuccess() != null && auditLog.getSuccess() ? "SUCCESS" : "FAILURE");
- // Ajouter le timestamp si nécessaire
- if (auditLog.getDateAction() == null) {
- auditLog.setDateAction(LocalDateTime.now());
- }
-
- // Log structuré pour les systèmes de logging externes (Graylog, Elasticsearch, etc.)
- log.info("AUDIT | Type: {} | Acteur: {} | Ressource: {} | Succès: {} | IP: {} | Détails: {}",
- auditLog.getTypeAction(),
- auditLog.getActeurUsername(),
- auditLog.getRessourceType() + ":" + auditLog.getRessourceId(),
- auditLog.isSuccessful(),
- auditLog.getIpAddress(),
- auditLog.getDescription());
-
- // Stocker en base de données si activé
if (logToDatabase) {
try {
+ // Ensure dateAction is set
+ if (auditLog.getDateAction() == null) {
+ auditLog.setDateAction(LocalDateTime.now());
+ }
+
AuditLogEntity entity = auditLogMapper.toEntity(auditLog);
- // Le mapper s'occupe du mapping automatique via @Mapping annotations
- // Ajout des champs additionnels non mappés automatiquement
- entity.setRealmName(auditLog.getRealmName());
+ auditLogRepository.persist(entity);
- entity.persist();
-
- log.debug("Log d'audit persisté en base de données avec ID: {}", entity.id);
+ // Mettre à jour l'ID du DTO avec l'ID généré par la base
+ if (entity.id != null) {
+ auditLog.setId(entity.id.toString());
+ }
} catch (Exception e) {
- log.error("Erreur lors de la persistance du log d'audit en base de données", e);
- // On ne lance pas d'exception pour ne pas bloquer le processus métier
+ log.error("Erreur lors de la persistance du log d'audit", e);
+ // On ne bloque pas l'action métier si l'audit échoue (sauf exigence contraire)
}
}
- // Ajouter au cache mémoire (pour performances)
- auditLogsCache.put(auditLog.getId(), auditLog);
-
- // Nettoyer le cache si trop grand
- if (auditLogsCache.size() > cacheSize) {
- cleanOldestCacheEntries();
- }
-
return auditLog;
}
@Override
+ @Transactional(Transactional.TxType.REQUIRES_NEW)
public void logSuccess(@NotNull TypeActionAudit typeAction,
- @NotBlank String ressourceType,
- String ressourceId,
- String ressourceName,
- @NotBlank String realmName,
- @NotBlank String acteurUserId,
- String description) {
- AuditLogDTO auditLog = AuditLogDTO.builder()
- .acteurUserId(acteurUserId)
- .acteurUsername(acteurUserId)
- .typeAction(typeAction)
- .ressourceType(ressourceType)
- .ressourceId(ressourceId != null ? ressourceId : "")
- .success(true)
- .description(description)
- .dateAction(LocalDateTime.now())
- .build();
+ @NotBlank String ressourceType,
+ String ressourceId,
+ String ressourceName,
+ @NotBlank String realmName,
+ @NotBlank String acteurUserId,
+ String description) {
- logAction(auditLog);
+ AuditLogDTO log = AuditLogDTO.builder()
+ .typeAction(typeAction)
+ .ressourceType(ressourceType)
+ .ressourceId(ressourceId)
+ .ressourceName(ressourceName)
+ .realmName(realmName)
+ .acteurUserId(acteurUserId)
+ .acteurUsername(acteurUserId) // On map aussi le username pour la persistence Entity
+ .description(description)
+ .dateAction(LocalDateTime.now())
+ .success(true)
+ .build();
+
+ logAction(log);
}
@Override
+ @Transactional(Transactional.TxType.REQUIRES_NEW)
public void logFailure(@NotNull TypeActionAudit typeAction,
- @NotBlank String ressourceType,
- String ressourceId,
- String ressourceName,
- @NotBlank String realmName,
- @NotBlank String acteurUserId,
- String errorCode,
- String errorMessage) {
- AuditLogDTO auditLog = AuditLogDTO.builder()
- .acteurUserId(acteurUserId)
- .acteurUsername(acteurUserId)
- .typeAction(typeAction)
- .ressourceType(ressourceType)
- .ressourceId(ressourceId != null ? ressourceId : "")
- .success(false)
- .errorMessage(errorMessage)
- .dateAction(LocalDateTime.now())
- .build();
+ @NotBlank String ressourceType,
+ String ressourceId,
+ String ressourceName,
+ @NotBlank String realmName,
+ @NotBlank String acteurUserId,
+ String errorCode,
+ String errorMessage) {
- logAction(auditLog);
+ AuditLogDTO log = AuditLogDTO.builder()
+ .typeAction(typeAction)
+ .ressourceType(ressourceType)
+ .ressourceId(ressourceId)
+ .ressourceName(ressourceName)
+ .realmName(realmName)
+ .acteurUserId(acteurUserId)
+ .acteurUsername(acteurUserId)
+ .description("Echec: " + errorCode)
+ .errorMessage(errorMessage)
+ .dateAction(LocalDateTime.now())
+ .success(false)
+ .build();
+
+ logAction(log);
}
- // ==================== MÉTHODES DE RECHERCHE ====================
-
@Override
public List findByActeur(@NotBlank String acteurUserId,
- LocalDateTime dateDebut,
- LocalDateTime dateFin,
- int page,
- int pageSize) {
- if (logToDatabase) {
- return searchLogsFromDatabase(acteurUserId, dateDebut, dateFin, null, null, null, page, pageSize);
- }
- return searchLogsFromCache(acteurUserId, dateDebut, dateFin, null, null, null, page, pageSize);
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin,
+ int page,
+ int pageSize) {
+ // Le repository cherche par auteurAction, qui est mappé sur acteurUsername dans
+ // le DTO
+ List entities = auditLogRepository.search(null, acteurUserId, dateDebut, dateFin, null, null,
+ page,
+ pageSize);
+ return auditLogMapper.toDTOList(entities);
}
@Override
public List findByRessource(@NotBlank String ressourceType,
- @NotBlank String ressourceId,
- LocalDateTime dateDebut,
- LocalDateTime dateFin,
- int page,
- int pageSize) {
- if (logToDatabase) {
- return searchLogsFromDatabase(null, dateDebut, dateFin, null, ressourceType, null, page, pageSize)
- .stream()
- .filter(log -> ressourceId.equals(log.getRessourceId()))
- .collect(Collectors.toList());
- }
- return searchLogsFromCache(null, dateDebut, dateFin, null, ressourceType, null, page, pageSize)
- .stream()
- .filter(log -> ressourceId.equals(log.getRessourceId()))
- .collect(Collectors.toList());
+ @NotBlank String ressourceId,
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin,
+ int page,
+ int pageSize) {
+
+ // Utilisation de Panache query directe car le repo search générique est limité
+ // On cherche dans 'details' (description) ou 'userId' (ressourceId)
+ String filter = "%" + ressourceId + "%";
+ // Correction: userId est le nom du champ dans l'entité qui mappe ressourceId
+ PanacheQuery q = auditLogRepository.find("userId = ?1 or details like ?2", ressourceId, filter);
+
+ return auditLogMapper.toDTOList(q.page(page, pageSize).list());
}
@Override
public List findByTypeAction(@NotNull TypeActionAudit typeAction,
- @NotBlank String realmName,
- LocalDateTime dateDebut,
- LocalDateTime dateFin,
- int page,
- int pageSize) {
- if (logToDatabase) {
- return searchLogsFromDatabase(null, dateDebut, dateFin, typeAction, null, null, page, pageSize);
- }
- return searchLogsFromCache(null, dateDebut, dateFin, typeAction, null, null, page, pageSize);
+ @NotBlank String realmName,
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin,
+ int page,
+ int pageSize) {
+ List entities = auditLogRepository.search(realmName, null, dateDebut, dateFin,
+ typeAction.name(), null, page,
+ pageSize);
+ return auditLogMapper.toDTOList(entities);
}
@Override
public List findByRealm(@NotBlank String realmName,
- LocalDateTime dateDebut,
- LocalDateTime dateFin,
- int page,
- int pageSize) {
- if (logToDatabase) {
- List entities = AuditLogEntity.findByRealm(realmName);
- return auditLogMapper.toDTOList(entities);
- }
- return searchLogsFromCache(null, dateDebut, dateFin, null, null, null, page, pageSize);
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin,
+ int page,
+ int pageSize) {
+ List entities = auditLogRepository.search(realmName, null, dateDebut, dateFin, null, null, page,
+ pageSize);
+ return auditLogMapper.toDTOList(entities);
}
@Override
public List findFailures(@NotBlank String realmName,
- LocalDateTime dateDebut,
- LocalDateTime dateFin,
- int page,
- int pageSize) {
- if (logToDatabase) {
- return searchLogsFromDatabase(null, dateDebut, dateFin, null, null, false, page, pageSize);
- }
- return searchLogsFromCache(null, dateDebut, dateFin, null, null, false, page, pageSize);
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin,
+ int page,
+ int pageSize) {
+ List entities = auditLogRepository.search(realmName, null, dateDebut, dateFin, null, false,
+ page,
+ pageSize);
+ return auditLogMapper.toDTOList(entities);
}
@Override
public List findCriticalActions(@NotBlank String realmName,
- LocalDateTime dateDebut,
- LocalDateTime dateFin,
- int page,
- int pageSize) {
- List allLogs = logToDatabase ?
- searchLogsFromDatabase(null, dateDebut, dateFin, null, null, null, page, pageSize) :
- searchLogsFromCache(null, dateDebut, dateFin, null, null, null, page, pageSize);
-
- return allLogs.stream()
- .filter(log -> {
- TypeActionAudit type = log.getTypeAction();
- return type == TypeActionAudit.USER_DELETE ||
- type == TypeActionAudit.ROLE_DELETE ||
- type == TypeActionAudit.SESSION_REVOKE_ALL;
- })
- .collect(Collectors.toList());
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin,
+ int page,
+ int pageSize) {
+ List entities = auditLogRepository.search(realmName, null, dateDebut, dateFin, null, false,
+ page, pageSize);
+ return auditLogMapper.toDTOList(entities);
}
- // ==================== MÉTHODES STATISTIQUES ====================
-
@Override
+ @SuppressWarnings("unchecked")
public Map countByActionType(@NotBlank String realmName,
- LocalDateTime dateDebut,
- LocalDateTime dateFin) {
- return getActionStatistics(dateDebut, dateFin);
- }
-
- @Override
- public Map countByActeur(@NotBlank String realmName,
- LocalDateTime dateDebut,
- LocalDateTime dateFin) {
- return getUserActivityStatistics(dateDebut, dateFin);
- }
-
- @Override
- public Map countSuccessVsFailure(@NotBlank String realmName,
- LocalDateTime dateDebut,
- LocalDateTime dateFin) {
- long successCount = getSuccessCount(dateDebut, dateFin);
- long failureCount = getFailureCount(dateDebut, dateFin);
-
- Map result = new java.util.HashMap<>();
- result.put("success", successCount);
- result.put("failure", failureCount);
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin) {
+ StringBuilder sql = new StringBuilder("SELECT action, COUNT(*) AS cnt FROM audit_logs WHERE realm_name = :realmName");
+ if (dateDebut != null) sql.append(" AND timestamp >= :dateDebut");
+ if (dateFin != null) sql.append(" AND timestamp <= :dateFin");
+ sql.append(" GROUP BY action");
+ var query = entityManager.createNativeQuery(sql.toString())
+ .setParameter("realmName", realmName);
+ if (dateDebut != null) query.setParameter("dateDebut", dateDebut);
+ if (dateFin != null) query.setParameter("dateFin", dateFin);
+ List rows = query.getResultList();
+ Map result = new HashMap<>();
+ for (Object[] row : rows) {
+ String actionStr = (String) row[0];
+ Long count = ((Number) row[1]).longValue();
+ try {
+ result.put(TypeActionAudit.valueOf(actionStr), count);
+ } catch (IllegalArgumentException e) {
+ log.debug("TypeActionAudit inconnu ignoré: {}", actionStr);
+ }
+ }
return result;
}
@Override
- public Map getAuditStatistics(@NotBlank String realmName,
- LocalDateTime dateDebut,
- LocalDateTime dateFin) {
- Map stats = new java.util.HashMap<>();
-
- long total = logToDatabase ?
- AuditLogEntity.findByPeriod(dateDebut, dateFin).size() :
- auditLogsCache.values().stream()
- .filter(log -> {
- if (dateDebut != null && log.getDateAction().isBefore(dateDebut)) {
- return false;
- }
- if (dateFin != null && log.getDateAction().isAfter(dateFin)) {
- return false;
- }
- return true;
- })
- .count();
-
- stats.put("total", total);
- stats.put("success", getSuccessCount(dateDebut, dateFin));
- stats.put("failure", getFailureCount(dateDebut, dateFin));
- stats.put("byActionType", countByActionType(realmName, dateDebut, dateFin));
- stats.put("byActeur", countByActeur(realmName, dateDebut, dateFin));
- return stats;
+ @SuppressWarnings("unchecked")
+ public Map countByActeur(@NotBlank String realmName,
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin) {
+ StringBuilder sql = new StringBuilder("SELECT auteur_action, COUNT(*) AS cnt FROM audit_logs WHERE realm_name = :realmName");
+ if (dateDebut != null) sql.append(" AND timestamp >= :dateDebut");
+ if (dateFin != null) sql.append(" AND timestamp <= :dateFin");
+ sql.append(" GROUP BY auteur_action ORDER BY COUNT(*) DESC LIMIT 10");
+ var query = entityManager.createNativeQuery(sql.toString())
+ .setParameter("realmName", realmName);
+ if (dateDebut != null) query.setParameter("dateDebut", dateDebut);
+ if (dateFin != null) query.setParameter("dateFin", dateFin);
+ List rows = query.getResultList();
+ Map result = new HashMap<>();
+ for (Object[] row : rows) {
+ result.put((String) row[0], ((Number) row[1]).longValue());
+ }
+ return result;
}
- // ==================== EXPORT / PURGE ====================
+ @Override
+ @SuppressWarnings("unchecked")
+ public Map countSuccessVsFailure(@NotBlank String realmName,
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin) {
+ StringBuilder sql = new StringBuilder("SELECT success, COUNT(*) AS cnt FROM audit_logs WHERE realm_name = :realmName");
+ if (dateDebut != null) sql.append(" AND timestamp >= :dateDebut");
+ if (dateFin != null) sql.append(" AND timestamp <= :dateFin");
+ sql.append(" GROUP BY success");
+ var query = entityManager.createNativeQuery(sql.toString())
+ .setParameter("realmName", realmName);
+ if (dateDebut != null) query.setParameter("dateDebut", dateDebut);
+ if (dateFin != null) query.setParameter("dateFin", dateFin);
+ List rows = query.getResultList();
+ Map result = new HashMap<>();
+ result.put("success", 0L);
+ result.put("failure", 0L);
+ for (Object[] row : rows) {
+ Boolean success = (Boolean) row[0];
+ Long count = ((Number) row[1]).longValue();
+ result.put(Boolean.TRUE.equals(success) ? "success" : "failure", count);
+ }
+ return result;
+ }
@Override
public String exportToCSV(@NotBlank String realmName,
- LocalDateTime dateDebut,
- LocalDateTime dateFin) {
- List csvLines = exportLogsToCSV(dateDebut, dateFin);
- return String.join("\n", csvLines);
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin) {
+ List entities = auditLogRepository.search(realmName, null, dateDebut, dateFin, null, null, 0, Integer.MAX_VALUE);
+ List logs = auditLogMapper.toDTOList(entities);
+ StringBuilder csv = new StringBuilder();
+ csv.append("id;typeAction;acteur;realmName;ressourceType;ressourceId;succes;dateAction;message\n");
+ for (AuditLogDTO dto : logs) {
+ csv.append(escapeCsv(dto.getId()));
+ csv.append(";");
+ csv.append(escapeCsv(dto.getTypeAction() != null ? dto.getTypeAction().name() : ""));
+ csv.append(";");
+ csv.append(escapeCsv(dto.getActeurUsername()));
+ csv.append(";");
+ csv.append(escapeCsv(dto.getRealmName()));
+ csv.append(";");
+ csv.append(escapeCsv(dto.getRessourceType()));
+ csv.append(";");
+ csv.append(escapeCsv(dto.getRessourceId()));
+ csv.append(";");
+ csv.append(dto.getSuccess() != null && dto.getSuccess() ? "true" : "false");
+ csv.append(";");
+ csv.append(dto.getDateAction() != null ? dto.getDateAction().toString() : "");
+ csv.append(";");
+ csv.append(escapeCsv(dto.getErrorMessage() != null ? dto.getErrorMessage() : (dto.getDescription() != null ? dto.getDescription() : "")));
+ csv.append("\n");
+ }
+ return csv.toString();
+ }
+
+ private static String escapeCsv(String value) {
+ if (value == null) return "";
+ if (value.contains(";") || value.contains("\"") || value.contains("\n")) {
+ return "\"" + value.replace("\"", "\"\"") + "\"";
+ }
+ return value;
}
@Override
@Transactional
public long purgeOldLogs(@NotNull LocalDateTime dateLimite) {
- long purgedCount = 0;
-
- // Purge en base de données si activé
- if (logToDatabase) {
- purgedCount = AuditLogEntity.deleteOlderThan(dateLimite);
- log.info("Supprimé {} logs d'audit de la base de données avant {}", purgedCount, dateLimite);
- }
-
- // Purge du cache mémoire
- long beforeCacheCount = auditLogsCache.size();
- auditLogsCache.entrySet().removeIf(entry ->
- entry.getValue().getDateAction().isBefore(dateLimite)
- );
- long cacheRemoved = beforeCacheCount - auditLogsCache.size();
-
- log.info("Supprimé {} logs du cache mémoire avant {}", cacheRemoved, dateLimite);
-
- return purgedCount + cacheRemoved;
+ return auditLogRepository.delete("timestamp < ?1", dateLimite);
}
- // ==================== MÉTHODES PRIVÉES ====================
+ @Override
+ public Map getAuditStatistics(@NotBlank String realmName,
+ LocalDateTime dateDebut,
+ LocalDateTime dateFin) {
+ Map stats = new java.util.HashMap<>();
+ stats.put("total", auditLogRepository.count("realmName", realmName));
+ return stats;
+ }
+
+ // ==================== Méthodes utilitaires ====================
/**
- * Recherche les logs depuis le cache mémoire.
- */
- private List searchLogsFromCache(String acteurUsername, LocalDateTime dateDebut,
- LocalDateTime dateFin, TypeActionAudit typeAction,
- String ressourceType, Boolean succes,
- int page, int pageSize) {
- log.debug("Recherche logs depuis cache mémoire");
-
- return auditLogsCache.values().stream()
- .filter(log -> applyFilters(log, acteurUsername, dateDebut, dateFin, typeAction, ressourceType, succes))
- .sorted((a, b) -> b.getDateAction().compareTo(a.getDateAction()))
- .skip((long) page * pageSize)
- .limit(pageSize)
- .collect(Collectors.toList());
- }
-
- /**
- * Recherche les logs depuis la base de données PostgreSQL.
- */
- private List searchLogsFromDatabase(String acteurUsername, LocalDateTime dateDebut,
- LocalDateTime dateFin, TypeActionAudit typeAction,
- String ressourceType, Boolean succes,
- int page, int pageSize) {
- log.debug("Recherche logs depuis base de données");
-
- List entities;
-
- // Optimisation: utiliser les requêtes spécialisées si possible
- if (acteurUsername != null && typeAction == null && ressourceType == null) {
- entities = AuditLogEntity.findByAuteur(acteurUsername);
- } else if (typeAction != null && acteurUsername == null && ressourceType == null) {
- entities = AuditLogEntity.findByAction(typeAction);
- } else if (dateDebut != null && dateFin != null) {
- entities = AuditLogEntity.findByPeriod(dateDebut, dateFin);
- } else {
- entities = AuditLogEntity.listAll();
- }
-
- return entities.stream()
- .map(auditLogMapper::toDTO)
- .filter(log -> applyFilters(log, acteurUsername, dateDebut, dateFin, typeAction, ressourceType, succes))
- .sorted((a, b) -> b.getDateAction().compareTo(a.getDateAction()))
- .skip((long) page * pageSize)
- .limit(pageSize)
- .collect(Collectors.toList());
- }
-
- /**
- * Applique les filtres de recherche à un log.
- */
- private boolean applyFilters(AuditLogDTO log, String acteurUsername, LocalDateTime dateDebut,
- LocalDateTime dateFin, TypeActionAudit typeAction,
- String ressourceType, Boolean succes) {
- if (acteurUsername != null && !"*".equals(acteurUsername) &&
- !acteurUsername.equals(log.getActeurUsername())) {
- return false;
- }
-
- if (dateDebut != null && log.getDateAction().isBefore(dateDebut)) {
- return false;
- }
-
- if (dateFin != null && log.getDateAction().isAfter(dateFin)) {
- return false;
- }
-
- if (typeAction != null && !typeAction.equals(log.getTypeAction())) {
- return false;
- }
-
- if (ressourceType != null && !ressourceType.equals(log.getRessourceType())) {
- return false;
- }
-
- if (succes != null && succes != log.isSuccessful()) {
- return false;
- }
-
- return true;
- }
-
- /**
- * Nettoie les entrées les plus anciennes du cache.
- */
- private void cleanOldestCacheEntries() {
- int toRemove = auditLogsCache.size() - (cacheSize * 90 / 100); // Garder 90%
-
- if (toRemove > 0) {
- List oldestKeys = auditLogsCache.entrySet().stream()
- .sorted((a, b) -> a.getValue().getDateAction().compareTo(b.getValue().getDateAction()))
- .limit(toRemove)
- .map(Map.Entry::getKey)
- .collect(Collectors.toList());
-
- oldestKeys.forEach(auditLogsCache::remove);
- log.debug("Nettoyé {} entrées du cache d'audit", oldestKeys.size());
- }
- }
-
- // Méthodes helpers (statistiques)
- private Map getActionStatistics(LocalDateTime dateDebut, LocalDateTime dateFin) {
- if (logToDatabase) {
- List entities = AuditLogEntity.findByPeriod(dateDebut, dateFin);
- return entities.stream()
- .collect(Collectors.groupingBy(AuditLogEntity::getAction, Collectors.counting()));
- }
-
- return auditLogsCache.values().stream()
- .filter(log -> {
- if (dateDebut != null && log.getDateAction().isBefore(dateDebut)) return false;
- if (dateFin != null && log.getDateAction().isAfter(dateFin)) return false;
- return true;
- })
- .collect(Collectors.groupingBy(AuditLogDTO::getTypeAction, Collectors.counting()));
- }
-
- private Map getUserActivityStatistics(LocalDateTime dateDebut, LocalDateTime dateFin) {
- if (logToDatabase) {
- List entities = AuditLogEntity.findByPeriod(dateDebut, dateFin);
- return entities.stream()
- .collect(Collectors.groupingBy(AuditLogEntity::getAuteurAction, Collectors.counting()));
- }
-
- return auditLogsCache.values().stream()
- .filter(log -> {
- if (dateDebut != null && log.getDateAction().isBefore(dateDebut)) return false;
- if (dateFin != null && log.getDateAction().isAfter(dateFin)) return false;
- return true;
- })
- .collect(Collectors.groupingBy(AuditLogDTO::getActeurUsername, Collectors.counting()));
- }
-
- private long getFailureCount(LocalDateTime dateDebut, LocalDateTime dateFin) {
- if (logToDatabase) {
- return AuditLogEntity.findByPeriod(dateDebut, dateFin).stream()
- .filter(e -> !e.getSuccess())
- .count();
- }
-
- return auditLogsCache.values().stream()
- .filter(log -> !log.isSuccessful())
- .filter(log -> {
- if (dateDebut != null && log.getDateAction().isBefore(dateDebut)) return false;
- if (dateFin != null && log.getDateAction().isAfter(dateFin)) return false;
- return true;
- })
- .count();
- }
-
- private long getSuccessCount(LocalDateTime dateDebut, LocalDateTime dateFin) {
- if (logToDatabase) {
- return AuditLogEntity.findByPeriod(dateDebut, dateFin).stream()
- .filter(AuditLogEntity::getSuccess)
- .count();
- }
-
- return auditLogsCache.values().stream()
- .filter(AuditLogDTO::isSuccessful)
- .filter(log -> {
- if (dateDebut != null && log.getDateAction().isBefore(dateDebut)) return false;
- if (dateFin != null && log.getDateAction().isAfter(dateFin)) return false;
- return true;
- })
- .count();
- }
-
- private List exportLogsToCSV(LocalDateTime dateDebut, LocalDateTime dateFin) {
- log.info("Export CSV des logs d'audit entre {} et {}", dateDebut, dateFin);
-
- List csvLines = new ArrayList<>();
- csvLines.add("ID,Date Action,Acteur,Type Action,Ressource Type,Ressource ID,Succès,Adresse IP,Détails,Message Erreur");
-
- List logs;
- if (logToDatabase) {
- List entities = AuditLogEntity.findByPeriod(dateDebut, dateFin);
- logs = auditLogMapper.toDTOList(entities);
- } else {
- logs = auditLogsCache.values().stream()
- .filter(log -> {
- if (dateDebut != null && log.getDateAction().isBefore(dateDebut)) return false;
- if (dateFin != null && log.getDateAction().isAfter(dateFin)) return false;
- return true;
- })
- .sorted((a, b) -> a.getDateAction().compareTo(b.getDateAction()))
- .collect(Collectors.toList());
- }
-
- logs.forEach(log -> {
- String csvLine = String.format("%s,%s,%s,%s,%s,%s,%s,%s,\"%s\",\"%s\"",
- log.getId(),
- log.getDateAction(),
- log.getActeurUsername(),
- log.getTypeAction(),
- log.getRessourceType(),
- log.getRessourceId(),
- log.isSuccessful(),
- log.getIpAddress() != null ? log.getIpAddress() : "",
- log.getDescription() != null ? log.getDescription().replace("\"", "\"\"") : "",
- log.getErrorMessage() != null ? log.getErrorMessage().replace("\"", "\"\"") : ""
- );
- csvLines.add(csvLine);
- });
-
- log.info("Export CSV terminé: {} lignes", csvLines.size() - 1);
- return csvLines;
- }
-
- // ==================== MÉTHODES UTILITAIRES ====================
-
- /**
- * Retourne le nombre total de logs (cache + DB).
+ * Retourne le nombre total de logs (Utilisé par les tests)
*/
public long getTotalCount() {
- if (logToDatabase) {
- return AuditLogEntity.count();
- }
- return auditLogsCache.size();
+ return auditLogRepository.count();
}
/**
- * Vide tous les logs (ATTENTION: à utiliser uniquement en développement).
+ * Vide tous les logs (Utilisé par les tests)
*/
@Transactional
public void clearAll() {
- log.warn("ATTENTION: Suppression de tous les logs d'audit");
-
- if (logToDatabase) {
- AuditLogEntity.deleteAll();
- log.warn("Supprimé tous les logs de la base de données");
- }
-
- auditLogsCache.clear();
- log.warn("Vidé le cache mémoire");
+ log.warn("ATTENTION: Suppression de tous les logs d'audit en base");
+ auditLogRepository.deleteAll();
}
}
diff --git a/src/main/java/dev/lions/user/manager/service/impl/RoleServiceImpl.java b/src/main/java/dev/lions/user/manager/service/impl/RoleServiceImpl.java
index f135479..9a33c18 100644
--- a/src/main/java/dev/lions/user/manager/service/impl/RoleServiceImpl.java
+++ b/src/main/java/dev/lions/user/manager/service/impl/RoleServiceImpl.java
@@ -221,7 +221,7 @@ public class RoleServiceImpl implements RoleService {
try {
// Vérifier que le realm existe
if (!keycloakAdminClient.realmExists(realmName)) {
- log.warn("Le realm {} n'existe pas", realmName);
+ log.error("Le realm {} n'existe pas", realmName);
throw new IllegalArgumentException("Le realm '" + realmName + "' n'existe pas");
}
@@ -232,19 +232,7 @@ public class RoleServiceImpl implements RoleService {
log.info("Récupération réussie: {} rôles trouvés dans le realm {}", roleReps.size(), realmName);
return RoleMapper.toDTOList(roleReps, realmName, TypeRole.REALM_ROLE);
- } catch (NotFoundException e) {
- log.warn("Realm {} non trouvé (404): {}", realmName, e.getMessage());
- throw new IllegalArgumentException("Le realm '" + realmName + "' n'existe pas", e);
} catch (Exception e) {
- // Vérifier si c'est une erreur 404 dans le message
- String errorMessage = e.getMessage();
- if (errorMessage != null && (errorMessage.contains("404") ||
- errorMessage.contains("Server response is: 404") ||
- errorMessage.contains("Not Found"))) {
- log.warn("Realm {} non trouvé (404 détecté dans l'erreur): {}", realmName, errorMessage);
- throw new IllegalArgumentException("Le realm '" + realmName + "' n'existe pas", e);
- }
-
log.error("Erreur lors de la récupération des rôles realm du realm {}: {}", realmName, e.getMessage(), e);
throw new RuntimeException("Erreur lors de la récupération des rôles realm: " + e.getMessage(), e);
}
diff --git a/src/main/java/dev/lions/user/manager/service/impl/SyncServiceImpl.java b/src/main/java/dev/lions/user/manager/service/impl/SyncServiceImpl.java
index 6463e2c..52960e3 100644
--- a/src/main/java/dev/lions/user/manager/service/impl/SyncServiceImpl.java
+++ b/src/main/java/dev/lions/user/manager/service/impl/SyncServiceImpl.java
@@ -1,216 +1,389 @@
package dev.lions.user.manager.service.impl;
-import dev.lions.user.manager.client.KeycloakAdminClient;
-import dev.lions.user.manager.dto.role.RoleDTO;
-import dev.lions.user.manager.dto.sync.HealthStatusDTO;
-import dev.lions.user.manager.dto.sync.SyncResultDTO;
-import dev.lions.user.manager.dto.user.UserDTO;
-import dev.lions.user.manager.enums.role.TypeRole;
-import dev.lions.user.manager.mapper.RoleMapper;
-import dev.lions.user.manager.mapper.UserMapper;
+import dev.lions.user.manager.server.impl.entity.SyncHistoryEntity;
+import dev.lions.user.manager.server.impl.entity.SyncedRoleEntity;
+import dev.lions.user.manager.server.impl.entity.SyncedUserEntity;
+import dev.lions.user.manager.server.impl.interceptor.Logged;
+import dev.lions.user.manager.server.impl.repository.SyncHistoryRepository;
+import dev.lions.user.manager.server.impl.repository.SyncedRoleRepository;
+import dev.lions.user.manager.server.impl.repository.SyncedUserRepository;
import dev.lions.user.manager.service.SyncService;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
+import jakarta.transaction.Transactional;
import jakarta.validation.constraints.NotBlank;
import lombok.extern.slf4j.Slf4j;
+import dev.lions.user.manager.client.KeycloakAdminClient;
+import org.eclipse.microprofile.config.inject.ConfigProperty;
+import org.keycloak.admin.client.Keycloak;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
+import java.time.Instant;
+import java.time.LocalDateTime;
+import java.time.ZoneOffset;
+import java.time.temporal.ChronoUnit;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
-import java.util.stream.Collectors;
+import java.util.Set;
-/**
- * Implémentation du service de synchronisation avec Keycloak
- *
- * Ce service permet de:
- * - Synchroniser les utilisateurs depuis Keycloak
- * - Synchroniser les rôles depuis Keycloak
- * - Vérifier la cohérence des données
- * - Effectuer des health checks sur Keycloak
- */
@ApplicationScoped
@Slf4j
public class SyncServiceImpl implements SyncService {
+ @Inject
+ Keycloak keycloak;
+
@Inject
KeycloakAdminClient keycloakAdminClient;
+ @Inject
+ SyncHistoryRepository syncHistoryRepository;
+
+ // Repositories optionnels pour la persistance locale des snapshots.
+ // Ils sont marqués @Inject mais l'utilisation dans le code est protégée
+ // par des checks null pour ne pas casser les tests existants.
+ @Inject
+ SyncedUserRepository syncedUserRepository;
+
+ @Inject
+ SyncedRoleRepository syncedRoleRepository;
+
+ @ConfigProperty(name = "lions.keycloak.server-url")
+ String keycloakServerUrl;
+
@Override
+ @Transactional
+ @Logged(action = "SYNC_USERS", resource = "REALM")
public int syncUsersFromRealm(@NotBlank String realmName) {
log.info("Synchronisation des utilisateurs depuis le realm: {}", realmName);
+ LocalDateTime start = LocalDateTime.now();
+ int count = 0;
+ String status = "SUCCESS";
+ String errorMessage = null;
try {
- List userReps = keycloakAdminClient.getInstance()
- .realm(realmName)
- .users()
- .list();
+ List users = keycloak.realm(realmName).users().list();
+ count = users.size();
+
+ // Persister un snapshot minimal des utilisateurs dans la base locale si le
+ // repository est disponible.
+ if (syncedUserRepository != null && !users.isEmpty()) {
+ List snapshots = users.stream()
+ .map(user -> {
+ SyncedUserEntity entity = new SyncedUserEntity();
+ entity.setRealmName(realmName);
+ entity.setKeycloakId(user.getId());
+ entity.setUsername(user.getUsername());
+ entity.setEmail(user.getEmail());
+ entity.setEnabled(user.isEnabled());
+ entity.setEmailVerified(user.isEmailVerified());
+
+ if (user.getCreatedTimestamp() != null) {
+ LocalDateTime createdAt = LocalDateTime.ofInstant(
+ Instant.ofEpochMilli(user.getCreatedTimestamp()),
+ ZoneOffset.UTC);
+ entity.setCreatedAt(createdAt);
+ }
+ return entity;
+ })
+ .toList();
+
+ syncedUserRepository.replaceForRealm(realmName, snapshots);
+ log.info("Persisted {} synced user snapshots for realm {}", snapshots.size(), realmName);
+ }
- int count = userReps.size();
log.info("✅ {} utilisateurs synchronisés depuis le realm {}", count, realmName);
- return count;
} catch (Exception e) {
log.error("❌ Erreur lors de la synchronisation des utilisateurs depuis le realm {}", realmName, e);
- throw new RuntimeException("Erreur lors de la synchronisation des utilisateurs", e);
+ status = "FAILURE";
+ errorMessage = e.getMessage();
+ throw new RuntimeException("Erreur de synchronisation utilisateurs: " + e.getMessage(), e);
+ } finally {
+ recordSyncHistory(realmName, "USER", status, count, start, errorMessage);
}
+ return count;
}
@Override
+ @Transactional
+ @Logged(action = "SYNC_ROLES", resource = "REALM")
public int syncRolesFromRealm(@NotBlank String realmName) {
log.info("Synchronisation des rôles depuis le realm: {}", realmName);
+ LocalDateTime start = LocalDateTime.now();
+ int count = 0;
+ String status = "SUCCESS";
+ String errorMessage = null;
try {
- List roleReps = keycloakAdminClient.getInstance()
- .realm(realmName)
- .roles()
- .list();
+ List roles = keycloak.realm(realmName).roles().list();
+ count = roles.size();
+
+ // Persister un snapshot minimal des rôles dans la base locale si le repository
+ // est disponible.
+ if (syncedRoleRepository != null && !roles.isEmpty()) {
+ List snapshots = roles.stream()
+ .map(role -> {
+ SyncedRoleEntity entity = new SyncedRoleEntity();
+ entity.setRealmName(realmName);
+ entity.setRoleName(role.getName());
+ entity.setDescription(role.getDescription());
+ return entity;
+ })
+ .toList();
+
+ syncedRoleRepository.replaceForRealm(realmName, snapshots);
+ log.info("Persisted {} synced role snapshots for realm {}", snapshots.size(), realmName);
+ }
- int count = roleReps.size();
log.info("✅ {} rôles synchronisés depuis le realm {}", count, realmName);
- return count;
} catch (Exception e) {
log.error("❌ Erreur lors de la synchronisation des rôles depuis le realm {}", realmName, e);
- throw new RuntimeException("Erreur lors de la synchronisation des rôles", e);
+ status = "FAILURE";
+ errorMessage = e.getMessage();
+ throw new RuntimeException("Erreur de synchronisation rôles: " + e.getMessage(), e);
+ } finally {
+ recordSyncHistory(realmName, "ROLE", status, count, start, errorMessage);
}
+ return count;
}
@Override
+ @Transactional
+ @Logged(action = "REALM_SYNC", resource = "SYSTEM")
public Map syncAllRealms() {
- log.info("Synchronisation de tous les realms");
-
- Map results = new java.util.HashMap<>();
-
+ Map result = new HashMap<>();
try {
- // Lister tous les realms
- List realms =
- keycloakAdminClient.getInstance().realms().findAll();
-
- for (org.keycloak.representations.idm.RealmRepresentation realm : realms) {
- String realmName = realm.getRealm();
- try {
- int usersCount = syncUsersFromRealm(realmName);
- int rolesCount = syncRolesFromRealm(realmName);
- results.put(realmName, usersCount + rolesCount);
- } catch (Exception e) {
- log.error("Erreur lors de la synchronisation du realm {}", realmName, e);
- results.put(realmName, 0);
+ // getAllRealms() utilise un HttpClient raw avec ObjectMapper(FAIL_ON_UNKNOWN_PROPERTIES=false)
+ // pour éviter les erreurs de désérialisation de RealmRepresentation avec Keycloak 26+
+ List realmNames = keycloakAdminClient.getAllRealms();
+
+ for (String realmName : realmNames) {
+ if (realmName == null || realmName.isBlank()) {
+ continue;
}
+
+ log.info("Synchronisation complète du realm {}", realmName);
+ int totalForRealm = 0;
+ try {
+ int users = syncUsersFromRealm(realmName);
+ int roles = syncRolesFromRealm(realmName);
+ totalForRealm = users + roles;
+ log.info("✅ Realm {} synchronisé (users={}, roles={})", realmName, users, roles);
+ } catch (Exception e) {
+ log.error("❌ Erreur lors de la synchronisation du realm {}", realmName, e);
+ // On enregistre quand même le realm dans le résultat avec 0 éléments traités
+ totalForRealm = 0;
+ }
+ result.put(realmName, totalForRealm);
}
} catch (Exception e) {
- log.error("Erreur lors de la synchronisation de tous les realms", e);
+ log.error("❌ Erreur lors de la récupération de la liste des realms pour synchronisation globale", e);
+ // En cas d'erreur globale, on retourne simplement une map vide (aucune
+ // approximation)
}
-
- return results;
+ return result;
}
@Override
public Map checkDataConsistency(@NotBlank String realmName) {
- log.info("Vérification de la cohérence des données pour le realm: {}", realmName);
+ Map report = new HashMap<>();
+ report.put("realmName", realmName);
- Map report = new java.util.HashMap<>();
-
try {
- // Pour l'instant, on retourne juste un rapport basique
- // En production, on comparerait avec un cache local
- report.put("realmName", realmName);
- report.put("status", "ok");
- report.put("message", "Cohérence vérifiée");
+ // Données actuelles dans Keycloak
+ List kcUsers = keycloak.realm(realmName).users().list();
+ List kcRoles = keycloak.realm(realmName).roles().list();
+
+ // Snapshots locaux
+ List localUsers = syncedUserRepository.list("realmName", realmName);
+ List localRoles = syncedRoleRepository.list("realmName", realmName);
+
+ // Comparaison exacte des identifiants utilisateurs
+ Set kcUserIds = kcUsers.stream()
+ .map(UserRepresentation::getId)
+ .filter(id -> id != null && !id.isBlank())
+ .collect(java.util.stream.Collectors.toSet());
+
+ Set localUserIds = localUsers.stream()
+ .map(SyncedUserEntity::getKeycloakId)
+ .filter(id -> id != null && !id.isBlank())
+ .collect(java.util.stream.Collectors.toSet());
+
+ Set missingUsersInLocal = new HashSet<>(kcUserIds);
+ missingUsersInLocal.removeAll(localUserIds);
+
+ Set missingUsersInKeycloak = new HashSet<>(localUserIds);
+ missingUsersInKeycloak.removeAll(kcUserIds);
+
+ // Comparaison exacte des noms de rôles
+ Set kcRoleNames = kcRoles.stream()
+ .map(RoleRepresentation::getName)
+ .filter(name -> name != null && !name.isBlank())
+ .collect(java.util.stream.Collectors.toSet());
+
+ Set localRoleNames = localRoles.stream()
+ .map(SyncedRoleEntity::getRoleName)
+ .filter(name -> name != null && !name.isBlank())
+ .collect(java.util.stream.Collectors.toSet());
+
+ Set missingRolesInLocal = new HashSet<>(kcRoleNames);
+ missingRolesInLocal.removeAll(localRoleNames);
+
+ Set missingRolesInKeycloak = new HashSet<>(localRoleNames);
+ missingRolesInKeycloak.removeAll(kcRoleNames);
+
+ boolean usersOk = missingUsersInLocal.isEmpty() && missingUsersInKeycloak.isEmpty();
+ boolean rolesOk = missingRolesInLocal.isEmpty() && missingRolesInKeycloak.isEmpty();
+
+ report.put("status", (usersOk && rolesOk) ? "OK" : "MISMATCH");
+
+ report.put("usersKeycloakCount", kcUserIds.size());
+ report.put("usersLocalCount", localUserIds.size());
+ report.put("missingUsersInLocal", missingUsersInLocal);
+ report.put("missingUsersInKeycloak", missingUsersInKeycloak);
+
+ report.put("rolesKeycloakCount", kcRoleNames.size());
+ report.put("rolesLocalCount", localRoleNames.size());
+ report.put("missingRolesInLocal", missingRolesInLocal);
+ report.put("missingRolesInKeycloak", missingRolesInKeycloak);
} catch (Exception e) {
- log.error("Erreur lors de la vérification de cohérence pour le realm {}", realmName, e);
- report.put("status", "error");
- report.put("message", e.getMessage());
+ log.error("❌ Erreur lors du contrôle de cohérence des données pour le realm {}", realmName, e);
+ report.put("status", "ERROR");
+ report.put("error", e.getMessage());
}
return report;
}
@Override
+ @Transactional
public Map forceSyncRealm(@NotBlank String realmName) {
- log.info("Synchronisation forcée du realm: {}", realmName);
-
- Map stats = new java.util.HashMap<>();
- long startTime = System.currentTimeMillis();
-
+ Map result = new HashMap<>();
try {
- int usersCount = syncUsersFromRealm(realmName);
- int rolesCount = syncRolesFromRealm(realmName);
-
- stats.put("realmName", realmName);
- stats.put("usersCount", usersCount);
- stats.put("rolesCount", rolesCount);
- stats.put("success", true);
- stats.put("durationMs", System.currentTimeMillis() - startTime);
+ int users = syncUsersFromRealm(realmName);
+ int roles = syncRolesFromRealm(realmName);
+ result.put("usersSynced", users);
+ result.put("rolesSynced", roles);
+ result.put("status", "SUCCESS");
} catch (Exception e) {
- log.error("Erreur lors de la synchronisation forcée du realm {}", realmName, e);
- stats.put("success", false);
- stats.put("error", e.getMessage());
- stats.put("durationMs", System.currentTimeMillis() - startTime);
+ result.put("status", "FAILURE");
+ result.put("error", e.getMessage());
}
-
- return stats;
+ return result;
}
@Override
public Map getLastSyncStatus(@NotBlank String realmName) {
- log.debug("Récupération du statut de la dernière synchronisation pour le realm: {}", realmName);
+ List history = syncHistoryRepository.findLatestByRealm(realmName, 1);
+ if (history.isEmpty()) {
+ return Collections.singletonMap("status", "NEVER_SYNCED");
+ }
+ SyncHistoryEntity lastSync = history.get(0);
- Map status = new java.util.HashMap<>();
- status.put("realmName", realmName);
- status.put("lastSyncTime", System.currentTimeMillis()); // En production, récupérer depuis un cache
- status.put("status", "completed");
-
- return status;
+ Map statusMap = new HashMap<>(); // Utilisation de HashMap pour permettre nulls si besoin
+ statusMap.put("lastSyncDate", lastSync.getSyncDate());
+ statusMap.put("status", lastSync.getStatus());
+ statusMap.put("type", lastSync.getSyncType());
+ statusMap.put("itemsProcessed", lastSync.getItemsProcessed());
+ return statusMap;
}
@Override
public boolean isKeycloakAvailable() {
- log.debug("Vérification de la disponibilité de Keycloak");
-
try {
- // Test de connexion en récupérant les informations du serveur
- keycloakAdminClient.getInstance().serverInfo().getInfo();
- log.debug("✅ Keycloak est accessible et fonctionne");
+ // getAllRealms() utilise un HttpClient raw : pas de désérialisation de RealmRepresentation
+ // donc pas d'erreur UnrecognizedPropertyException avec Keycloak 26+
+ keycloakAdminClient.getAllRealms();
return true;
} catch (Exception e) {
- log.error("❌ Keycloak n'est pas accessible: {}", e.getMessage());
+ log.warn("Keycloak availability check failed: {}", e.getMessage());
return false;
}
}
@Override
public Map getKeycloakHealthInfo() {
- log.info("Récupération du statut de santé complet de Keycloak");
-
- Map healthInfo = new java.util.HashMap<>();
- healthInfo.put("timestamp", System.currentTimeMillis());
-
+ Map health = new HashMap<>();
try {
- // Test connexion principale
- var serverInfo = keycloakAdminClient.getInstance().serverInfo().getInfo();
- healthInfo.put("keycloakAccessible", true);
- healthInfo.put("keycloakVersion", serverInfo.getSystemInfo().getVersion());
-
- // Test des realms (on essaie juste de lister)
- try {
- int realmsCount = keycloakAdminClient.getInstance().realms().findAll().size();
- healthInfo.put("realmsAccessible", true);
- healthInfo.put("realmsCount", realmsCount);
- } catch (Exception e) {
- healthInfo.put("realmsAccessible", false);
- log.warn("Impossible d'accéder aux realms: {}", e.getMessage());
- }
-
- healthInfo.put("overallHealthy", true);
- log.info("✅ Keycloak est en bonne santé - Version: {}, Realms: {}",
- healthInfo.get("keycloakVersion"), healthInfo.get("realmsCount"));
-
+ var info = keycloak.serverInfo().getInfo();
+ health.put("status", "UP");
+ health.put("version", info.getSystemInfo().getVersion());
+ health.put("serverTime", info.getSystemInfo().getServerTime());
} catch (Exception e) {
- healthInfo.put("keycloakAccessible", false);
- healthInfo.put("overallHealthy", false);
- healthInfo.put("errorMessage", e.getMessage());
- log.error("❌ Keycloak n'est pas accessible: {}", e.getMessage());
+ log.debug("serverInfo().getInfo() failed, trying raw HTTP fallback: {}", e.getMessage());
+ fetchVersionViaHttp(health);
}
+ return health;
+ }
- return healthInfo;
+ private void fetchVersionViaHttp(Map health) {
+ try {
+ String token = keycloak.tokenManager().getAccessTokenString();
+ var client = java.net.http.HttpClient.newHttpClient();
+ var request = java.net.http.HttpRequest.newBuilder()
+ .uri(java.net.URI.create(keycloakServerUrl + "/admin/serverinfo"))
+ .header("Authorization", "Bearer " + token)
+ .header("Accept", "application/json")
+ .GET().build();
+ var response = client.send(request, java.net.http.HttpResponse.BodyHandlers.ofString());
+ if (response.statusCode() == 200) {
+ String body = response.body();
+ health.put("status", "UP");
+ int sysInfoIdx = body.indexOf("\"systemInfo\"");
+ if (sysInfoIdx >= 0) {
+ extractJsonStringField(body, "version", sysInfoIdx)
+ .ifPresent(v -> health.put("version", v));
+ extractJsonStringField(body, "serverTime", sysInfoIdx)
+ .ifPresent(v -> health.put("serverTime", v));
+ }
+ if (!health.containsKey("version")) {
+ health.put("version", "UP (version non parsée)");
+ }
+ } else {
+ health.put("status", "UP");
+ health.put("version", "UP (serverinfo HTTP " + response.statusCode() + ")");
+ }
+ } catch (Exception ex) {
+ log.error("Fallback HTTP serverinfo also failed: {}", ex.getMessage());
+ health.put("status", "DOWN");
+ health.put("error", ex.getMessage());
+ }
+ }
+
+ private java.util.Optional extractJsonStringField(String json, String field, int searchFrom) {
+ String pattern = "\"" + field + "\"";
+ int idx = json.indexOf(pattern, searchFrom);
+ if (idx < 0) return java.util.Optional.empty();
+ int colonIdx = json.indexOf(':', idx + pattern.length());
+ if (colonIdx < 0) return java.util.Optional.empty();
+ int startQuote = json.indexOf('"', colonIdx + 1);
+ if (startQuote < 0) return java.util.Optional.empty();
+ int endQuote = json.indexOf('"', startQuote + 1);
+ if (endQuote < 0) return java.util.Optional.empty();
+ return java.util.Optional.of(json.substring(startQuote + 1, endQuote));
+ }
+
+ // Helper method to record history
+ private void recordSyncHistory(String realmName, String type, String status, int count, LocalDateTime start,
+ String errorMessage) {
+ try {
+ SyncHistoryEntity history = new SyncHistoryEntity();
+ history.setRealmName(realmName);
+ history.setSyncType(type);
+ history.setStatus(status);
+ history.setItemsProcessed(count);
+ history.setSyncDate(LocalDateTime.now());
+ history.setDurationMs(ChronoUnit.MILLIS.between(start, LocalDateTime.now()));
+ history.setErrorMessage(errorMessage);
+
+ // Persist the history entity
+ syncHistoryRepository.persist(history);
+ } catch (Exception e) {
+ log.error("Failed to record sync history", e);
+ }
}
}
diff --git a/src/main/java/dev/lions/user/manager/service/impl/UserServiceImpl.java b/src/main/java/dev/lions/user/manager/service/impl/UserServiceImpl.java
index 335e37f..b381747 100644
--- a/src/main/java/dev/lions/user/manager/service/impl/UserServiceImpl.java
+++ b/src/main/java/dev/lions/user/manager/service/impl/UserServiceImpl.java
@@ -1,19 +1,21 @@
package dev.lions.user.manager.service.impl;
+import dev.lions.user.manager.server.impl.interceptor.Logged;
+
import dev.lions.user.manager.client.KeycloakAdminClient;
+import dev.lions.user.manager.dto.importexport.ImportResultDTO;
import dev.lions.user.manager.dto.user.UserDTO;
import dev.lions.user.manager.dto.user.UserSearchCriteriaDTO;
import dev.lions.user.manager.dto.user.UserSearchResultDTO;
+import dev.lions.user.manager.enums.user.StatutUser;
import dev.lions.user.manager.mapper.UserMapper;
import dev.lions.user.manager.service.UserService;
-import dev.lions.user.manager.service.exception.KeycloakServiceException;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.NotFoundException;
-import jakarta.ws.rs.core.Response;
import lombok.extern.slf4j.Slf4j;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.admin.client.resource.UsersResource;
@@ -21,11 +23,9 @@ import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
-import java.net.ConnectException;
-import java.net.SocketTimeoutException;
-import java.util.Collections;
-import java.util.List;
-import java.util.Optional;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.*;
import java.util.stream.Collectors;
/**
@@ -83,6 +83,23 @@ public class UserServiceImpl implements UserService {
// Convertir en DTOs
List userDTOs = UserMapper.toDTOList(users, realmName);
+ // Enrichir avec les rôles si demandé
+ if (Boolean.TRUE.equals(criteria.getIncludeRoles())) {
+ for (UserDTO dto : userDTOs) {
+ try {
+ List realmRoles = usersResource.get(dto.getId())
+ .roles().realmLevel().listAll();
+ if (realmRoles != null) {
+ dto.setRealmRoles(realmRoles.stream()
+ .map(RoleRepresentation::getName)
+ .collect(Collectors.toList()));
+ }
+ } catch (Exception e) {
+ log.warn("Impossible de charger les rôles pour l'utilisateur {}: {}", dto.getId(), e.getMessage());
+ }
+ }
+ }
+
// Compter le total
long totalCount = usersResource.count();
@@ -91,8 +108,7 @@ public class UserServiceImpl implements UserService {
} catch (Exception e) {
log.error("Erreur lors de la recherche d'utilisateurs", e);
- handleConnectionException(e, "recherche d'utilisateurs");
- return null; // Ne sera jamais atteint car handleConnectionException lance une exception
+ throw new RuntimeException("Impossible de rechercher les utilisateurs", e);
}
}
@@ -135,8 +151,7 @@ public class UserServiceImpl implements UserService {
return Optional.empty();
}
log.error("Erreur lors de la récupération de l'utilisateur {}", userId, e);
- handleConnectionException(e, "récupération de l'utilisateur " + userId);
- return Optional.empty(); // Ne sera jamais atteint mais nécessaire pour le compilateur
+ throw new RuntimeException("Impossible de récupérer l'utilisateur", e);
}
}
@@ -148,11 +163,6 @@ public class UserServiceImpl implements UserService {
List users = keycloakAdminClient.getUsers(realmName)
.search(username, 0, 1, true);
- if (users == null) {
- log.warn("Liste d'utilisateurs null retournée pour username {} dans le realm {}", username, realmName);
- return Optional.empty();
- }
-
if (users.isEmpty()) {
return Optional.empty();
}
@@ -160,8 +170,7 @@ public class UserServiceImpl implements UserService {
return Optional.of(UserMapper.toDTO(users.get(0), realmName));
} catch (Exception e) {
log.error("Erreur lors de la récupération de l'utilisateur par username {}", username, e);
- handleConnectionException(e, "récupération de l'utilisateur par username " + username);
- return Optional.empty(); // Ne sera jamais atteint mais nécessaire pour le compilateur
+ throw new RuntimeException("Impossible de récupérer l'utilisateur", e);
}
}
@@ -173,11 +182,6 @@ public class UserServiceImpl implements UserService {
List users = keycloakAdminClient.getUsers(realmName)
.searchByEmail(email, true);
- if (users == null) {
- log.warn("Liste d'utilisateurs null retournée pour email {} dans le realm {}", email, realmName);
- return Optional.empty();
- }
-
if (users.isEmpty()) {
return Optional.empty();
}
@@ -185,12 +189,12 @@ public class UserServiceImpl implements UserService {
return Optional.of(UserMapper.toDTO(users.get(0), realmName));
} catch (Exception e) {
log.error("Erreur lors de la récupération de l'utilisateur par email {}", email, e);
- handleConnectionException(e, "récupération de l'utilisateur par email " + email);
- return Optional.empty(); // Ne sera jamais atteint mais nécessaire pour le compilateur
+ throw new RuntimeException("Impossible de récupérer l'utilisateur", e);
}
}
@Override
+ @Logged(action = "USER_CREATE", resource = "USER")
public UserDTO createUser(@Valid @NotNull UserDTO user, @NotBlank String realmName) {
log.info("Création de l'utilisateur {} dans le realm {}", user.getUsername(), realmName);
@@ -209,39 +213,10 @@ public class UserServiceImpl implements UserService {
// Créer l'utilisateur
UsersResource usersResource = keycloakAdminClient.getUsers(realmName);
- Response response = usersResource.create(userRep);
+ var response = usersResource.create(userRep);
- // Vérifier si la réponse est null (erreur de connexion)
- if (response == null) {
- log.error("❌ Réponse null lors de la création de l'utilisateur {} - Service Keycloak indisponible", user.getUsername());
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de se connecter au service Keycloak pour créer l'utilisateur: " + user.getUsername());
- }
-
- // Vérifier le code de statut HTTP
- int status = response.getStatus();
- if (status != Response.Status.CREATED.getStatusCode()) {
- String errorMessage = "Échec de la création de l'utilisateur";
- if (response.getStatusInfo() != null) {
- errorMessage += ": " + response.getStatusInfo();
- }
-
- // Gérer les différents codes d'erreur HTTP
- if (status == 400) {
- throw new KeycloakServiceException("Données invalides pour la création de l'utilisateur: " + errorMessage, status);
- } else if (status == 409) {
- throw new IllegalArgumentException("L'utilisateur existe déjà (conflit détecté par Keycloak)");
- } else if (status == 503 || status == 502) {
- throw new KeycloakServiceException.ServiceUnavailableException("Service Keycloak indisponible: " + errorMessage);
- } else {
- throw new KeycloakServiceException(errorMessage, status);
- }
- }
-
- // Vérifier que la location est présente
- if (response.getLocation() == null) {
- log.error("❌ Location manquante dans la réponse de création pour l'utilisateur {}", user.getUsername());
- throw new KeycloakServiceException("Réponse invalide du service Keycloak: location manquante", status);
+ if (response.getStatus() != 201) {
+ throw new RuntimeException("Échec de la création de l'utilisateur: " + response.getStatusInfo());
}
// Récupérer l'ID de l'utilisateur créé
@@ -260,41 +235,22 @@ public class UserServiceImpl implements UserService {
log.info("✅ Utilisateur créé avec succès: {} (ID: {})", user.getUsername(), userId);
return UserMapper.toDTO(createdUser, realmName);
- } catch (IllegalArgumentException e) {
- // Répercuter les erreurs de validation
- throw e;
- } catch (KeycloakServiceException e) {
- // Répercuter les erreurs de service
- throw e;
} catch (Exception e) {
log.error("❌ Erreur lors de la création de l'utilisateur {}", user.getUsername(), e);
- handleConnectionException(e, "création de l'utilisateur " + user.getUsername());
- return null; // Ne sera jamais atteint car handleConnectionException lance une exception
+ throw new RuntimeException("Impossible de créer l'utilisateur", e);
}
}
@Override
+ @Logged(action = "USER_UPDATE", resource = "USER")
public UserDTO updateUser(@NotBlank String userId, @Valid @NotNull UserDTO user, @NotBlank String realmName) {
log.info("Mise à jour de l'utilisateur {} dans le realm {}", userId, realmName);
try {
UserResource userResource = keycloakAdminClient.getUsers(realmName).get(userId);
- // Vérifier si userResource est null (peut arriver si la connexion échoue)
- if (userResource == null) {
- log.error("❌ UserResource null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de se connecter au service Keycloak pour mettre à jour l'utilisateur: " + userId);
- }
-
// Récupérer l'utilisateur existant
UserRepresentation existingUser = userResource.toRepresentation();
-
- if (existingUser == null) {
- log.error("❌ UserRepresentation null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de récupérer les données de l'utilisateur depuis Keycloak: " + userId);
- }
// Mettre à jour les champs
if (user.getEmail() != null) {
@@ -321,39 +277,26 @@ public class UserServiceImpl implements UserService {
// Récupérer l'utilisateur mis à jour
UserRepresentation updatedUser = userResource.toRepresentation();
-
- if (updatedUser == null) {
- log.error("❌ UserRepresentation null après mise à jour pour l'utilisateur {}", userId);
- throw new KeycloakServiceException("Impossible de récupérer l'utilisateur mis à jour", 500);
- }
log.info("✅ Utilisateur mis à jour avec succès: {}", userId);
return UserMapper.toDTO(updatedUser, realmName);
} catch (NotFoundException e) {
log.error("❌ Utilisateur {} non trouvé", userId);
- throw new KeycloakServiceException("Utilisateur non trouvé: " + userId, 404, e);
- } catch (KeycloakServiceException e) {
- throw e;
+ throw new RuntimeException("Utilisateur non trouvé", e);
} catch (Exception e) {
log.error("❌ Erreur lors de la mise à jour de l'utilisateur {}", userId, e);
- handleConnectionException(e, "mise à jour de l'utilisateur " + userId);
- return null; // Ne sera jamais atteint car handleConnectionException lance une exception
+ throw new RuntimeException("Impossible de mettre à jour l'utilisateur", e);
}
}
@Override
+ @Logged(action = "USER_DELETE", resource = "USER")
public void deleteUser(@NotBlank String userId, @NotBlank String realmName, boolean hardDelete) {
log.info("Suppression de l'utilisateur {} dans le realm {} (hard: {})", userId, realmName, hardDelete);
try {
UserResource userResource = keycloakAdminClient.getUsers(realmName).get(userId);
-
- if (userResource == null) {
- log.error("❌ UserResource null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de se connecter au service Keycloak pour supprimer l'utilisateur: " + userId);
- }
if (hardDelete) {
// Suppression définitive
@@ -362,11 +305,6 @@ public class UserServiceImpl implements UserService {
} else {
// Soft delete: désactiver l'utilisateur
UserRepresentation user = userResource.toRepresentation();
- if (user == null) {
- log.error("❌ UserRepresentation null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de récupérer les données de l'utilisateur depuis Keycloak: " + userId);
- }
user.setEnabled(false);
userResource.update(user);
log.info("✅ Utilisateur désactivé (soft delete): {}", userId);
@@ -374,78 +312,46 @@ public class UserServiceImpl implements UserService {
} catch (NotFoundException e) {
log.error("❌ Utilisateur {} non trouvé", userId);
- throw new KeycloakServiceException("Utilisateur non trouvé: " + userId, 404, e);
- } catch (KeycloakServiceException e) {
- throw e;
+ throw new RuntimeException("Utilisateur non trouvé", e);
} catch (Exception e) {
log.error("❌ Erreur lors de la suppression de l'utilisateur {}", userId, e);
- handleConnectionException(e, "suppression de l'utilisateur " + userId);
+ throw new RuntimeException("Impossible de supprimer l'utilisateur", e);
}
}
@Override
+ @Logged(action = "USER_ACTIVATE", resource = "USER")
public void activateUser(@NotBlank String userId, @NotBlank String realmName) {
log.info("Activation de l'utilisateur {} dans le realm {}", userId, realmName);
try {
UserResource userResource = keycloakAdminClient.getUsers(realmName).get(userId);
-
- if (userResource == null) {
- log.error("❌ UserResource null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de se connecter au service Keycloak pour activer l'utilisateur: " + userId);
- }
-
UserRepresentation user = userResource.toRepresentation();
-
- if (user == null) {
- log.error("❌ UserRepresentation null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de récupérer les données de l'utilisateur depuis Keycloak: " + userId);
- }
-
user.setEnabled(true);
userResource.update(user);
log.info("✅ Utilisateur activé: {}", userId);
- } catch (KeycloakServiceException e) {
- throw e;
} catch (Exception e) {
log.error("❌ Erreur lors de l'activation de l'utilisateur {}", userId, e);
- handleConnectionException(e, "activation de l'utilisateur " + userId);
+ throw new RuntimeException("Impossible d'activer l'utilisateur", e);
}
}
@Override
+ @Logged(action = "USER_DEACTIVATE", resource = "USER")
public void deactivateUser(@NotBlank String userId, @NotBlank String realmName, String raison) {
log.info("Désactivation de l'utilisateur {} dans le realm {} (raison: {})", userId, realmName, raison);
try {
UserResource userResource = keycloakAdminClient.getUsers(realmName).get(userId);
-
- if (userResource == null) {
- log.error("❌ UserResource null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de se connecter au service Keycloak pour désactiver l'utilisateur: " + userId);
- }
-
UserRepresentation user = userResource.toRepresentation();
-
- if (user == null) {
- log.error("❌ UserRepresentation null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de récupérer les données de l'utilisateur depuis Keycloak: " + userId);
- }
-
user.setEnabled(false);
userResource.update(user);
log.info("✅ Utilisateur désactivé: {}", userId);
- } catch (KeycloakServiceException e) {
- throw e;
} catch (Exception e) {
log.error("❌ Erreur lors de la désactivation de l'utilisateur {}", userId, e);
- handleConnectionException(e, "désactivation de l'utilisateur " + userId);
+ throw new RuntimeException("Impossible de désactiver l'utilisateur", e);
}
}
@@ -458,12 +364,14 @@ public class UserServiceImpl implements UserService {
}
@Override
+ @Logged(action = "USER_UNLOCK", resource = "USER")
public void unlockUser(@NotBlank String userId, @NotBlank String realmName) {
log.info("Déverrouillage de l'utilisateur {} dans le realm {}", userId, realmName);
activateUser(userId, realmName);
}
@Override
+ @Logged(action = "USER_PASSWORD_RESET", resource = "USER")
public void resetPassword(@NotBlank String userId, @NotBlank String realmName,
@NotBlank String temporaryPassword, boolean temporary) {
log.info("Réinitialisation du mot de passe pour l'utilisateur {} (temporaire: {})", userId, temporary);
@@ -477,48 +385,30 @@ public class UserServiceImpl implements UserService {
try {
UserResource userResource = keycloakAdminClient.getUsers(realmName).get(userId);
-
- if (userResource == null) {
- log.error("❌ UserResource null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de se connecter au service Keycloak pour envoyer l'email de vérification: " + userId);
- }
-
userResource.sendVerifyEmail();
log.info("✅ Email de vérification envoyé: {}", userId);
- } catch (KeycloakServiceException e) {
- throw e;
} catch (Exception e) {
log.error("❌ Erreur lors de l'envoi de l'email de vérification pour {}", userId, e);
- handleConnectionException(e, "envoi de l'email de vérification pour l'utilisateur " + userId);
+ throw new RuntimeException("Impossible d'envoyer l'email de vérification", e);
}
}
@Override
+ @Logged(action = "USER_FORCE_LOGOUT", resource = "USER")
public int logoutAllSessions(@NotBlank String userId, @NotBlank String realmName) {
log.info("Déconnexion de toutes les sessions pour l'utilisateur {}", userId);
try {
UserResource userResource = keycloakAdminClient.getUsers(realmName).get(userId);
-
- if (userResource == null) {
- log.error("❌ UserResource null pour l'utilisateur {} - Service Keycloak indisponible", userId);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de se connecter au service Keycloak pour déconnecter les sessions: " + userId);
- }
-
- int sessionsCount = userResource.getUserSessions() != null ? userResource.getUserSessions().size() : 0;
+ int sessionsCount = userResource.getUserSessions().size();
userResource.logout();
log.info("✅ {} sessions révoquées pour l'utilisateur {}", sessionsCount, userId);
return sessionsCount;
- } catch (KeycloakServiceException e) {
- throw e;
} catch (Exception e) {
log.error("❌ Erreur lors de la déconnexion des sessions pour {}", userId, e);
- handleConnectionException(e, "déconnexion des sessions pour l'utilisateur " + userId);
- return 0; // Ne sera jamais atteint car handleConnectionException lance une exception
+ throw new RuntimeException("Impossible de déconnecter les sessions", e);
}
}
@@ -584,305 +474,228 @@ public class UserServiceImpl implements UserService {
@Override
public String exportUsersToCSV(@NotNull UserSearchCriteriaDTO criteria) {
- log.info("Export des utilisateurs en CSV pour le realm {}", criteria.getRealmName());
+ log.info("Export CSV des utilisateurs avec critères: {}", criteria);
- // Disable pagination for export to get all users
- int originalPageSize = criteria.getPageSize();
- criteria.setPageSize(10000); // Set a large limit or handle pagination loops
+ try {
+ // Récupérer tous les utilisateurs correspondant aux critères
+ UserSearchResultDTO searchResult = searchUsers(criteria);
+ List users = searchResult.getUsers();
- UserSearchResultDTO result = searchUsers(criteria);
- criteria.setPageSize(originalPageSize); // Restore
+ if (users == null || users.isEmpty()) {
+ log.warn("Aucun utilisateur trouvé pour l'export CSV");
+ return generateCSVHeader();
+ }
- StringBuilder csv = new StringBuilder();
- csv.append("username,email,firstName,lastName,enabled\n");
+ // Générer le CSV
+ StringBuilder csv = new StringBuilder();
+ csv.append(generateCSVHeader());
+ csv.append("\n");
- for (UserDTO user : result.getUsers()) {
- csv.append(escape(user.getUsername())).append(",");
- csv.append(escape(user.getEmail())).append(",");
- csv.append(escape(user.getPrenom())).append(",");
- csv.append(escape(user.getNom())).append(",");
- csv.append(user.getEnabled() != null ? user.getEnabled() : true).append("\n");
+ for (UserDTO user : users) {
+ csv.append(escapeCSVField(user.getUsername() != null ? user.getUsername() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getEmail() != null ? user.getEmail() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getPrenom() != null ? user.getPrenom() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getNom() != null ? user.getNom() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getTelephone() != null ? user.getTelephone() : ""));
+ csv.append(",");
+ csv.append(user.getEnabled() != null && user.getEnabled() ? "true" : "false");
+ csv.append(",");
+ csv.append(user.getEmailVerified() != null && user.getEmailVerified() ? "true" : "false");
+ csv.append(",");
+ csv.append(escapeCSVField(user.getStatut() != null ? user.getStatut().name() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getOrganisation() != null ? user.getOrganisation() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getDepartement() != null ? user.getDepartement() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getFonction() != null ? user.getFonction() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getPays() != null ? user.getPays() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getVille() != null ? user.getVille() : ""));
+ csv.append(",");
+ csv.append(escapeCSVField(user.getDateCreation() != null
+ ? user.getDateCreation().format(DateTimeFormatter.ISO_LOCAL_DATE_TIME)
+ : ""));
+ csv.append("\n");
+ }
+
+ log.info("✅ Export CSV réussi: {} utilisateur(s) exporté(s)", users.size());
+ return csv.toString();
+
+ } catch (Exception e) {
+ log.error("❌ Erreur lors de l'export CSV", e);
+ throw new RuntimeException("Impossible d'exporter les utilisateurs en CSV", e);
}
+ }
- return csv.toString();
+ private String generateCSVHeader() {
+ return "username,email,prenom,nom,telephone,enabled,emailVerified,statut,organisation,departement,fonction,pays,ville,dateCreation";
+ }
+
+ private String escapeCSVField(String field) {
+ if (field == null) {
+ return "";
+ }
+ // Si le champ contient une virgule, des guillemets ou un saut de ligne,
+ // l'entourer de guillemets
+ if (field.contains(",") || field.contains("\"") || field.contains("\n")) {
+ // Échapper les guillemets en les doublant
+ return "\"" + field.replace("\"", "\"\"") + "\"";
+ }
+ return field;
}
@Override
- public dev.lions.user.manager.dto.importexport.ImportResultDTO importUsersFromCSV(@NotBlank String csvContent, @NotBlank String realmName) {
- log.info("Import des utilisateurs depuis CSV pour le realm {}", realmName);
+ @Logged(action = "USER_IMPORT", resource = "USER")
+ public ImportResultDTO importUsersFromCSV(@NotBlank String csvContent, @NotBlank String realmName) {
+ log.info("Import CSV de {} lignes pour le realm {}", csvContent.split("\n").length, realmName);
- dev.lions.user.manager.dto.importexport.ImportResultDTO result = dev.lions.user.manager.dto.importexport.ImportResultDTO.builder()
- .totalLines(0)
- .successCount(0)
- .errorCount(0)
- .errors(new java.util.ArrayList<>())
- .build();
+ ImportResultDTO.ImportResultDTOBuilder resultBuilder = ImportResultDTO.builder();
+ List errors = new ArrayList<>();
+ int successCount = 0;
+ int lineNumber = 0;
- String[] lines = csvContent.split("\\r?\\n");
- int startIndex = 0;
+ String[] lines = csvContent.split("\n");
+ resultBuilder.totalLines(lines.length);
- // Skip header if present
- if (lines.length > 0 && lines[0].toLowerCase().startsWith("username")) {
- startIndex = 1;
+ // Ignorer la première ligne si c'est l'en-tête
+ int startLine = 0;
+ if (lines.length > 0 && lines[0].toLowerCase().contains("username")) {
+ startLine = 1;
}
- result.setTotalLines(lines.length - startIndex);
-
- for (int i = startIndex; i < lines.length; i++) {
- int lineNumber = i + 1;
+ for (int i = startLine; i < lines.length; i++) {
+ lineNumber = i + 1;
String line = lines[i].trim();
if (line.isEmpty()) {
- continue; // Ignore empty lines
+ continue;
}
try {
- // Parse CSV line
- String[] parts = parseCSVLine(line);
- if (parts.length < 5) {
- result.addError(dev.lions.user.manager.dto.importexport.ImportResultDTO.ImportErrorDTO.builder()
- .lineNumber(lineNumber)
- .lineContent(line)
- .errorType(dev.lions.user.manager.dto.importexport.ImportResultDTO.ErrorType.INVALID_FORMAT)
- .message("Nombre de colonnes insuffisant (attendu: 5, trouvé: " + parts.length + ")")
- .build());
- continue;
- }
+ // Parser la ligne CSV
+ String[] fields = parseCSVLine(line);
- String username = CsvValidationHelper.clean(parts[0]);
- String email = CsvValidationHelper.clean(parts[1]);
- String firstName = CsvValidationHelper.clean(parts[2]);
- String lastName = CsvValidationHelper.clean(parts[3]);
- String enabledStr = CsvValidationHelper.clean(parts[4]);
-
- // Validate username
- String usernameError = CsvValidationHelper.validateUsername(username);
- if (usernameError != null) {
- result.addError(dev.lions.user.manager.dto.importexport.ImportResultDTO.ImportErrorDTO.builder()
- .lineNumber(lineNumber)
- .lineContent(line)
- .errorType(dev.lions.user.manager.dto.importexport.ImportResultDTO.ErrorType.VALIDATION_ERROR)
- .field("username")
- .message(usernameError)
- .build());
- continue;
- }
-
- // Validate email
- String emailError = CsvValidationHelper.validateEmail(email);
- if (emailError != null) {
- result.addError(dev.lions.user.manager.dto.importexport.ImportResultDTO.ImportErrorDTO.builder()
- .lineNumber(lineNumber)
- .lineContent(line)
- .errorType(dev.lions.user.manager.dto.importexport.ImportResultDTO.ErrorType.VALIDATION_ERROR)
- .field("email")
- .message(emailError)
- .build());
- continue;
- }
-
- // Validate firstName
- String firstNameError = CsvValidationHelper.validateName(firstName, "Prénom");
- if (firstNameError != null) {
- result.addError(dev.lions.user.manager.dto.importexport.ImportResultDTO.ImportErrorDTO.builder()
- .lineNumber(lineNumber)
- .lineContent(line)
- .errorType(dev.lions.user.manager.dto.importexport.ImportResultDTO.ErrorType.VALIDATION_ERROR)
- .field("firstName")
- .message(firstNameError)
- .build());
- continue;
- }
-
- // Validate lastName
- String lastNameError = CsvValidationHelper.validateName(lastName, "Nom");
- if (lastNameError != null) {
- result.addError(dev.lions.user.manager.dto.importexport.ImportResultDTO.ImportErrorDTO.builder()
- .lineNumber(lineNumber)
- .lineContent(line)
- .errorType(dev.lions.user.manager.dto.importexport.ImportResultDTO.ErrorType.VALIDATION_ERROR)
- .field("lastName")
- .message(lastNameError)
- .build());
- continue;
- }
-
- // Validate enabled
- String enabledError = CsvValidationHelper.validateBoolean(enabledStr);
- if (enabledError != null) {
- result.addError(dev.lions.user.manager.dto.importexport.ImportResultDTO.ImportErrorDTO.builder()
- .lineNumber(lineNumber)
- .lineContent(line)
- .errorType(dev.lions.user.manager.dto.importexport.ImportResultDTO.ErrorType.VALIDATION_ERROR)
- .field("enabled")
- .message(enabledError)
- .build());
- continue;
- }
-
- boolean enabled = CsvValidationHelper.parseBoolean(enabledStr);
-
- // Check if user already exists
- try {
- java.util.Optional existingUser = getUserByUsername(username, realmName);
- if (existingUser.isPresent()) {
- result.addError(dev.lions.user.manager.dto.importexport.ImportResultDTO.ImportErrorDTO.builder()
+ if (fields.length < 4) {
+ errors.add(ImportResultDTO.ImportErrorDTO.builder()
.lineNumber(lineNumber)
.lineContent(line)
- .errorType(dev.lions.user.manager.dto.importexport.ImportResultDTO.ErrorType.DUPLICATE_USER)
- .field("username")
- .message("Utilisateur déjà existant: " + username)
+ .errorType(ImportResultDTO.ErrorType.INVALID_FORMAT)
+ .message("Nombre de colonnes insuffisant (minimum 4: username, email, prenom, nom)")
.build());
- continue;
- }
- } catch (Exception e) {
- // User doesn't exist, continue with creation
+ continue;
}
- // Create user
- UserDTO userDTO = UserDTO.builder()
- .username(username)
- .email(email)
- .prenom(firstName)
- .nom(lastName)
- .enabled(enabled)
- .build();
+ // Créer l'utilisateur
+ String username = fields[0].trim();
+ String email = fields[1].trim();
+ String prenom = fields.length > 2 ? fields[2].trim() : "";
+ String nom = fields.length > 3 ? fields[3].trim() : "";
+ String telephone = fields.length > 4 ? fields[4].trim() : null;
+ Boolean enabled = fields.length > 5 ? Boolean.parseBoolean(fields[5].trim()) : true;
+ Boolean emailVerified = fields.length > 6 ? Boolean.parseBoolean(fields[6].trim()) : false;
- try {
- createUser(userDTO, realmName);
- result.setSuccessCount(result.getSuccessCount() + 1);
- log.debug("✅ Utilisateur créé: {} (ligne {})", username, lineNumber);
- } catch (Exception e) {
- result.addError(dev.lions.user.manager.dto.importexport.ImportResultDTO.ImportErrorDTO.builder()
- .lineNumber(lineNumber)
- .lineContent(line)
- .errorType(dev.lions.user.manager.dto.importexport.ImportResultDTO.ErrorType.CREATION_ERROR)
- .message("Erreur lors de la création de l'utilisateur")
- .details(e.getMessage())
- .build());
+ // Valider les champs obligatoires
+ if (username.isBlank() || email.isBlank()) {
+ errors.add(ImportResultDTO.ImportErrorDTO.builder()
+ .lineNumber(lineNumber)
+ .lineContent(line)
+ .errorType(ImportResultDTO.ErrorType.VALIDATION_ERROR)
+ .field(username.isBlank() ? "username" : "email")
+ .message("Le username et l'email sont obligatoires")
+ .build());
+ continue;
}
+ // Vérifier si l'utilisateur existe déjà
+ if (emailExists(email, realmName)) {
+ errors.add(ImportResultDTO.ImportErrorDTO.builder()
+ .lineNumber(lineNumber)
+ .lineContent(line)
+ .errorType(ImportResultDTO.ErrorType.DUPLICATE_USER)
+ .field("email")
+ .message("Un utilisateur avec cet email existe déjà")
+ .build());
+ continue;
+ }
+
+ // Créer l'utilisateur
+ UserDTO newUser = UserDTO.builder()
+ .username(username)
+ .email(email)
+ .prenom(prenom)
+ .nom(nom)
+ .telephone(telephone)
+ .enabled(enabled)
+ .emailVerified(emailVerified)
+ .build();
+
+ createUser(newUser, realmName);
+ successCount++;
+
} catch (Exception e) {
- log.error("Erreur inattendue lors du traitement de la ligne {}: {}", lineNumber, e.getMessage(), e);
- result.addError(dev.lions.user.manager.dto.importexport.ImportResultDTO.ImportErrorDTO.builder()
- .lineNumber(lineNumber)
- .lineContent(line)
- .errorType(dev.lions.user.manager.dto.importexport.ImportResultDTO.ErrorType.SYSTEM_ERROR)
- .message("Erreur système")
- .details(e.getMessage())
- .build());
+ log.error("Erreur lors de l'import de la ligne {}: {}", lineNumber, e.getMessage());
+ errors.add(ImportResultDTO.ImportErrorDTO.builder()
+ .lineNumber(lineNumber)
+ .lineContent(line)
+ .errorType(ImportResultDTO.ErrorType.CREATION_ERROR)
+ .message("Erreur lors de la création: " + e.getMessage())
+ .details(e.getClass().getSimpleName())
+ .build());
}
}
- // Generate summary message
- result.generateMessage();
- log.info(result.getMessage());
+ resultBuilder.successCount(successCount);
+ resultBuilder.errors(errors);
+ resultBuilder.errorCount(errors.size());
+ ImportResultDTO result = resultBuilder.build();
+ result.generateMessage();
+
+ log.info("✅ Import CSV terminé: {} succès, {} erreurs", successCount, errors.size());
return result;
}
- private String escape(String data) {
- if (data == null)
- return "";
- String escapedData = data.replaceAll("\"", "\"\"");
- if (escapedData.contains(",") || escapedData.contains("\n") || escapedData.contains("\"")) {
- return "\"" + escapedData + "\"";
- }
- return escapedData;
- }
-
private String[] parseCSVLine(String line) {
- // Simple regex to split by comma but ignoring commas inside quotes
- // This regex handles: "value",value,"val,ue"
- String[] tokens = line.split(",(?=(?:[^\"]*\"[^\"]*\")*[^\"]*$)", -1);
- for (int i = 0; i < tokens.length; i++) {
- String token = tokens[i].trim();
- if (token.startsWith("\"") && token.endsWith("\"")) {
- token = token.substring(1, token.length() - 1);
- token = token.replaceAll("\"\"", "\"");
+ List fields = new ArrayList<>();
+ boolean inQuotes = false;
+ StringBuilder currentField = new StringBuilder();
+
+ for (int i = 0; i < line.length(); i++) {
+ char c = line.charAt(i);
+
+ if (c == '"') {
+ if (inQuotes && i + 1 < line.length() && line.charAt(i + 1) == '"') {
+ // Guillemet échappé
+ currentField.append('"');
+ i++; // Passer le guillemet suivant
+ } else {
+ // Toggle inQuotes
+ inQuotes = !inQuotes;
+ }
+ } else if (c == ',' && !inQuotes) {
+ // Fin du champ
+ fields.add(currentField.toString());
+ currentField = new StringBuilder();
+ } else {
+ currentField.append(c);
}
- tokens[i] = token;
}
- return tokens;
+
+ // Ajouter le dernier champ
+ fields.add(currentField.toString());
+
+ return fields.toArray(new String[0]);
}
// ==================== Méthodes privées ====================
- /**
- * Valide une réponse HTTP du service Keycloak.
- *
- * @param response La réponse à valider
- * @param operation Nom de l'opération (pour les logs)
- * @param expectedStatus Le code de statut HTTP attendu
- * @throws KeycloakServiceException si la réponse est null ou a un code d'erreur
- */
- private void validateResponse(Response response, String operation, int expectedStatus) {
- if (response == null) {
- log.error("❌ Réponse null lors de l'opération {} - Service Keycloak indisponible", operation);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Impossible de se connecter au service Keycloak pour l'opération: " + operation);
- }
-
- int status = response.getStatus();
- if (status != expectedStatus) {
- String errorMessage = "Échec de l'opération: " + operation;
- if (response.getStatusInfo() != null) {
- errorMessage += " - " + response.getStatusInfo();
- }
-
- // Gérer les différents codes d'erreur HTTP
- if (status == 400) {
- throw new KeycloakServiceException("Données invalides: " + errorMessage, status);
- } else if (status == 401) {
- throw new KeycloakServiceException("Non autorisé: " + errorMessage, status);
- } else if (status == 403) {
- throw new KeycloakServiceException("Accès interdit: " + errorMessage, status);
- } else if (status == 404) {
- throw new KeycloakServiceException("Ressource non trouvée: " + errorMessage, status);
- } else if (status == 409) {
- throw new KeycloakServiceException("Conflit: " + errorMessage, status);
- } else if (status == 500) {
- throw new KeycloakServiceException("Erreur serveur interne Keycloak: " + errorMessage, status);
- } else if (status == 502 || status == 503) {
- throw new KeycloakServiceException.ServiceUnavailableException("Service Keycloak indisponible: " + errorMessage);
- } else if (status == 504) {
- throw new KeycloakServiceException.TimeoutException("Timeout lors de l'opération: " + operation);
- } else {
- throw new KeycloakServiceException(errorMessage, status);
- }
- }
- }
-
- /**
- * Gère les exceptions de connexion et les convertit en KeycloakServiceException appropriée.
- *
- * @throws KeycloakServiceException toujours (lève une exception)
- */
- private void handleConnectionException(Exception e, String operation) throws KeycloakServiceException {
- String errorMessage = e.getMessage();
-
- if (e instanceof ConnectException ||
- e instanceof SocketTimeoutException ||
- (errorMessage != null && (errorMessage.contains("Connection") ||
- errorMessage.contains("timeout") ||
- errorMessage.contains("refused") ||
- errorMessage.contains("Unable to connect")))) {
- log.error("❌ Erreur de connexion au service Keycloak lors de l'opération {}", operation, e);
- throw new KeycloakServiceException.ServiceUnavailableException(
- "Erreur de connexion au service Keycloak: " + (errorMessage != null ? errorMessage : e.getClass().getSimpleName()), e);
- }
-
- // Pour les autres exceptions, vérifier si c'est une KeycloakServiceException déjà
- if (e instanceof KeycloakServiceException) {
- throw (KeycloakServiceException) e;
- }
-
- // Sinon, encapsuler dans une KeycloakServiceException générique
- throw new KeycloakServiceException("Erreur lors de l'opération " + operation + ": " +
- (errorMessage != null ? errorMessage : e.getClass().getSimpleName()), e);
- }
-
- private void setPassword(String userId, String realmName, String password, boolean temporary) throws KeycloakServiceException {
+ private void setPassword(String userId, String realmName, String password, boolean temporary) {
try {
UserResource userResource = keycloakAdminClient.getUsers(realmName).get(userId);
@@ -896,7 +709,7 @@ public class UserServiceImpl implements UserService {
log.info("✅ Mot de passe défini pour l'utilisateur {} (temporaire: {})", userId, temporary);
} catch (Exception e) {
log.error("❌ Erreur lors de la définition du mot de passe pour {}", userId, e);
- handleConnectionException(e, "définition du mot de passe pour l'utilisateur " + userId);
+ throw new RuntimeException("Impossible de définir le mot de passe", e);
}
}
@@ -914,10 +727,144 @@ public class UserServiceImpl implements UserService {
return false;
}
- // TODO: Ajouter d'autres filtres selon les besoins
+ // Filtrer par username
+ if (criteria.getUsername() != null
+ && !criteria.getUsername().equalsIgnoreCase(user.getUsername())) {
+ return false;
+ }
+
+ // Filtrer par email
+ if (criteria.getEmail() != null && !criteria.getEmail().equalsIgnoreCase(user.getEmail())) {
+ return false;
+ }
+
+ // Filtrer par prénom
+ if (criteria.getPrenom() != null) {
+ String prenom = user.getFirstName();
+ if (prenom == null || !prenom.toLowerCase().contains(criteria.getPrenom().toLowerCase())) {
+ return false;
+ }
+ }
+
+ // Filtrer par nom
+ if (criteria.getNom() != null) {
+ String nom = user.getLastName();
+ if (nom == null || !nom.toLowerCase().contains(criteria.getNom().toLowerCase())) {
+ return false;
+ }
+ }
+
+ // Filtrer par téléphone
+ if (criteria.getTelephone() != null) {
+ String phone = user.getAttributes() != null
+ ? user.getAttributes().getOrDefault("phone_number", Collections.emptyList()).stream()
+ .findFirst().orElse(null)
+ : null;
+ if (phone == null || !phone.contains(criteria.getTelephone())) {
+ return false;
+ }
+ }
+
+ // Filtrer par statut (basé sur enabled et emailVerified)
+ if (criteria.getStatut() != null) {
+ StatutUser userStatut = determineUserStatut(user);
+ if (!criteria.getStatut().equals(userStatut)) {
+ return false;
+ }
+ }
+
+ // Filtrer par organisation
+ if (criteria.getOrganisation() != null) {
+ String org = user.getAttributes() != null
+ ? user.getAttributes().getOrDefault("organization", Collections.emptyList()).stream()
+ .findFirst().orElse(null)
+ : null;
+ if (org == null || !org.toLowerCase().contains(criteria.getOrganisation().toLowerCase())) {
+ return false;
+ }
+ }
+
+ // Filtrer par département
+ if (criteria.getDepartement() != null) {
+ String dept = user.getAttributes() != null
+ ? user.getAttributes().getOrDefault("department", Collections.emptyList()).stream()
+ .findFirst().orElse(null)
+ : null;
+ if (dept == null || !dept.toLowerCase().contains(criteria.getDepartement().toLowerCase())) {
+ return false;
+ }
+ }
+
+ // Filtrer par fonction
+ if (criteria.getFonction() != null) {
+ String fonction = user.getAttributes() != null
+ ? user.getAttributes().getOrDefault("job_title", Collections.emptyList()).stream()
+ .findFirst().orElse(null)
+ : null;
+ if (fonction == null
+ || !fonction.toLowerCase().contains(criteria.getFonction().toLowerCase())) {
+ return false;
+ }
+ }
+
+ // Filtrer par pays
+ if (criteria.getPays() != null) {
+ String pays = user.getAttributes() != null
+ ? user.getAttributes().getOrDefault("country", Collections.emptyList()).stream()
+ .findFirst().orElse(null)
+ : null;
+ if (pays == null || !pays.toLowerCase().contains(criteria.getPays().toLowerCase())) {
+ return false;
+ }
+ }
+
+ // Filtrer par ville
+ if (criteria.getVille() != null) {
+ String ville = user.getAttributes() != null
+ ? user.getAttributes().getOrDefault("city", Collections.emptyList()).stream()
+ .findFirst().orElse(null)
+ : null;
+ if (ville == null || !ville.toLowerCase().contains(criteria.getVille().toLowerCase())) {
+ return false;
+ }
+ }
+
+ // Filtrer par date de création
+ if (criteria.getDateCreationMin() != null || criteria.getDateCreationMax() != null) {
+ Long createdTimestamp = user.getCreatedTimestamp();
+ if (createdTimestamp != null) {
+ LocalDateTime createdDate = LocalDateTime.ofEpochSecond(
+ createdTimestamp / 1000, 0,
+ java.time.ZoneOffset.UTC);
+
+ if (criteria.getDateCreationMin() != null &&
+ createdDate.isBefore(criteria.getDateCreationMin())) {
+ return false;
+ }
+
+ if (criteria.getDateCreationMax() != null &&
+ createdDate.isAfter(criteria.getDateCreationMax())) {
+ return false;
+ }
+ } else {
+ // Si pas de date de création et qu'un filtre min est défini, exclure
+ if (criteria.getDateCreationMin() != null) {
+ return false;
+ }
+ }
+ }
return true;
})
.collect(Collectors.toList());
}
+
+ private StatutUser determineUserStatut(UserRepresentation user) {
+ if (!user.isEnabled()) {
+ return StatutUser.INACTIF;
+ }
+ // Si enabled mais email non vérifié, on considère toujours comme ACTIF
+ // car l'email non vérifié n'empêche pas l'activation du compte
+ return StatutUser.ACTIF;
+ }
}
diff --git a/src/main/resources/META-INF/beans.xml b/src/main/resources/META-INF/beans.xml
new file mode 100644
index 0000000..5e4c686
--- /dev/null
+++ b/src/main/resources/META-INF/beans.xml
@@ -0,0 +1,6 @@
+
+
+
diff --git a/src/main/resources/META-INF/reflection-config.json b/src/main/resources/META-INF/reflection-config.json
new file mode 100644
index 0000000..d64bffe
--- /dev/null
+++ b/src/main/resources/META-INF/reflection-config.json
@@ -0,0 +1,33 @@
+[
+ {
+ "name": "dev.lions.user.manager.dto.realm.RealmAssignmentDTO",
+ "allDeclaredFields": true,
+ "allDeclaredMethods": true,
+ "allDeclaredConstructors": true
+ },
+ {
+ "name": "dev.lions.user.manager.dto.role.RoleDTO",
+ "allDeclaredFields": true,
+ "allDeclaredMethods": true,
+ "allDeclaredConstructors": true
+ },
+ {
+ "name": "dev.lions.user.manager.dto.role.RoleDTO$RoleCompositeDTO",
+ "allDeclaredFields": true,
+ "allDeclaredMethods": true,
+ "allDeclaredConstructors": true
+ },
+ {
+ "name": "dev.lions.user.manager.dto.user.UserDTO",
+ "allDeclaredFields": true,
+ "allDeclaredMethods": true,
+ "allDeclaredConstructors": true
+ },
+ {
+ "name": "dev.lions.user.manager.dto.user.UserSearchResultDTO",
+ "allDeclaredFields": true,
+ "allDeclaredMethods": true,
+ "allDeclaredConstructors": true
+ }
+]
+
diff --git a/src/main/resources/application-dev.properties b/src/main/resources/application-dev.properties
index b76d83f..d7bc0b9 100644
--- a/src/main/resources/application-dev.properties
+++ b/src/main/resources/application-dev.properties
@@ -1,105 +1,101 @@
# ============================================================================
-# Lions User Manager Server - Configuration Développement
+# Lions User Manager - Server Implementation Configuration - DEV
# ============================================================================
-# Ce fichier contient TOUTES les propriétés spécifiques au développement
-# Il surcharge et complète application.properties
+# Ce fichier contient UNIQUEMENT les propriétés spécifiques au DÉVELOPPEMENT
+# Il surcharge application.properties
# ============================================================================
# ============================================
# HTTP Configuration DEV
# ============================================
quarkus.http.port=8081
-
-# CORS permissif en dev
-quarkus.http.cors.origins=*
+quarkus.http.host=localhost
+quarkus.http.cors.origins=http://localhost:3000,http://localhost:8080,http://localhost:8081,http://localhost:8082
# ============================================
-# Logging DEV (plus verbeux)
+# OIDC Configuration DEV
# ============================================
-quarkus.log.level=DEBUG
-quarkus.log.category."dev.lions.user.manager".level=TRACE
-quarkus.log.category."org.keycloak".level=DEBUG
-quarkus.log.category."io.quarkus.oidc".level=DEBUG
-quarkus.log.category."io.quarkus.oidc.runtime".level=DEBUG
-quarkus.log.category."io.quarkus.security".level=DEBUG
-
-quarkus.log.console.format=%d{HH:mm:ss} %-5p [%c{2.}] (%t) %s%e%n
-
-# File Logging pour Audit (DEV)
-quarkus.log.file.path=logs/dev/lions-user-manager.log
-quarkus.log.file.rotation.max-backup-index=3
-
-# ============================================
-# OIDC Configuration DEV - DÉSACTIVÉ PAR DÉFAUT
-# ============================================
-# En mode DEV, on désactive OIDC sur le backend pour simplifier le développement
-# Le client JSF est sécurisé, mais le backend accepte toutes les requêtes
-# ATTENTION: NE JAMAIS utiliser cette config en production !
-quarkus.oidc.enabled=false
-
-# Alternative: Si vous voulez activer OIDC en dev (pour tester le flow complet),
-# commentez la ligne "quarkus.oidc.enabled=false" ci-dessus et décommentez ci-dessous:
-#
-# quarkus.oidc.enabled=true
-# quarkus.oidc.auth-server-url=http://localhost:8180/realms/lions-user-manager
-# quarkus.oidc.tls.verification=none
-# quarkus.oidc.token.issuer=http://localhost:8180/realms/lions-user-manager
-# quarkus.oidc.discovery-enabled=true
-# quarkus.oidc.token.audience=account
-# quarkus.oidc.verify-access-token=true
-# quarkus.oidc.roles.role-claim-path=realm_access/roles
-# quarkus.security.auth.enabled=true
+quarkus.oidc.enabled=true
+quarkus.oidc.auth-server-url=http://localhost:8180/realms/lions-user-manager
+quarkus.oidc.token.issuer=http://localhost:8180/realms/lions-user-manager
+quarkus.oidc.tls.verification=none
# ============================================
# Keycloak Admin Client Configuration DEV
# ============================================
-# Configuration pour accéder à l'API Admin de Keycloak local
-# IMPORTANT: L'utilisateur admin se trouve dans le realm "master", pas "lions-user-manager"
lions.keycloak.server-url=http://localhost:8180
-lions.keycloak.admin-realm=master
-lions.keycloak.admin-client-id=admin-cli
lions.keycloak.admin-username=admin
lions.keycloak.admin-password=admin
+lions.keycloak.connection-pool-size=5
+lions.keycloak.timeout-seconds=30
+lions.keycloak.authorized-realms=lions-user-manager,master,btpxpress,test-realm
-# Timeout augmenté pour Keycloak local (peut être lent au démarrage)
-lions.keycloak.timeout-seconds=60
-
-# Realms autorisés en dev
-lions.keycloak.authorized-realms=lions-user-manager,btpxpress,master,unionflow
+# Quarkus-managed Keycloak Admin Client DEV
+quarkus.keycloak.admin-client.server-url=${lions.keycloak.server-url}
+quarkus.keycloak.admin-client.username=${lions.keycloak.admin-username}
+quarkus.keycloak.admin-client.password=${lions.keycloak.admin-password}
# ============================================
# Audit Configuration DEV
# ============================================
+lions.audit.log-to-database=false
+lions.audit.log-to-file=true
lions.audit.retention-days=30
+# ============================================
+# Database Configuration DEV
+# ============================================
+quarkus.datasource.health.enabled=false
+quarkus.datasource.username=${DB_USERNAME:skyfile}
+quarkus.datasource.password=${DB_PASSWORD:skyfile}
+quarkus.datasource.jdbc.url=jdbc:postgresql://${DB_HOST:localhost}:${DB_PORT:5432}/${DB_NAME:lions_user_manager_dev}
+
+# ============================================
+# Hibernate ORM Configuration DEV
+# ============================================
+quarkus.hibernate-orm.database.generation=update
+quarkus.hibernate-orm.log.sql=true
+
+# ============================================
+# Flyway Configuration DEV
+# ============================================
+quarkus.flyway.migrate-at-start=false
+
+# ============================================
+# Logging Configuration DEV
+# ============================================
+quarkus.log.level=INFO
+quarkus.log.category."dev.lions.user.manager".level=DEBUG
+quarkus.log.category."dev.lions.user.manager.security".level=DEBUG
+quarkus.log.category."org.keycloak".level=INFO
+quarkus.log.category."io.quarkus".level=INFO
+quarkus.log.category."io.quarkus.oidc".level=INFO
+quarkus.log.category."io.quarkus.oidc.runtime".level=DEBUG
+quarkus.log.category."io.quarkus.security".level=DEBUG
+quarkus.log.category."io.quarkus.security.runtime".level=DEBUG
+
+quarkus.log.console.enable=true
+quarkus.log.console.format=%d{HH:mm:ss} %-5p [%c{2.}] (%t) %s%e%n
+
+# File Logging pour Audit DEV
+quarkus.log.file.enable=true
+quarkus.log.file.path=logs/dev/lions-user-manager.log
+quarkus.log.file.rotation.max-file-size=10M
+quarkus.log.file.rotation.max-backup-index=3
+
# ============================================
# OpenAPI/Swagger Configuration DEV
# ============================================
+quarkus.swagger-ui.always-include=true
quarkus.swagger-ui.enable=true
# ============================================
-# Security Configuration DEV
+# Dev Services DEV
# ============================================
-# Security désactivée en dev (car OIDC est désactivé)
-quarkus.security.auth.enabled=false
-quarkus.security.jaxrs.deny-unannotated-endpoints=false
-quarkus.security.auth.proactive=false
-
-# Permissions HTTP - Accès public à tous les endpoints en DEV
-quarkus.http.auth.permission.public.paths=/api/*,/q/*,/health/*,/metrics,/swagger-ui/*,/openapi
-quarkus.http.auth.permission.public.policy=permit
+quarkus.devservices.enabled=false
# ============================================
-# Hot Reload et Dev Mode
+# Hot Reload DEV
# ============================================
quarkus.live-reload.instrumentation=true
quarkus.test.continuous-testing=disabled
-quarkus.profile=dev
-
-# ============================================
-# Indexation des dépendances Keycloak
-# ============================================
-quarkus.index-dependency.keycloak-admin.group-id=org.keycloak
-quarkus.index-dependency.keycloak-admin.artifact-id=keycloak-admin-client
-quarkus.index-dependency.keycloak-core.group-id=org.keycloak
-quarkus.index-dependency.keycloak-core.artifact-id=keycloak-core
diff --git a/src/main/resources/application-prod.properties b/src/main/resources/application-prod.properties
index 881a6af..3174f23 100644
--- a/src/main/resources/application-prod.properties
+++ b/src/main/resources/application-prod.properties
@@ -1,66 +1,38 @@
# ============================================================================
-# Lions User Manager Server - Configuration Production
+# Lions User Manager - Server Implementation Configuration - PROD
# ============================================================================
-# Ce fichier contient TOUTES les propriétés spécifiques à la production
-# Il surcharge et complète application.properties
+# Ce fichier contient UNIQUEMENT les propriétés spécifiques à la PRODUCTION
+# Il surcharge application.properties
# ============================================================================
# ============================================
# HTTP Configuration PROD
# ============================================
quarkus.http.port=8080
-
-# CORS restrictif en production (via variable d'environnement)
-quarkus.http.cors.origins=${CORS_ORIGINS:https://btpxpress.lions.dev,https://admin.lions.dev}
+quarkus.http.cors.origins=${CORS_ORIGINS:https://users.lions.dev,https://btpxpress.lions.dev,https://admin.lions.dev}
# ============================================
-# Logging PROD (moins verbeux)
-# ============================================
-quarkus.log.level=INFO
-quarkus.log.category."dev.lions.user.manager".level=INFO
-quarkus.log.category."org.keycloak".level=WARN
-
-quarkus.log.console.format=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n
-
-# File Logging pour Audit (PROD)
-quarkus.log.file.path=/var/log/lions/lions-user-manager.log
-quarkus.log.file.rotation.max-file-size=50M
-quarkus.log.file.rotation.max-backup-index=30
-quarkus.log.file.rotation.rotate-on-boot=false
-
-# ============================================
-# OIDC Configuration PROD - OBLIGATOIRE ET ACTIF
+# OIDC Configuration PROD
# ============================================
quarkus.oidc.enabled=true
-quarkus.oidc.auth-server-url=${KEYCLOAK_AUTH_SERVER_URL:https://security.lions.dev/realms/master}
-quarkus.oidc.credentials.secret=${KEYCLOAK_CLIENT_SECRET}
-quarkus.oidc.token.issuer=${KEYCLOAK_AUTH_SERVER_URL:https://security.lions.dev/realms/master}
-
-# Vérification TLS requise en production
+quarkus.oidc.auth-server-url=${KEYCLOAK_AUTH_SERVER_URL:https://security.lions.dev/realms/lions-user-manager}
+quarkus.oidc.token.issuer=${KEYCLOAK_AUTH_SERVER_URL:https://security.lions.dev/realms/lions-user-manager}
quarkus.oidc.tls.verification=required
-# Vérification stricte des tokens
-quarkus.oidc.discovery-enabled=true
-quarkus.oidc.verify-access-token=true
-
-# Extraction des rôles
-quarkus.oidc.roles.role-claim-path=realm_access/roles
-
# ============================================
# Keycloak Admin Client Configuration PROD
# ============================================
lions.keycloak.server-url=${KEYCLOAK_SERVER_URL:https://security.lions.dev}
-lions.keycloak.admin-realm=${KEYCLOAK_ADMIN_REALM:master}
-lions.keycloak.admin-client-id=admin-cli
lions.keycloak.admin-username=${KEYCLOAK_ADMIN_USERNAME}
lions.keycloak.admin-password=${KEYCLOAK_ADMIN_PASSWORD}
-
-# Pool de connexions augmenté en production
lions.keycloak.connection-pool-size=20
lions.keycloak.timeout-seconds=60
+lions.keycloak.authorized-realms=${KEYCLOAK_AUTHORIZED_REALMS:lions-user-manager,btpxpress,master,unionflow}
-# Realms autorisés en production (via variable d'environnement)
-lions.keycloak.authorized-realms=${KEYCLOAK_AUTHORIZED_REALMS:btpxpress,master,unionflow}
+# Quarkus-managed Keycloak Admin Client PROD
+quarkus.keycloak.admin-client.server-url=${lions.keycloak.server-url}
+quarkus.keycloak.admin-client.username=${lions.keycloak.admin-username}
+quarkus.keycloak.admin-client.password=${lions.keycloak.admin-password}
# ============================================
# Retry Configuration PROD
@@ -71,40 +43,51 @@ lions.keycloak.retry.delay-seconds=3
# ============================================
# Audit Configuration PROD
# ============================================
-lions.audit.retention-days=365
lions.audit.log-to-database=true
+lions.audit.log-to-file=false
+lions.audit.retention-days=365
# ============================================
-# Database Configuration PROD (pour audit)
+# Database Configuration PROD
# ============================================
-quarkus.datasource.db-kind=postgresql
-quarkus.datasource.username=${DB_USERNAME:audit_user}
+quarkus.datasource.health.enabled=true
+quarkus.datasource.username=${DB_USERNAME}
quarkus.datasource.password=${DB_PASSWORD}
-quarkus.datasource.jdbc.url=jdbc:postgresql://${DB_HOST:lions-db.lions.svc.cluster.local}:${DB_PORT:5432}/${DB_NAME:lions_audit}
-quarkus.datasource.jdbc.max-size=20
-quarkus.datasource.jdbc.min-size=5
-quarkus.hibernate-orm.enabled=true
+quarkus.datasource.jdbc.url=jdbc:postgresql://${DB_HOST}:${DB_PORT:5432}/${DB_NAME:lions_user_manager}
+
+# ============================================
+# Hibernate ORM Configuration PROD
+# ============================================
quarkus.hibernate-orm.database.generation=none
+quarkus.hibernate-orm.log.sql=false
+
+# ============================================
+# Flyway Configuration PROD
+# ============================================
quarkus.flyway.migrate-at-start=true
-quarkus.flyway.baseline-on-migrate=true
-quarkus.flyway.baseline-version=1.0.0
+
+# ============================================
+# Logging Configuration PROD
+# ============================================
+quarkus.log.level=INFO
+quarkus.log.category."dev.lions.user.manager".level=INFO
+quarkus.log.category."org.keycloak".level=WARN
+quarkus.log.category."io.quarkus".level=INFO
+
+quarkus.log.console.enable=true
+quarkus.log.console.format=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n
+
+# File Logging désactivé en PROD (logs centralisés via Kubernetes)
+quarkus.log.file.enable=false
# ============================================
# OpenAPI/Swagger Configuration PROD
# ============================================
-# Swagger désactivé en production par défaut
quarkus.swagger-ui.always-include=false
quarkus.swagger-ui.enable=false
# ============================================
-# Security Configuration PROD (strict)
-# ============================================
-quarkus.security.auth.enabled=true
-quarkus.security.jaxrs.deny-unannotated-endpoints=true
-quarkus.security.auth.proactive=true
-
-# ============================================
-# Performance tuning PROD
+# Performance Tuning PROD
# ============================================
quarkus.thread-pool.core-threads=4
quarkus.thread-pool.max-threads=32
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 3ac96c9..c1b5f41 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,20 +1,18 @@
# ============================================================================
-# Lions User Manager Server - Configuration Commune
+# Lions User Manager - Server Implementation Configuration (COMMUNE)
# ============================================================================
-# Ce fichier contient UNIQUEMENT la configuration commune à tous les environnements
-# Les configurations spécifiques sont dans:
-# - application-dev.properties (développement)
-# - application-prod.properties (production)
+# Ce fichier contient UNIQUEMENT les propriétés COMMUNES à tous les environnements
+# Les propriétés spécifiques dev/prod vont dans application-dev.properties et application-prod.properties
# ============================================================================
# ============================================
-# Application Info
+# Application Info (COMMUNE)
# ============================================
quarkus.application.name=lions-user-manager-server
quarkus.application.version=1.0.0
# ============================================
-# HTTP Configuration (commune)
+# HTTP Configuration (COMMUNE)
# ============================================
quarkus.http.host=0.0.0.0
quarkus.http.cors=true
@@ -22,54 +20,49 @@ quarkus.http.cors.methods=GET,POST,PUT,DELETE,PATCH,OPTIONS
quarkus.http.cors.headers=*
# ============================================
-# Keycloak OIDC Configuration (base commune)
+# OIDC Configuration (COMMUNE)
# ============================================
quarkus.oidc.application-type=service
+quarkus.oidc.discovery-enabled=true
+quarkus.oidc.roles.role-claim-path=realm_access/roles
+quarkus.oidc.token.audience=account
# ============================================
-# Keycloak Admin Client Configuration (base commune)
+# Keycloak Admin Client (COMMUNE)
# ============================================
-lions.keycloak.connection-pool-size=10
-lions.keycloak.timeout-seconds=30
+lions.keycloak.admin-realm=master
+lions.keycloak.admin-client-id=admin-cli
-# Retry Configuration (pour appels Keycloak)
+# Quarkus-managed Keycloak Admin Client (uses Quarkus ObjectMapper with fail-on-unknown-properties=false)
+quarkus.keycloak.admin-client.realm=${lions.keycloak.admin-realm}
+quarkus.keycloak.admin-client.client-id=${lions.keycloak.admin-client-id}
+quarkus.keycloak.admin-client.grant-type=PASSWORD
+
+# ============================================
+# Retry Configuration (COMMUNE)
+# ============================================
lions.keycloak.retry.max-attempts=3
lions.keycloak.retry.delay-seconds=2
# ============================================
-# Audit Configuration
+# Audit Configuration (COMMUNE)
# ============================================
lions.audit.enabled=true
-lions.audit.log-to-database=false
-lions.audit.log-to-file=true
-lions.audit.retention-days=90
# ============================================
-# Database Configuration (désactivé par défaut)
+# Database Configuration (COMMUNE)
# ============================================
-# Désactiver Hibernate ORM si aucune entité JPA n'est utilisée
-quarkus.hibernate-orm.enabled=false
+quarkus.datasource.db-kind=postgresql
+quarkus.datasource.devservices.enabled=false
# ============================================
-# Logging Configuration (base commune)
+# Flyway Configuration (COMMUNE)
# ============================================
-quarkus.log.level=INFO
-quarkus.log.category."dev.lions.user.manager".level=DEBUG
-quarkus.log.category."org.keycloak".level=WARN
-
-quarkus.log.console.enable=true
-quarkus.log.console.format=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n
-
-# File Logging pour Audit
-quarkus.log.file.enable=true
-quarkus.log.file.path=logs/lions-user-manager.log
-quarkus.log.file.rotation.max-file-size=10M
-quarkus.log.file.rotation.max-backup-index=10
+# Migration manuelle en production, vérifier avant d'activer
# ============================================
-# OpenAPI/Swagger Configuration
+# OpenAPI/Swagger Configuration (COMMUNE)
# ============================================
-quarkus.swagger-ui.always-include=true
mp.openapi.extensions.smallrye.info.title=Lions User Manager API
mp.openapi.extensions.smallrye.info.version=1.0.0
mp.openapi.extensions.smallrye.info.description=API de gestion centralisée des utilisateurs Keycloak
@@ -77,32 +70,35 @@ mp.openapi.extensions.smallrye.info.contact.name=Lions Dev Team
mp.openapi.extensions.smallrye.info.contact.email=contact@lions.dev
# ============================================
-# Health Check Configuration
+# Health Check Configuration (COMMUNE)
# ============================================
quarkus.smallrye-health.root-path=/health
quarkus.smallrye-health.liveness-path=/health/live
quarkus.smallrye-health.readiness-path=/health/ready
# ============================================
-# Metrics Configuration
+# Metrics Configuration (COMMUNE)
# ============================================
quarkus.micrometer.enabled=true
quarkus.micrometer.export.prometheus.enabled=true
quarkus.micrometer.export.prometheus.path=/metrics
# ============================================
-# Security Configuration
+# Security Configuration (COMMUNE)
# ============================================
quarkus.security.jaxrs.deny-unannotated-endpoints=false
# ============================================
-# Jackson Configuration
+# Jackson Configuration (COMMUNE)
# ============================================
quarkus.jackson.fail-on-unknown-properties=false
quarkus.jackson.write-dates-as-timestamps=false
quarkus.jackson.serialization-inclusion=non_null
# ============================================
-# Dev Services (désactivé par défaut)
+# Indexing (COMMUNE - pour Keycloak)
# ============================================
-quarkus.devservices.enabled=false
+quarkus.index-dependency.keycloak-admin.group-id=org.keycloak
+quarkus.index-dependency.keycloak-admin.artifact-id=keycloak-admin-client
+quarkus.index-dependency.keycloak-core.group-id=org.keycloak
+quarkus.index-dependency.keycloak-core.artifact-id=keycloak-core
diff --git a/src/main/resources/db/migration/V2.0.0__Create_sync_tables.sql b/src/main/resources/db/migration/V2.0.0__Create_sync_tables.sql
new file mode 100644
index 0000000..c234d62
--- /dev/null
+++ b/src/main/resources/db/migration/V2.0.0__Create_sync_tables.sql
@@ -0,0 +1,85 @@
+-- =============================================================================
+-- Migration Flyway V2.0.0 - Création des tables de synchronisation Keycloak
+-- =============================================================================
+-- Description: Tables pour la persistance des snapshots et de l'historique
+-- des synchronisations entre l'application et Keycloak.
+--
+-- Entités correspondantes:
+-- SyncHistoryEntity → sync_history
+-- SyncedUserEntity → synced_user
+-- SyncedRoleEntity → synced_role
+--
+-- Auteur: Lions Development Team
+-- Date: 2026-02-17
+-- Version: 2.0.0
+-- =============================================================================
+
+
+-- =============================================================================
+-- TABLE sync_history : historique des opérations de synchronisation
+-- =============================================================================
+CREATE TABLE IF NOT EXISTS sync_history (
+ id BIGSERIAL PRIMARY KEY,
+ realm_name VARCHAR(255) NOT NULL,
+ sync_date TIMESTAMP NOT NULL,
+ sync_type VARCHAR(50) NOT NULL, -- 'USER' ou 'ROLE'
+ status VARCHAR(50) NOT NULL, -- 'SUCCESS' ou 'FAILURE'
+ items_processed INTEGER,
+ duration_ms BIGINT,
+ error_message TEXT
+);
+
+CREATE INDEX IF NOT EXISTS idx_sync_realm ON sync_history(realm_name);
+CREATE INDEX IF NOT EXISTS idx_sync_date ON sync_history(sync_date DESC);
+
+COMMENT ON TABLE sync_history IS 'Historique des synchronisations Keycloak (users et rôles)';
+COMMENT ON COLUMN sync_history.sync_type IS 'Type de synchronisation : USER ou ROLE';
+COMMENT ON COLUMN sync_history.status IS 'Résultat : SUCCESS ou FAILURE';
+
+
+-- =============================================================================
+-- TABLE synced_user : snapshot local des utilisateurs Keycloak synchronisés
+-- =============================================================================
+CREATE TABLE IF NOT EXISTS synced_user (
+ id BIGSERIAL PRIMARY KEY,
+ realm_name VARCHAR(255) NOT NULL,
+ keycloak_id VARCHAR(255) NOT NULL,
+ username VARCHAR(255) NOT NULL,
+ email VARCHAR(255),
+ enabled BOOLEAN,
+ email_verified BOOLEAN,
+ created_at TIMESTAMP,
+ CONSTRAINT uq_synced_user_realm_kc UNIQUE (realm_name, keycloak_id)
+);
+
+CREATE INDEX IF NOT EXISTS idx_synced_user_realm
+ ON synced_user(realm_name);
+CREATE UNIQUE INDEX IF NOT EXISTS idx_synced_user_realm_kc_id
+ ON synced_user(realm_name, keycloak_id);
+
+COMMENT ON TABLE synced_user IS 'Snapshot local des utilisateurs Keycloak pour rapports et vérifications';
+COMMENT ON COLUMN synced_user.keycloak_id IS 'UUID Keycloak de l''utilisateur';
+
+
+-- =============================================================================
+-- TABLE synced_role : snapshot local des rôles Keycloak synchronisés
+-- =============================================================================
+CREATE TABLE IF NOT EXISTS synced_role (
+ id BIGSERIAL PRIMARY KEY,
+ realm_name VARCHAR(255) NOT NULL,
+ role_name VARCHAR(255) NOT NULL,
+ description VARCHAR(500),
+ CONSTRAINT uq_synced_role_realm_name UNIQUE (realm_name, role_name)
+);
+
+CREATE INDEX IF NOT EXISTS idx_synced_role_realm
+ ON synced_role(realm_name);
+CREATE UNIQUE INDEX IF NOT EXISTS idx_synced_role_realm_name
+ ON synced_role(realm_name, role_name);
+
+COMMENT ON TABLE synced_role IS 'Snapshot local des rôles Keycloak pour rapports et vérifications';
+COMMENT ON COLUMN synced_role.role_name IS 'Nom du rôle realm dans Keycloak';
+
+-- =============================================================================
+-- FIN DE LA MIGRATION
+-- =============================================================================
diff --git a/src/test/java/dev/lions/user/manager/client/KeycloakAdminClientImplCompleteTest.java b/src/test/java/dev/lions/user/manager/client/KeycloakAdminClientImplCompleteTest.java
index ee225de..7bcee39 100644
--- a/src/test/java/dev/lions/user/manager/client/KeycloakAdminClientImplCompleteTest.java
+++ b/src/test/java/dev/lions/user/manager/client/KeycloakAdminClientImplCompleteTest.java
@@ -1,37 +1,35 @@
package dev.lions.user.manager.client;
-import jakarta.ws.rs.client.Client;
-import jakarta.ws.rs.client.ClientBuilder;
-import jakarta.ws.rs.client.Invocation;
-import jakarta.ws.rs.client.WebTarget;
-import jakarta.ws.rs.core.Response;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.keycloak.admin.client.Keycloak;
+import org.keycloak.admin.client.resource.RealmResource;
+import org.keycloak.admin.client.resource.RolesResource;
+import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.admin.client.token.TokenManager;
+import org.keycloak.representations.info.ServerInfoRepresentation;
+import org.keycloak.admin.client.resource.ServerInfoResource;
import org.mockito.InjectMocks;
-import org.mockito.MockedStatic;
+import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
+import jakarta.ws.rs.NotFoundException;
import java.lang.reflect.Field;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import static org.junit.jupiter.api.Assertions.*;
-import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
/**
- * Tests complets pour KeycloakAdminClientImpl pour atteindre 100% de couverture
- * Couvre init(), getAllRealms(), reconnect(), et tous les cas limites
+ * Tests complets pour KeycloakAdminClientImpl
*/
@ExtendWith(MockitoExtension.class)
class KeycloakAdminClientImplCompleteTest {
+ @Mock
+ Keycloak mockKeycloak;
+
@InjectMocks
KeycloakAdminClientImpl client;
@@ -43,315 +41,123 @@ class KeycloakAdminClientImplCompleteTest {
@BeforeEach
void setUp() throws Exception {
- // Set all config fields to null/empty for testing
- setField("serverUrl", "");
+ setField("serverUrl", "http://localhost:8180");
setField("adminRealm", "master");
setField("adminClientId", "admin-cli");
setField("adminUsername", "admin");
- setField("adminPassword", "");
- setField("connectionPoolSize", 10);
- setField("timeoutSeconds", 30);
- setField("keycloak", null);
}
@Test
- void testInit_WithServerUrl() throws Exception {
- setField("serverUrl", "http://localhost:8080");
- setField("adminRealm", "master");
- setField("adminClientId", "admin-cli");
- setField("adminUsername", "admin");
- setField("adminPassword", "password");
-
- // Mock KeycloakBuilder to avoid actual connection
- // This will likely throw an exception, but that's ok - we test the exception path
- try {
- java.lang.reflect.Method initMethod = KeycloakAdminClientImpl.class.getDeclaredMethod("init");
- initMethod.setAccessible(true);
- initMethod.invoke(client);
- } catch (Exception e) {
- // Expected - KeycloakBuilder will fail without actual Keycloak server
- }
-
- // The init method will set keycloak to null on exception
- Field keycloakField = KeycloakAdminClientImpl.class.getDeclaredField("keycloak");
- keycloakField.setAccessible(true);
- Keycloak result = (Keycloak) keycloakField.get(client);
- // Result will be null due to exception, which is the expected behavior
- // This test covers the exception path in init()
+ void testGetInstance() {
+ Keycloak result = client.getInstance();
+ assertSame(mockKeycloak, result);
}
@Test
- void testInit_WithException() throws Exception {
- setField("serverUrl", "http://localhost:8080");
- setField("adminRealm", "master");
- setField("adminClientId", "admin-cli");
- setField("adminUsername", "admin");
- setField("adminPassword", "password");
+ void testGetRealm_Success() {
+ RealmResource mockRealmResource = mock(RealmResource.class);
+ when(mockKeycloak.realm("test-realm")).thenReturn(mockRealmResource);
- // Call init via reflection - will throw exception without actual Keycloak
- // This test covers the exception handling path in init()
- try {
- java.lang.reflect.Method initMethod = KeycloakAdminClientImpl.class.getDeclaredMethod("init");
- initMethod.setAccessible(true);
- initMethod.invoke(client);
- } catch (Exception e) {
- // Expected - KeycloakBuilder may fail
- }
-
- // Verify keycloak is null after exception
- Field keycloakField = KeycloakAdminClientImpl.class.getDeclaredField("keycloak");
- keycloakField.setAccessible(true);
- Keycloak result = (Keycloak) keycloakField.get(client);
- // Result may be null due to exception, which is the expected behavior
- // This test covers the exception handling path in init()
+ RealmResource result = client.getRealm("test-realm");
+ assertSame(mockRealmResource, result);
}
@Test
- void testInit_WithNullServerUrl() throws Exception {
- setField("serverUrl", null);
+ void testGetRealm_Exception() {
+ when(mockKeycloak.realm("bad-realm")).thenThrow(new RuntimeException("Connection error"));
- // Call init via reflection
- java.lang.reflect.Method initMethod = KeycloakAdminClientImpl.class.getDeclaredMethod("init");
- initMethod.setAccessible(true);
- initMethod.invoke(client);
-
- // Verify keycloak is null
- Field keycloakField = KeycloakAdminClientImpl.class.getDeclaredField("keycloak");
- keycloakField.setAccessible(true);
- Keycloak result = (Keycloak) keycloakField.get(client);
- assertNull(result);
+ assertThrows(RuntimeException.class, () -> client.getRealm("bad-realm"));
}
@Test
- void testInit_WithEmptyServerUrl() throws Exception {
- setField("serverUrl", "");
+ void testGetUsers() {
+ RealmResource mockRealmResource = mock(RealmResource.class);
+ UsersResource mockUsersResource = mock(UsersResource.class);
+ when(mockKeycloak.realm("test-realm")).thenReturn(mockRealmResource);
+ when(mockRealmResource.users()).thenReturn(mockUsersResource);
- // Call init via reflection
- java.lang.reflect.Method initMethod = KeycloakAdminClientImpl.class.getDeclaredMethod("init");
- initMethod.setAccessible(true);
- initMethod.invoke(client);
-
- // Verify keycloak is null
- Field keycloakField = KeycloakAdminClientImpl.class.getDeclaredField("keycloak");
- keycloakField.setAccessible(true);
- Keycloak result = (Keycloak) keycloakField.get(client);
- assertNull(result);
+ UsersResource result = client.getUsers("test-realm");
+ assertSame(mockUsersResource, result);
}
@Test
- void testReconnect() throws Exception {
- Keycloak mockKeycloak = mock(Keycloak.class);
- setField("keycloak", mockKeycloak);
- setField("serverUrl", "");
+ void testGetRoles() {
+ RealmResource mockRealmResource = mock(RealmResource.class);
+ RolesResource mockRolesResource = mock(RolesResource.class);
+ when(mockKeycloak.realm("test-realm")).thenReturn(mockRealmResource);
+ when(mockRealmResource.roles()).thenReturn(mockRolesResource);
- // reconnect calls close() then init()
- client.reconnect();
-
- // Verify close was called
- verify(mockKeycloak).close();
-
- // Verify keycloak is null after close
- Field keycloakField = KeycloakAdminClientImpl.class.getDeclaredField("keycloak");
- keycloakField.setAccessible(true);
- Keycloak result = (Keycloak) keycloakField.get(client);
- assertNull(result);
+ RolesResource result = client.getRoles("test-realm");
+ assertSame(mockRolesResource, result);
}
@Test
- void testGetAllRealms_Success() throws Exception {
- Keycloak mockKeycloak = mock(Keycloak.class);
- TokenManager mockTokenManager = mock(TokenManager.class);
- setField("keycloak", mockKeycloak);
- setField("serverUrl", "http://localhost:8080");
+ void testIsConnected_True() {
+ ServerInfoResource mockServerInfoResource = mock(ServerInfoResource.class);
+ when(mockKeycloak.serverInfo()).thenReturn(mockServerInfoResource);
+ when(mockServerInfoResource.getInfo()).thenReturn(mock(ServerInfoRepresentation.class));
- when(mockKeycloak.tokenManager()).thenReturn(mockTokenManager);
- when(mockTokenManager.getAccessTokenString()).thenReturn("test-token");
-
- // Mock ClientBuilder
- try (MockedStatic mockedClientBuilder = mockStatic(ClientBuilder.class)) {
- Client mockClient = mock(Client.class);
- WebTarget mockWebTarget = mock(WebTarget.class);
- Invocation.Builder mockBuilder = mock(Invocation.Builder.class);
- Response mockResponse = mock(Response.class);
-
- mockedClientBuilder.when(ClientBuilder::newClient).thenReturn(mockClient);
- when(mockClient.target("http://localhost:8080/admin/realms")).thenReturn(mockWebTarget);
- when(mockWebTarget.request(jakarta.ws.rs.core.MediaType.APPLICATION_JSON)).thenReturn(mockBuilder);
- when(mockBuilder.header(anyString(), anyString())).thenReturn(mockBuilder);
-
- // Mock response with realm data
- Map realm1 = new HashMap<>();
- realm1.put("realm", "realm1");
- Map realm2 = new HashMap<>();
- realm2.put("realm", "realm2");
- List> realmsJson = new ArrayList<>();
- realmsJson.add(realm1);
- realmsJson.add(realm2);
-
- when(mockBuilder.get(List.class)).thenReturn(realmsJson);
-
- List result = client.getAllRealms();
-
- assertNotNull(result);
- assertEquals(2, result.size());
- assertTrue(result.contains("realm1"));
- assertTrue(result.contains("realm2"));
- verify(mockClient).close();
- }
+ assertTrue(client.isConnected());
}
@Test
- void testGetAllRealms_WithNullRealmsJson() throws Exception {
- Keycloak mockKeycloak = mock(Keycloak.class);
- TokenManager mockTokenManager = mock(TokenManager.class);
- setField("keycloak", mockKeycloak);
- setField("serverUrl", "http://localhost:8080");
+ void testIsConnected_False() {
+ when(mockKeycloak.serverInfo()).thenThrow(new RuntimeException("Connection refused"));
- when(mockKeycloak.tokenManager()).thenReturn(mockTokenManager);
- when(mockTokenManager.getAccessTokenString()).thenReturn("test-token");
-
- try (MockedStatic mockedClientBuilder = mockStatic(ClientBuilder.class)) {
- Client mockClient = mock(Client.class);
- WebTarget mockWebTarget = mock(WebTarget.class);
- Invocation.Builder mockBuilder = mock(Invocation.Builder.class);
-
- mockedClientBuilder.when(ClientBuilder::newClient).thenReturn(mockClient);
- when(mockClient.target("http://localhost:8080/admin/realms")).thenReturn(mockWebTarget);
- when(mockWebTarget.request(jakarta.ws.rs.core.MediaType.APPLICATION_JSON)).thenReturn(mockBuilder);
- when(mockBuilder.header(anyString(), anyString())).thenReturn(mockBuilder);
- when(mockBuilder.get(List.class)).thenReturn(null);
-
- List result = client.getAllRealms();
-
- assertNotNull(result);
- assertTrue(result.isEmpty());
- verify(mockClient).close();
- }
+ assertFalse(client.isConnected());
}
@Test
- void testGetAllRealms_WithEmptyRealmName() throws Exception {
- Keycloak mockKeycloak = mock(Keycloak.class);
- TokenManager mockTokenManager = mock(TokenManager.class);
- setField("keycloak", mockKeycloak);
- setField("serverUrl", "http://localhost:8080");
+ void testRealmExists_True() {
+ RealmResource mockRealmResource = mock(RealmResource.class);
+ RolesResource mockRolesResource = mock(RolesResource.class);
+ when(mockKeycloak.realm("test-realm")).thenReturn(mockRealmResource);
+ when(mockRealmResource.roles()).thenReturn(mockRolesResource);
+ when(mockRolesResource.list()).thenReturn(List.of());
- when(mockKeycloak.tokenManager()).thenReturn(mockTokenManager);
- when(mockTokenManager.getAccessTokenString()).thenReturn("test-token");
-
- try (MockedStatic mockedClientBuilder = mockStatic(ClientBuilder.class)) {
- Client mockClient = mock(Client.class);
- WebTarget mockWebTarget = mock(WebTarget.class);
- Invocation.Builder mockBuilder = mock(Invocation.Builder.class);
-
- mockedClientBuilder.when(ClientBuilder::newClient).thenReturn(mockClient);
- when(mockClient.target("http://localhost:8080/admin/realms")).thenReturn(mockWebTarget);
- when(mockWebTarget.request(jakarta.ws.rs.core.MediaType.APPLICATION_JSON)).thenReturn(mockBuilder);
- when(mockBuilder.header(anyString(), anyString())).thenReturn(mockBuilder);
-
- // Mock response with empty realm name
- Map realm1 = new HashMap<>();
- realm1.put("realm", "");
- Map realm2 = new HashMap<>();
- realm2.put("realm", "realm2");
- List> realmsJson = new ArrayList<>();
- realmsJson.add(realm1);
- realmsJson.add(realm2);
-
- when(mockBuilder.get(List.class)).thenReturn(realmsJson);
-
- List result = client.getAllRealms();
-
- assertNotNull(result);
- assertEquals(1, result.size()); // Empty realm name should be filtered out
- assertTrue(result.contains("realm2"));
- verify(mockClient).close();
- }
+ assertTrue(client.realmExists("test-realm"));
}
@Test
- void testGetAllRealms_WithNullRealmName() throws Exception {
- Keycloak mockKeycloak = mock(Keycloak.class);
- TokenManager mockTokenManager = mock(TokenManager.class);
- setField("keycloak", mockKeycloak);
- setField("serverUrl", "http://localhost:8080");
+ void testRealmExists_NotFound() {
+ RealmResource mockRealmResource = mock(RealmResource.class);
+ RolesResource mockRolesResource = mock(RolesResource.class);
+ when(mockKeycloak.realm("missing")).thenReturn(mockRealmResource);
+ when(mockRealmResource.roles()).thenReturn(mockRolesResource);
+ when(mockRolesResource.list()).thenThrow(new NotFoundException("Not found"));
- when(mockKeycloak.tokenManager()).thenReturn(mockTokenManager);
- when(mockTokenManager.getAccessTokenString()).thenReturn("test-token");
-
- try (MockedStatic mockedClientBuilder = mockStatic(ClientBuilder.class)) {
- Client mockClient = mock(Client.class);
- WebTarget mockWebTarget = mock(WebTarget.class);
- Invocation.Builder mockBuilder = mock(Invocation.Builder.class);
-
- mockedClientBuilder.when(ClientBuilder::newClient).thenReturn(mockClient);
- when(mockClient.target("http://localhost:8080/admin/realms")).thenReturn(mockWebTarget);
- when(mockWebTarget.request(jakarta.ws.rs.core.MediaType.APPLICATION_JSON)).thenReturn(mockBuilder);
- when(mockBuilder.header(anyString(), anyString())).thenReturn(mockBuilder);
-
- // Mock response with null realm name
- Map realm1 = new HashMap<>();
- realm1.put("realm", null);
- Map realm2 = new HashMap<>();
- realm2.put("realm", "realm2");
- List> realmsJson = new ArrayList<>();
- realmsJson.add(realm1);
- realmsJson.add(realm2);
-
- when(mockBuilder.get(List.class)).thenReturn(realmsJson);
-
- List result = client.getAllRealms();
-
- assertNotNull(result);
- assertEquals(1, result.size()); // Null realm name should be filtered out
- assertTrue(result.contains("realm2"));
- verify(mockClient).close();
- }
+ assertFalse(client.realmExists("missing"));
}
@Test
- void testGetAllRealms_WithException() throws Exception {
- Keycloak mockKeycloak = mock(Keycloak.class);
- TokenManager mockTokenManager = mock(TokenManager.class);
- setField("keycloak", mockKeycloak);
- setField("serverUrl", "http://localhost:8080");
+ void testRealmExists_OtherException() {
+ when(mockKeycloak.realm("error-realm")).thenThrow(new RuntimeException("Other error"));
- when(mockKeycloak.tokenManager()).thenReturn(mockTokenManager);
- when(mockTokenManager.getAccessTokenString()).thenThrow(new RuntimeException("Error"));
-
- List result = client.getAllRealms();
-
- assertNotNull(result);
- assertTrue(result.isEmpty()); // Should return empty list on exception
+ assertTrue(client.realmExists("error-realm"));
}
@Test
- void testGetAllRealms_WithExceptionInClient() throws Exception {
- Keycloak mockKeycloak = mock(Keycloak.class);
- TokenManager mockTokenManager = mock(TokenManager.class);
- setField("keycloak", mockKeycloak);
- setField("serverUrl", "http://localhost:8080");
+ void testGetAllRealms_TokenError() {
+ // When token retrieval fails, getAllRealms should throw
+ when(mockKeycloak.tokenManager()).thenThrow(new RuntimeException("Token error"));
- when(mockKeycloak.tokenManager()).thenReturn(mockTokenManager);
- when(mockTokenManager.getAccessTokenString()).thenReturn("test-token");
+ assertThrows(RuntimeException.class, () -> client.getAllRealms());
+ }
- try (MockedStatic mockedClientBuilder = mockStatic(ClientBuilder.class)) {
- Client mockClient = mock(Client.class);
- WebTarget mockWebTarget = mock(WebTarget.class);
- Invocation.Builder mockBuilder = mock(Invocation.Builder.class);
+ @Test
+ void testGetAllRealms_NullTokenManager() {
+ when(mockKeycloak.tokenManager()).thenReturn(null);
- mockedClientBuilder.when(ClientBuilder::newClient).thenReturn(mockClient);
- when(mockClient.target("http://localhost:8080/admin/realms")).thenReturn(mockWebTarget);
- when(mockWebTarget.request(jakarta.ws.rs.core.MediaType.APPLICATION_JSON)).thenReturn(mockBuilder);
- when(mockBuilder.header(anyString(), anyString())).thenReturn(mockBuilder);
- when(mockBuilder.get(List.class)).thenThrow(new RuntimeException("Connection error"));
+ assertThrows(RuntimeException.class, () -> client.getAllRealms());
+ }
- List result = client.getAllRealms();
+ @Test
+ void testClose() {
+ assertDoesNotThrow(() -> client.close());
+ }
- assertNotNull(result);
- assertTrue(result.isEmpty()); // Should return empty list on exception
- verify(mockClient).close(); // Should still close client in finally block
- }
+ @Test
+ void testReconnect() {
+ assertDoesNotThrow(() -> client.reconnect());
}
}
-
diff --git a/src/test/java/dev/lions/user/manager/client/KeycloakAdminClientImplTest.java b/src/test/java/dev/lions/user/manager/client/KeycloakAdminClientImplTest.java
index 8963b94..4e559e6 100644
--- a/src/test/java/dev/lions/user/manager/client/KeycloakAdminClientImplTest.java
+++ b/src/test/java/dev/lions/user/manager/client/KeycloakAdminClientImplTest.java
@@ -40,18 +40,20 @@ class KeycloakAdminClientImplTest {
@Mock
ServerInfoResource serverInfoResource;
- @BeforeEach
- void setUp() throws Exception {
- // Inject the mock keycloak instance
- setField(client, "keycloak", keycloak);
- }
-
private void setField(Object target, String fieldName, Object value) throws Exception {
Field field = target.getClass().getDeclaredField(fieldName);
field.setAccessible(true);
field.set(target, value);
}
+ @BeforeEach
+ void setUp() throws Exception {
+ setField(client, "serverUrl", "http://localhost:8180");
+ setField(client, "adminRealm", "master");
+ setField(client, "adminClientId", "admin-cli");
+ setField(client, "adminUsername", "admin");
+ }
+
@Test
void testGetInstance() {
Keycloak result = client.getInstance();
@@ -59,18 +61,6 @@ class KeycloakAdminClientImplTest {
assertEquals(keycloak, result);
}
- @Test
- void testGetInstanceReInitWhenNull() throws Exception {
- // Set keycloak to null
- setField(client, "keycloak", null);
-
- // Should attempt to reinitialize (will fail without config, but that's ok)
- // The method should return null since init() will fail without proper config
- Keycloak result = client.getInstance();
- // Since config values are null, keycloak will still be null
- assertNull(result);
- }
-
@Test
void testGetRealm() {
when(keycloak.realm("test-realm")).thenReturn(realmResource);
@@ -125,13 +115,6 @@ class KeycloakAdminClientImplTest {
assertFalse(client.isConnected());
}
- @Test
- void testIsConnected_false_null() throws Exception {
- setField(client, "keycloak", null);
-
- assertFalse(client.isConnected());
- }
-
@Test
void testRealmExists_true() {
when(keycloak.realm("test-realm")).thenReturn(realmResource);
@@ -156,22 +139,16 @@ class KeycloakAdminClientImplTest {
when(realmResource.roles()).thenReturn(rolesResource);
when(rolesResource.list()).thenThrow(new RuntimeException("Some other error"));
- // Should return true assuming realm exists but has issues
assertTrue(client.realmExists("problem-realm"));
}
@Test
void testClose() {
- client.close();
-
- verify(keycloak).close();
+ assertDoesNotThrow(() -> client.close());
}
@Test
- void testCloseWhenNull() throws Exception {
- setField(client, "keycloak", null);
-
- // Should not throw
- client.close();
+ void testReconnect() {
+ assertDoesNotThrow(() -> client.reconnect());
}
}
diff --git a/src/test/java/dev/lions/user/manager/config/JacksonConfigTest.java b/src/test/java/dev/lions/user/manager/config/JacksonConfigTest.java
deleted file mode 100644
index f4ef756..0000000
--- a/src/test/java/dev/lions/user/manager/config/JacksonConfigTest.java
+++ /dev/null
@@ -1,41 +0,0 @@
-package dev.lions.user.manager.config;
-
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import io.quarkus.jackson.ObjectMapperCustomizer;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-
-import static org.junit.jupiter.api.Assertions.*;
-
-/**
- * Tests unitaires pour JacksonConfig
- */
-class JacksonConfigTest {
-
- private JacksonConfig jacksonConfig;
- private ObjectMapper objectMapper;
-
- @BeforeEach
- void setUp() {
- jacksonConfig = new JacksonConfig();
- objectMapper = new ObjectMapper();
- }
-
- @Test
- void testCustomize() {
- // Avant la personnalisation, FAIL_ON_UNKNOWN_PROPERTIES devrait être true par défaut
- assertTrue(objectMapper.isEnabled(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES));
-
- // Appliquer la personnalisation
- jacksonConfig.customize(objectMapper);
-
- // Après la personnalisation, FAIL_ON_UNKNOWN_PROPERTIES devrait être false
- assertFalse(objectMapper.isEnabled(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES));
- }
-
- @Test
- void testImplementsObjectMapperCustomizer() {
- assertTrue(jacksonConfig instanceof ObjectMapperCustomizer);
- }
-}
diff --git a/src/test/java/dev/lions/user/manager/resource/AuditResourceTest.java b/src/test/java/dev/lions/user/manager/resource/AuditResourceTest.java
index d297c61..a2539ca 100644
--- a/src/test/java/dev/lions/user/manager/resource/AuditResourceTest.java
+++ b/src/test/java/dev/lions/user/manager/resource/AuditResourceTest.java
@@ -1,6 +1,7 @@
package dev.lions.user.manager.resource;
import dev.lions.user.manager.dto.audit.AuditLogDTO;
+import dev.lions.user.manager.dto.common.CountDTO;
import dev.lions.user.manager.enums.audit.TypeActionAudit;
import dev.lions.user.manager.service.AuditService;
import jakarta.ws.rs.core.Response;
@@ -10,7 +11,6 @@ import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
-import java.time.LocalDateTime;
import java.util.Collections;
import java.util.List;
import java.util.Map;
@@ -32,33 +32,11 @@ class AuditResourceTest {
void testSearchLogs() {
List logs = Collections.singletonList(
AuditLogDTO.builder().acteurUsername("admin").typeAction(TypeActionAudit.USER_CREATE).build());
- when(auditService.findByActeur(eq("admin"), isNull(), isNull(), eq(0), eq(50))).thenReturn(logs);
+ when(auditService.findByActeur(eq("admin"), any(), any(), eq(0), eq(50))).thenReturn(logs);
- Response response = auditResource.searchLogs("admin", null, null, null, null, null, 0, 50);
+ List result = auditResource.searchLogs("admin", null, null, null, null, null, 0, 50);
- assertEquals(200, response.getStatus());
- assertEquals(logs, response.getEntity());
- }
-
- @Test
- void testSearchLogsWithDates() {
- List logs = Collections.emptyList();
- when(auditService.findByRealm(eq("master"), any(), any(), eq(0), eq(50))).thenReturn(logs);
-
- Response response = auditResource.searchLogs(null, "2024-01-01T00:00:00", "2024-12-31T23:59:59",
- TypeActionAudit.USER_CREATE, null, true, 0, 50);
-
- assertEquals(200, response.getStatus());
- }
-
- @Test
- void testSearchLogsError() {
- when(auditService.findByRealm(eq("master"), isNull(), isNull(), eq(0), eq(50)))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.searchLogs(null, null, null, null, null, null, 0, 50);
-
- assertEquals(500, response.getStatus());
+ assertEquals(logs, result);
}
@Test
@@ -67,204 +45,89 @@ class AuditResourceTest {
AuditLogDTO.builder().acteurUsername("admin").build());
when(auditService.findByActeur(eq("admin"), isNull(), isNull(), eq(0), eq(100))).thenReturn(logs);
- Response response = auditResource.getLogsByActor("admin", 100);
+ List result = auditResource.getLogsByActor("admin", 100);
- assertEquals(200, response.getStatus());
- assertEquals(logs, response.getEntity());
- }
-
- @Test
- void testGetLogsByActorError() {
- when(auditService.findByActeur(eq("admin"), isNull(), isNull(), eq(0), eq(100)))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.getLogsByActor("admin", 100);
-
- assertEquals(500, response.getStatus());
+ assertEquals(logs, result);
}
@Test
void testGetLogsByResource() {
List logs = Collections.emptyList();
- when(auditService.findByRessource(eq("USER"), eq("1"), isNull(), isNull(), eq(0), eq(100)))
+ when(auditService.findByRessource(eq("USER"), eq("1"), any(), any(), eq(0), eq(100)))
.thenReturn(logs);
- Response response = auditResource.getLogsByResource("USER", "1", 100);
+ List result = auditResource.getLogsByResource("USER", "1", 100);
- assertEquals(200, response.getStatus());
- assertEquals(logs, response.getEntity());
- }
-
- @Test
- void testGetLogsByResourceError() {
- when(auditService.findByRessource(eq("USER"), eq("1"), isNull(), isNull(), eq(0), eq(100)))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.getLogsByResource("USER", "1", 100);
-
- assertEquals(500, response.getStatus());
+ assertEquals(logs, result);
}
@Test
void testGetLogsByAction() {
List logs = Collections.emptyList();
- when(auditService.findByTypeAction(eq(TypeActionAudit.USER_CREATE), eq("master"), isNull(), isNull(), eq(0), eq(100)))
+ when(auditService.findByTypeAction(eq(TypeActionAudit.USER_CREATE), eq("master"), any(), any(), eq(0), eq(100)))
.thenReturn(logs);
- Response response = auditResource.getLogsByAction(TypeActionAudit.USER_CREATE, null, null, 100);
+ List result = auditResource.getLogsByAction(TypeActionAudit.USER_CREATE, null, null, 100);
- assertEquals(200, response.getStatus());
- }
-
- @Test
- void testGetLogsByActionWithDates() {
- List logs = Collections.emptyList();
- when(auditService.findByTypeAction(eq(TypeActionAudit.USER_UPDATE), eq("master"), any(), any(), eq(0), eq(50)))
- .thenReturn(logs);
-
- Response response = auditResource.getLogsByAction(TypeActionAudit.USER_UPDATE,
- "2024-01-01T00:00:00", "2024-12-31T23:59:59", 50);
-
- assertEquals(200, response.getStatus());
- }
-
- @Test
- void testGetLogsByActionError() {
- when(auditService.findByTypeAction(any(), eq("master"), any(), any(), anyInt(), anyInt()))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.getLogsByAction(TypeActionAudit.USER_CREATE, null, null, 100);
-
- assertEquals(500, response.getStatus());
+ assertEquals(logs, result);
}
@Test
void testGetActionStatistics() {
Map stats = Map.of(TypeActionAudit.USER_CREATE, 10L);
- when(auditService.countByActionType(eq("master"), isNull(), isNull())).thenReturn(stats);
+ when(auditService.countByActionType(eq("master"), any(), any())).thenReturn(stats);
- Response response = auditResource.getActionStatistics(null, null);
+ Map result = auditResource.getActionStatistics(null, null);
- assertEquals(200, response.getStatus());
- assertEquals(stats, response.getEntity());
- }
-
- @Test
- void testGetActionStatisticsError() {
- when(auditService.countByActionType(eq("master"), any(), any())).thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.getActionStatistics(null, null);
-
- assertEquals(500, response.getStatus());
+ assertEquals(stats, result);
}
@Test
void testGetUserActivityStatistics() {
Map stats = Map.of("admin", 100L);
- when(auditService.countByActeur(eq("master"), isNull(), isNull())).thenReturn(stats);
+ when(auditService.countByActeur(eq("master"), any(), any())).thenReturn(stats);
- Response response = auditResource.getUserActivityStatistics(null, null);
+ Map result = auditResource.getUserActivityStatistics(null, null);
- assertEquals(200, response.getStatus());
- assertEquals(stats, response.getEntity());
- }
-
- @Test
- void testGetUserActivityStatisticsError() {
- when(auditService.countByActeur(eq("master"), any(), any())).thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.getUserActivityStatistics(null, null);
-
- assertEquals(500, response.getStatus());
+ assertEquals(stats, result);
}
@Test
void testGetFailureCount() {
Map successVsFailure = Map.of("failure", 5L, "success", 100L);
- when(auditService.countSuccessVsFailure(eq("master"), isNull(), isNull())).thenReturn(successVsFailure);
+ when(auditService.countSuccessVsFailure(eq("master"), any(), any())).thenReturn(successVsFailure);
- Response response = auditResource.getFailureCount(null, null);
+ CountDTO result = auditResource.getFailureCount(null, null);
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testGetFailureCountError() {
- when(auditService.countSuccessVsFailure(eq("master"), any(), any())).thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.getFailureCount(null, null);
-
- assertEquals(500, response.getStatus());
+ assertEquals(5L, result.getCount());
}
@Test
void testGetSuccessCount() {
Map successVsFailure = Map.of("failure", 5L, "success", 100L);
- when(auditService.countSuccessVsFailure(eq("master"), isNull(), isNull())).thenReturn(successVsFailure);
+ when(auditService.countSuccessVsFailure(eq("master"), any(), any())).thenReturn(successVsFailure);
- Response response = auditResource.getSuccessCount(null, null);
+ CountDTO result = auditResource.getSuccessCount(null, null);
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testGetSuccessCountError() {
- when(auditService.countSuccessVsFailure(eq("master"), any(), any())).thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.getSuccessCount(null, null);
-
- assertEquals(500, response.getStatus());
+ assertEquals(100L, result.getCount());
}
@Test
void testExportLogsToCSV() {
- when(auditService.exportToCSV(eq("master"), isNull(), isNull())).thenReturn("csv,data");
+ when(auditService.exportToCSV(eq("master"), any(), any())).thenReturn("csv,data");
Response response = auditResource.exportLogsToCSV(null, null);
assertEquals(200, response.getStatus());
- }
-
- @Test
- void testExportLogsToCSVError() {
- when(auditService.exportToCSV(eq("master"), any(), any())).thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.exportLogsToCSV(null, null);
-
- assertEquals(500, response.getStatus());
+ assertEquals("csv,data", response.getEntity());
}
@Test
void testPurgeOldLogs() {
- when(auditService.purgeOldLogs(any())).thenReturn(50L);
+ doNothing().when(auditService).purgeOldLogs(any());
- Response response = auditResource.purgeOldLogs(90);
+ auditResource.purgeOldLogs(90);
- assertEquals(204, response.getStatus());
- }
-
- @Test
- void testPurgeOldLogsError() {
- when(auditService.purgeOldLogs(any())).thenThrow(new RuntimeException("Error"));
-
- Response response = auditResource.purgeOldLogs(90);
-
- assertEquals(500, response.getStatus());
- }
-
- // ============== Inner Class Tests ==============
-
- @Test
- void testCountResponseClass() {
- AuditResource.CountResponse response = new AuditResource.CountResponse(42);
- assertEquals(42, response.count);
- }
-
- @Test
- void testErrorResponseClass() {
- AuditResource.ErrorResponse response = new AuditResource.ErrorResponse("Error message");
- assertEquals("Error message", response.message);
+ verify(auditService).purgeOldLogs(any());
}
}
diff --git a/src/test/java/dev/lions/user/manager/resource/RealmAssignmentResourceTest.java b/src/test/java/dev/lions/user/manager/resource/RealmAssignmentResourceTest.java
index 3d35087..78b029e 100644
--- a/src/test/java/dev/lions/user/manager/resource/RealmAssignmentResourceTest.java
+++ b/src/test/java/dev/lions/user/manager/resource/RealmAssignmentResourceTest.java
@@ -1,5 +1,7 @@
package dev.lions.user.manager.resource;
+import dev.lions.user.manager.dto.realm.AuthorizedRealmsDTO;
+import dev.lions.user.manager.dto.realm.RealmAccessCheckDTO;
import dev.lions.user.manager.dto.realm.RealmAssignmentDTO;
import dev.lions.user.manager.service.RealmAuthorizationService;
import jakarta.ws.rs.core.Response;
@@ -14,7 +16,6 @@ import org.mockito.junit.jupiter.MockitoExtension;
import java.security.Principal;
import java.time.LocalDateTime;
import java.util.Arrays;
-import java.util.Collections;
import java.util.List;
import java.util.Optional;
@@ -45,16 +46,16 @@ class RealmAssignmentResourceTest {
@BeforeEach
void setUp() {
assignment = RealmAssignmentDTO.builder()
- .id("assignment-1")
- .userId("user-1")
- .username("testuser")
- .email("test@example.com")
- .realmName("realm1")
- .isSuperAdmin(false)
- .active(true)
- .assignedAt(LocalDateTime.now())
- .assignedBy("admin")
- .build();
+ .id("assignment-1")
+ .userId("user-1")
+ .username("testuser")
+ .email("test@example.com")
+ .realmName("realm1")
+ .isSuperAdmin(false)
+ .active(true)
+ .assignedAt(LocalDateTime.now())
+ .assignedBy("admin")
+ .build();
}
@Test
@@ -62,21 +63,9 @@ class RealmAssignmentResourceTest {
List assignments = Arrays.asList(assignment);
when(realmAuthorizationService.getAllAssignments()).thenReturn(assignments);
- Response response = realmAssignmentResource.getAllAssignments();
+ List result = realmAssignmentResource.getAllAssignments();
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
- @SuppressWarnings("unchecked")
- List responseAssignments = (List) response.getEntity();
- assertEquals(1, responseAssignments.size());
- }
-
- @Test
- void testGetAllAssignments_Error() {
- when(realmAuthorizationService.getAllAssignments()).thenThrow(new RuntimeException("Error"));
-
- Response response = realmAssignmentResource.getAllAssignments();
-
- assertEquals(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), response.getStatus());
+ assertEquals(1, result.size());
}
@Test
@@ -84,9 +73,9 @@ class RealmAssignmentResourceTest {
List assignments = Arrays.asList(assignment);
when(realmAuthorizationService.getAssignmentsByUser("user-1")).thenReturn(assignments);
- Response response = realmAssignmentResource.getAssignmentsByUser("user-1");
+ List result = realmAssignmentResource.getAssignmentsByUser("user-1");
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
+ assertEquals(1, result.size());
}
@Test
@@ -94,38 +83,35 @@ class RealmAssignmentResourceTest {
List assignments = Arrays.asList(assignment);
when(realmAuthorizationService.getAssignmentsByRealm("realm1")).thenReturn(assignments);
- Response response = realmAssignmentResource.getAssignmentsByRealm("realm1");
+ List result = realmAssignmentResource.getAssignmentsByRealm("realm1");
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
+ assertEquals(1, result.size());
}
@Test
void testGetAssignmentById_Success() {
when(realmAuthorizationService.getAssignmentById("assignment-1")).thenReturn(Optional.of(assignment));
- Response response = realmAssignmentResource.getAssignmentById("assignment-1");
+ RealmAssignmentDTO result = realmAssignmentResource.getAssignmentById("assignment-1");
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
+ assertNotNull(result);
+ assertEquals("assignment-1", result.getId());
}
@Test
void testGetAssignmentById_NotFound() {
when(realmAuthorizationService.getAssignmentById("non-existent")).thenReturn(Optional.empty());
- Response response = realmAssignmentResource.getAssignmentById("non-existent");
-
- assertEquals(Response.Status.NOT_FOUND.getStatusCode(), response.getStatus());
+ assertThrows(RuntimeException.class, () -> realmAssignmentResource.getAssignmentById("non-existent"));
}
@Test
void testCanManageRealm_Success() {
when(realmAuthorizationService.canManageRealm("user-1", "realm1")).thenReturn(true);
- Response response = realmAssignmentResource.canManageRealm("user-1", "realm1");
+ RealmAccessCheckDTO result = realmAssignmentResource.canManageRealm("user-1", "realm1");
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
- RealmAssignmentResource.CheckResponse checkResponse = (RealmAssignmentResource.CheckResponse) response.getEntity();
- assertTrue(checkResponse.canManage);
+ assertTrue(result.isCanManage());
}
@Test
@@ -134,91 +120,70 @@ class RealmAssignmentResourceTest {
when(realmAuthorizationService.getAuthorizedRealms("user-1")).thenReturn(realms);
when(realmAuthorizationService.isSuperAdmin("user-1")).thenReturn(false);
- Response response = realmAssignmentResource.getAuthorizedRealms("user-1");
+ AuthorizedRealmsDTO result = realmAssignmentResource.getAuthorizedRealms("user-1");
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
- RealmAssignmentResource.AuthorizedRealmsResponse authResponse =
- (RealmAssignmentResource.AuthorizedRealmsResponse) response.getEntity();
- assertEquals(2, authResponse.realms.size());
- assertFalse(authResponse.isSuperAdmin);
+ assertEquals(2, result.getRealms().size());
+ assertFalse(result.isSuperAdmin());
}
@Test
void testAssignRealmToUser_Success() {
+ // En Quarkus, @Context SecurityContext injecté peut être simulé via Mockito
+ // Mais dans RealmAssignmentResource, l'admin est récupéré du SecurityContext.
+ // Puisque c'est un test unitaire @ExtendWith(MockitoExtension.class),
+ // @Inject SecurityContext securityContext est mocké.
+
when(securityContext.getUserPrincipal()).thenReturn(principal);
when(principal.getName()).thenReturn("admin");
when(realmAuthorizationService.assignRealmToUser(any(RealmAssignmentDTO.class))).thenReturn(assignment);
Response response = realmAssignmentResource.assignRealmToUser(assignment);
- assertEquals(Response.Status.CREATED.getStatusCode(), response.getStatus());
- }
-
- @Test
- void testAssignRealmToUser_Conflict() {
- when(securityContext.getUserPrincipal()).thenReturn(principal);
- when(principal.getName()).thenReturn("admin");
- when(realmAuthorizationService.assignRealmToUser(any(RealmAssignmentDTO.class)))
- .thenThrow(new IllegalArgumentException("Already exists"));
-
- Response response = realmAssignmentResource.assignRealmToUser(assignment);
-
- assertEquals(Response.Status.CONFLICT.getStatusCode(), response.getStatus());
+ assertEquals(201, response.getStatus());
}
@Test
void testRevokeRealmFromUser_Success() {
doNothing().when(realmAuthorizationService).revokeRealmFromUser("user-1", "realm1");
- Response response = realmAssignmentResource.revokeRealmFromUser("user-1", "realm1");
+ realmAssignmentResource.revokeRealmFromUser("user-1", "realm1");
- assertEquals(Response.Status.NO_CONTENT.getStatusCode(), response.getStatus());
+ verify(realmAuthorizationService).revokeRealmFromUser("user-1", "realm1");
}
@Test
void testRevokeAllRealmsFromUser_Success() {
doNothing().when(realmAuthorizationService).revokeAllRealmsFromUser("user-1");
- Response response = realmAssignmentResource.revokeAllRealmsFromUser("user-1");
+ realmAssignmentResource.revokeAllRealmsFromUser("user-1");
- assertEquals(Response.Status.NO_CONTENT.getStatusCode(), response.getStatus());
+ verify(realmAuthorizationService).revokeAllRealmsFromUser("user-1");
}
@Test
void testDeactivateAssignment_Success() {
doNothing().when(realmAuthorizationService).deactivateAssignment("assignment-1");
- Response response = realmAssignmentResource.deactivateAssignment("assignment-1");
+ realmAssignmentResource.deactivateAssignment("assignment-1");
- assertEquals(Response.Status.NO_CONTENT.getStatusCode(), response.getStatus());
- }
-
- @Test
- void testDeactivateAssignment_NotFound() {
- doThrow(new IllegalArgumentException("Not found"))
- .when(realmAuthorizationService).deactivateAssignment("non-existent");
-
- Response response = realmAssignmentResource.deactivateAssignment("non-existent");
-
- assertEquals(Response.Status.NOT_FOUND.getStatusCode(), response.getStatus());
+ verify(realmAuthorizationService).deactivateAssignment("assignment-1");
}
@Test
void testActivateAssignment_Success() {
doNothing().when(realmAuthorizationService).activateAssignment("assignment-1");
- Response response = realmAssignmentResource.activateAssignment("assignment-1");
+ realmAssignmentResource.activateAssignment("assignment-1");
- assertEquals(Response.Status.NO_CONTENT.getStatusCode(), response.getStatus());
+ verify(realmAuthorizationService).activateAssignment("assignment-1");
}
@Test
void testSetSuperAdmin_Success() {
doNothing().when(realmAuthorizationService).setSuperAdmin("user-1", true);
- Response response = realmAssignmentResource.setSuperAdmin("user-1", true);
+ realmAssignmentResource.setSuperAdmin("user-1", true);
- assertEquals(Response.Status.NO_CONTENT.getStatusCode(), response.getStatus());
+ verify(realmAuthorizationService).setSuperAdmin("user-1", true);
}
}
-
diff --git a/src/test/java/dev/lions/user/manager/resource/RealmResourceAdditionalTest.java b/src/test/java/dev/lions/user/manager/resource/RealmResourceAdditionalTest.java
index 31a0ce3..88a1691 100644
--- a/src/test/java/dev/lions/user/manager/resource/RealmResourceAdditionalTest.java
+++ b/src/test/java/dev/lions/user/manager/resource/RealmResourceAdditionalTest.java
@@ -2,8 +2,6 @@ package dev.lions.user.manager.resource;
import dev.lions.user.manager.client.KeycloakAdminClient;
import io.quarkus.security.identity.SecurityIdentity;
-import jakarta.ws.rs.core.Response;
-import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
@@ -31,43 +29,31 @@ class RealmResourceAdditionalTest {
@InjectMocks
private RealmResource realmResource;
- @BeforeEach
- void setUp() {
- // Setup
- }
-
@Test
void testGetAllRealms_Success() {
List realms = Arrays.asList("master", "lions-user-manager", "test-realm");
when(keycloakAdminClient.getAllRealms()).thenReturn(realms);
- Response response = realmResource.getAllRealms();
+ List result = realmResource.getAllRealms();
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
- @SuppressWarnings("unchecked")
- List responseRealms = (List) response.getEntity();
- assertEquals(3, responseRealms.size());
+ assertNotNull(result);
+ assertEquals(3, result.size());
}
@Test
void testGetAllRealms_Empty() {
when(keycloakAdminClient.getAllRealms()).thenReturn(List.of());
- Response response = realmResource.getAllRealms();
+ List result = realmResource.getAllRealms();
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
- @SuppressWarnings("unchecked")
- List responseRealms = (List) response.getEntity();
- assertTrue(responseRealms.isEmpty());
+ assertNotNull(result);
+ assertTrue(result.isEmpty());
}
@Test
void testGetAllRealms_Exception() {
when(keycloakAdminClient.getAllRealms()).thenThrow(new RuntimeException("Connection error"));
- Response response = realmResource.getAllRealms();
-
- assertEquals(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), response.getStatus());
+ assertThrows(RuntimeException.class, () -> realmResource.getAllRealms());
}
}
-
diff --git a/src/test/java/dev/lions/user/manager/resource/RealmResourceTest.java b/src/test/java/dev/lions/user/manager/resource/RealmResourceTest.java
index ae36359..d5a0dbf 100644
--- a/src/test/java/dev/lions/user/manager/resource/RealmResourceTest.java
+++ b/src/test/java/dev/lions/user/manager/resource/RealmResourceTest.java
@@ -2,14 +2,12 @@ package dev.lions.user.manager.resource;
import dev.lions.user.manager.client.KeycloakAdminClient;
import io.quarkus.security.identity.SecurityIdentity;
-import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
-import jakarta.ws.rs.core.Response;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
@@ -32,24 +30,16 @@ class RealmResourceTest {
@InjectMocks
private RealmResource realmResource;
- @BeforeEach
- void setUp() {
- // Setup initial
- }
-
@Test
void testGetAllRealms_Success() {
List realms = Arrays.asList("master", "lions-user-manager", "btpxpress");
when(keycloakAdminClient.getAllRealms()).thenReturn(realms);
- Response response = realmResource.getAllRealms();
+ List result = realmResource.getAllRealms();
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
- @SuppressWarnings("unchecked")
- List responseRealms = (List) response.getEntity();
- assertNotNull(responseRealms);
- assertEquals(3, responseRealms.size());
- assertEquals("master", responseRealms.get(0));
+ assertNotNull(result);
+ assertEquals(3, result.size());
+ assertEquals("master", result.get(0));
verify(keycloakAdminClient).getAllRealms();
}
@@ -57,34 +47,16 @@ class RealmResourceTest {
void testGetAllRealms_EmptyList() {
when(keycloakAdminClient.getAllRealms()).thenReturn(Collections.emptyList());
- Response response = realmResource.getAllRealms();
+ List result = realmResource.getAllRealms();
- assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
- @SuppressWarnings("unchecked")
- List responseRealms = (List) response.getEntity();
- assertNotNull(responseRealms);
- assertTrue(responseRealms.isEmpty());
+ assertNotNull(result);
+ assertTrue(result.isEmpty());
}
@Test
void testGetAllRealms_Exception() {
when(keycloakAdminClient.getAllRealms()).thenThrow(new RuntimeException("Keycloak connection error"));
- Response response = realmResource.getAllRealms();
-
- assertEquals(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), response.getStatus());
- RealmResource.ErrorResponse errorResponse = (RealmResource.ErrorResponse) response.getEntity();
- assertNotNull(errorResponse);
- assertTrue(errorResponse.getMessage().contains("Erreur lors de la récupération des realms"));
- }
-
- @Test
- void testErrorResponse() {
- RealmResource.ErrorResponse errorResponse = new RealmResource.ErrorResponse("Test error");
- assertEquals("Test error", errorResponse.getMessage());
-
- errorResponse.setMessage("New error");
- assertEquals("New error", errorResponse.getMessage());
+ assertThrows(RuntimeException.class, () -> realmResource.getAllRealms());
}
}
-
diff --git a/src/test/java/dev/lions/user/manager/resource/RoleResourceTest.java b/src/test/java/dev/lions/user/manager/resource/RoleResourceTest.java
index eeadce3..bcf3dce 100644
--- a/src/test/java/dev/lions/user/manager/resource/RoleResourceTest.java
+++ b/src/test/java/dev/lions/user/manager/resource/RoleResourceTest.java
@@ -1,6 +1,7 @@
package dev.lions.user.manager.resource;
import dev.lions.user.manager.dto.role.RoleAssignmentDTO;
+import dev.lions.user.manager.dto.role.RoleAssignmentRequestDTO;
import dev.lions.user.manager.dto.role.RoleDTO;
import dev.lions.user.manager.enums.role.TypeRole;
import dev.lions.user.manager.service.RoleService;
@@ -58,28 +59,15 @@ class RoleResourceTest {
assertEquals(409, response.getStatus());
}
- @Test
- void testCreateRealmRoleError() {
- RoleDTO input = RoleDTO.builder().name("role").build();
-
- when(roleService.createRealmRole(any(), eq(REALM)))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.createRealmRole(input, REALM);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testGetRealmRole() {
RoleDTO role = RoleDTO.builder().id("1").name("role").build();
when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
.thenReturn(Optional.of(role));
- Response response = roleResource.getRealmRole("role", REALM);
+ RoleDTO result = roleResource.getRealmRole("role", REALM);
- assertEquals(200, response.getStatus());
- assertEquals(role, response.getEntity());
+ assertEquals(role, result);
}
@Test
@@ -87,19 +75,7 @@ class RoleResourceTest {
when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
.thenReturn(Optional.empty());
- Response response = roleResource.getRealmRole("role", REALM);
-
- assertEquals(404, response.getStatus());
- }
-
- @Test
- void testGetRealmRoleError() {
- when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.getRealmRole("role", REALM);
-
- assertEquals(500, response.getStatus());
+ assertThrows(RuntimeException.class, () -> roleResource.getRealmRole("role", REALM));
}
@Test
@@ -107,19 +83,9 @@ class RoleResourceTest {
List roles = Collections.singletonList(RoleDTO.builder().name("role").build());
when(roleService.getAllRealmRoles(REALM)).thenReturn(roles);
- Response response = roleResource.getAllRealmRoles(REALM);
+ List result = roleResource.getAllRealmRoles(REALM);
- assertEquals(200, response.getStatus());
- assertEquals(roles, response.getEntity());
- }
-
- @Test
- void testGetAllRealmRolesError() {
- when(roleService.getAllRealmRoles(REALM)).thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.getAllRealmRoles(REALM);
-
- assertEquals(500, response.getStatus());
+ assertEquals(roles, result);
}
@Test
@@ -133,37 +99,9 @@ class RoleResourceTest {
when(roleService.updateRole(eq("1"), any(), eq(REALM), eq(TypeRole.REALM_ROLE), isNull()))
.thenReturn(updated);
- Response response = roleResource.updateRealmRole("role", input, REALM);
+ RoleDTO result = roleResource.updateRealmRole("role", input, REALM);
- assertEquals(200, response.getStatus());
- assertEquals(updated, response.getEntity());
- }
-
- @Test
- void testUpdateRealmRoleNotFound() {
- RoleDTO input = RoleDTO.builder().description("updated").build();
-
- when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
- .thenReturn(Optional.empty());
-
- Response response = roleResource.updateRealmRole("role", input, REALM);
-
- assertEquals(404, response.getStatus());
- }
-
- @Test
- void testUpdateRealmRoleError() {
- RoleDTO existingRole = RoleDTO.builder().id("1").name("role").build();
- RoleDTO input = RoleDTO.builder().description("updated").build();
-
- when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
- .thenReturn(Optional.of(existingRole));
- when(roleService.updateRole(eq("1"), any(), eq(REALM), eq(TypeRole.REALM_ROLE), isNull()))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.updateRealmRole("role", input, REALM);
-
- assertEquals(500, response.getStatus());
+ assertEquals(updated, result);
}
@Test
@@ -173,32 +111,9 @@ class RoleResourceTest {
.thenReturn(Optional.of(existingRole));
doNothing().when(roleService).deleteRole(eq("1"), eq(REALM), eq(TypeRole.REALM_ROLE), isNull());
- Response response = roleResource.deleteRealmRole("role", REALM);
+ roleResource.deleteRealmRole("role", REALM);
- assertEquals(204, response.getStatus());
- }
-
- @Test
- void testDeleteRealmRoleNotFound() {
- when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
- .thenReturn(Optional.empty());
-
- Response response = roleResource.deleteRealmRole("role", REALM);
-
- assertEquals(404, response.getStatus());
- }
-
- @Test
- void testDeleteRealmRoleError() {
- RoleDTO existingRole = RoleDTO.builder().id("1").name("role").build();
- when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
- .thenReturn(Optional.of(existingRole));
- doThrow(new RuntimeException("Error")).when(roleService)
- .deleteRole(eq("1"), eq(REALM), eq(TypeRole.REALM_ROLE), isNull());
-
- Response response = roleResource.deleteRealmRole("role", REALM);
-
- assertEquals(500, response.getStatus());
+ verify(roleService).deleteRole(eq("1"), eq(REALM), eq(TypeRole.REALM_ROLE), isNull());
}
// ============== Client Role Tests ==============
@@ -208,7 +123,7 @@ class RoleResourceTest {
RoleDTO input = RoleDTO.builder().name("role").build();
RoleDTO created = RoleDTO.builder().id("1").name("role").build();
- when(roleService.createClientRole(any(RoleDTO.class), eq(REALM), eq(CLIENT_ID))).thenReturn(created);
+ when(roleService.createClientRole(any(RoleDTO.class), eq(CLIENT_ID), eq(REALM))).thenReturn(created);
Response response = roleResource.createClientRole(CLIENT_ID, input, REALM);
@@ -216,48 +131,15 @@ class RoleResourceTest {
assertEquals(created, response.getEntity());
}
- @Test
- void testCreateClientRoleError() {
- RoleDTO input = RoleDTO.builder().name("role").build();
-
- when(roleService.createClientRole(any(RoleDTO.class), eq(REALM), eq(CLIENT_ID)))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.createClientRole(CLIENT_ID, input, REALM);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testGetClientRole() {
RoleDTO role = RoleDTO.builder().id("1").name("role").build();
when(roleService.getRoleByName("role", REALM, TypeRole.CLIENT_ROLE, CLIENT_ID))
.thenReturn(Optional.of(role));
- Response response = roleResource.getClientRole(CLIENT_ID, "role", REALM);
+ RoleDTO result = roleResource.getClientRole(CLIENT_ID, "role", REALM);
- assertEquals(200, response.getStatus());
- assertEquals(role, response.getEntity());
- }
-
- @Test
- void testGetClientRoleNotFound() {
- when(roleService.getRoleByName("role", REALM, TypeRole.CLIENT_ROLE, CLIENT_ID))
- .thenReturn(Optional.empty());
-
- Response response = roleResource.getClientRole(CLIENT_ID, "role", REALM);
-
- assertEquals(404, response.getStatus());
- }
-
- @Test
- void testGetClientRoleError() {
- when(roleService.getRoleByName("role", REALM, TypeRole.CLIENT_ROLE, CLIENT_ID))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.getClientRole(CLIENT_ID, "role", REALM);
-
- assertEquals(500, response.getStatus());
+ assertEquals(role, result);
}
@Test
@@ -265,19 +147,9 @@ class RoleResourceTest {
List roles = Collections.singletonList(RoleDTO.builder().name("role").build());
when(roleService.getAllClientRoles(REALM, CLIENT_ID)).thenReturn(roles);
- Response response = roleResource.getAllClientRoles(CLIENT_ID, REALM);
+ List result = roleResource.getAllClientRoles(CLIENT_ID, REALM);
- assertEquals(200, response.getStatus());
- assertEquals(roles, response.getEntity());
- }
-
- @Test
- void testGetAllClientRolesError() {
- when(roleService.getAllClientRoles(REALM, CLIENT_ID)).thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.getAllClientRoles(CLIENT_ID, REALM);
-
- assertEquals(500, response.getStatus());
+ assertEquals(roles, result);
}
@Test
@@ -287,32 +159,9 @@ class RoleResourceTest {
.thenReturn(Optional.of(existingRole));
doNothing().when(roleService).deleteRole(eq("1"), eq(REALM), eq(TypeRole.CLIENT_ROLE), eq(CLIENT_ID));
- Response response = roleResource.deleteClientRole(CLIENT_ID, "role", REALM);
+ roleResource.deleteClientRole(CLIENT_ID, "role", REALM);
- assertEquals(204, response.getStatus());
- }
-
- @Test
- void testDeleteClientRoleNotFound() {
- when(roleService.getRoleByName("role", REALM, TypeRole.CLIENT_ROLE, CLIENT_ID))
- .thenReturn(Optional.empty());
-
- Response response = roleResource.deleteClientRole(CLIENT_ID, "role", REALM);
-
- assertEquals(404, response.getStatus());
- }
-
- @Test
- void testDeleteClientRoleError() {
- RoleDTO existingRole = RoleDTO.builder().id("1").name("role").build();
- when(roleService.getRoleByName("role", REALM, TypeRole.CLIENT_ROLE, CLIENT_ID))
- .thenReturn(Optional.of(existingRole));
- doThrow(new RuntimeException("Error")).when(roleService)
- .deleteRole(eq("1"), eq(REALM), eq(TypeRole.CLIENT_ROLE), eq(CLIENT_ID));
-
- Response response = roleResource.deleteClientRole(CLIENT_ID, "role", REALM);
-
- assertEquals(500, response.getStatus());
+ verify(roleService).deleteRole(eq("1"), eq(REALM), eq(TypeRole.CLIENT_ROLE), eq(CLIENT_ID));
}
// ============== Role Assignment Tests ==============
@@ -321,95 +170,49 @@ class RoleResourceTest {
void testAssignRealmRoles() {
doNothing().when(roleService).assignRolesToUser(any(RoleAssignmentDTO.class));
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = Collections.singletonList("role");
+ RoleAssignmentRequestDTO request = RoleAssignmentRequestDTO.builder()
+ .roleNames(Collections.singletonList("role"))
+ .build();
- Response response = roleResource.assignRealmRoles("user1", REALM, request);
+ roleResource.assignRealmRoles("user1", REALM, request);
- assertEquals(204, response.getStatus());
verify(roleService).assignRolesToUser(any(RoleAssignmentDTO.class));
}
- @Test
- void testAssignRealmRolesError() {
- doThrow(new RuntimeException("Error")).when(roleService).assignRolesToUser(any(RoleAssignmentDTO.class));
-
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = Collections.singletonList("role");
-
- Response response = roleResource.assignRealmRoles("user1", REALM, request);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testRevokeRealmRoles() {
doNothing().when(roleService).revokeRolesFromUser(any(RoleAssignmentDTO.class));
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = Collections.singletonList("role");
+ RoleAssignmentRequestDTO request = RoleAssignmentRequestDTO.builder()
+ .roleNames(Collections.singletonList("role"))
+ .build();
- Response response = roleResource.revokeRealmRoles("user1", REALM, request);
+ roleResource.revokeRealmRoles("user1", REALM, request);
- assertEquals(204, response.getStatus());
verify(roleService).revokeRolesFromUser(any(RoleAssignmentDTO.class));
}
- @Test
- void testRevokeRealmRolesError() {
- doThrow(new RuntimeException("Error")).when(roleService).revokeRolesFromUser(any(RoleAssignmentDTO.class));
-
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = Collections.singletonList("role");
-
- Response response = roleResource.revokeRealmRoles("user1", REALM, request);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testAssignClientRoles() {
doNothing().when(roleService).assignRolesToUser(any(RoleAssignmentDTO.class));
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = Collections.singletonList("role");
+ RoleAssignmentRequestDTO request = RoleAssignmentRequestDTO.builder()
+ .roleNames(Collections.singletonList("role"))
+ .build();
- Response response = roleResource.assignClientRoles(CLIENT_ID, "user1", REALM, request);
+ roleResource.assignClientRoles(CLIENT_ID, "user1", REALM, request);
- assertEquals(204, response.getStatus());
verify(roleService).assignRolesToUser(any(RoleAssignmentDTO.class));
}
- @Test
- void testAssignClientRolesError() {
- doThrow(new RuntimeException("Error")).when(roleService).assignRolesToUser(any(RoleAssignmentDTO.class));
-
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = Collections.singletonList("role");
-
- Response response = roleResource.assignClientRoles(CLIENT_ID, "user1", REALM, request);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testGetUserRealmRoles() {
List roles = Collections.singletonList(RoleDTO.builder().name("role").build());
when(roleService.getUserRealmRoles("user1", REALM)).thenReturn(roles);
- Response response = roleResource.getUserRealmRoles("user1", REALM);
+ List result = roleResource.getUserRealmRoles("user1", REALM);
- assertEquals(200, response.getStatus());
- assertEquals(roles, response.getEntity());
- }
-
- @Test
- void testGetUserRealmRolesError() {
- when(roleService.getUserRealmRoles("user1", REALM)).thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.getUserRealmRoles("user1", REALM);
-
- assertEquals(500, response.getStatus());
+ assertEquals(roles, result);
}
@Test
@@ -417,19 +220,9 @@ class RoleResourceTest {
List roles = Collections.singletonList(RoleDTO.builder().name("role").build());
when(roleService.getUserClientRoles("user1", CLIENT_ID, REALM)).thenReturn(roles);
- Response response = roleResource.getUserClientRoles(CLIENT_ID, "user1", REALM);
+ List result = roleResource.getUserClientRoles(CLIENT_ID, "user1", REALM);
- assertEquals(200, response.getStatus());
- assertEquals(roles, response.getEntity());
- }
-
- @Test
- void testGetUserClientRolesError() {
- when(roleService.getUserClientRoles("user1", CLIENT_ID, REALM)).thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.getUserClientRoles(CLIENT_ID, "user1", REALM);
-
- assertEquals(500, response.getStatus());
+ assertEquals(roles, result);
}
// ============== Composite Role Tests ==============
@@ -438,104 +231,36 @@ class RoleResourceTest {
void testAddComposites() {
RoleDTO parentRole = RoleDTO.builder().id("parent-1").name("role").build();
RoleDTO childRole = RoleDTO.builder().id("child-1").name("composite").build();
-
+
when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
.thenReturn(Optional.of(parentRole));
when(roleService.getRoleByName("composite", REALM, TypeRole.REALM_ROLE, null))
.thenReturn(Optional.of(childRole));
- doNothing().when(roleService).addCompositeRoles(eq("parent-1"), anyList(), eq(REALM),
+ doNothing().when(roleService).addCompositeRoles(eq("parent-1"), anyList(), eq(REALM),
eq(TypeRole.REALM_ROLE), isNull());
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = Collections.singletonList("composite");
+ RoleAssignmentRequestDTO request = RoleAssignmentRequestDTO.builder()
+ .roleNames(Collections.singletonList("composite"))
+ .build();
- Response response = roleResource.addComposites("role", REALM, request);
+ roleResource.addComposites("role", REALM, request);
- assertEquals(204, response.getStatus());
- verify(roleService).addCompositeRoles(eq("parent-1"), anyList(), eq(REALM),
+ verify(roleService).addCompositeRoles(eq("parent-1"), anyList(), eq(REALM),
eq(TypeRole.REALM_ROLE), isNull());
}
- @Test
- void testAddCompositesParentNotFound() {
- when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
- .thenReturn(Optional.empty());
-
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = Collections.singletonList("composite");
-
- Response response = roleResource.addComposites("role", REALM, request);
-
- assertEquals(404, response.getStatus());
- }
-
- @Test
- void testAddCompositesError() {
- RoleDTO parentRole = RoleDTO.builder().id("parent-1").name("role").build();
- RoleDTO childRole = RoleDTO.builder().id("child-1").name("composite").build();
-
- when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
- .thenReturn(Optional.of(parentRole));
- when(roleService.getRoleByName("composite", REALM, TypeRole.REALM_ROLE, null))
- .thenReturn(Optional.of(childRole));
- doThrow(new RuntimeException("Error")).when(roleService).addCompositeRoles(eq("parent-1"), anyList(),
- eq(REALM), eq(TypeRole.REALM_ROLE), isNull());
-
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = Collections.singletonList("composite");
-
- Response response = roleResource.addComposites("role", REALM, request);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testGetComposites() {
RoleDTO role = RoleDTO.builder().id("1").name("role").build();
List composites = Collections.singletonList(RoleDTO.builder().name("composite").build());
-
+
when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
.thenReturn(Optional.of(role));
when(roleService.getCompositeRoles("1", REALM, TypeRole.REALM_ROLE, null))
.thenReturn(composites);
- Response response = roleResource.getComposites("role", REALM);
+ List result = roleResource.getComposites("role", REALM);
- assertEquals(200, response.getStatus());
- assertEquals(composites, response.getEntity());
- }
-
- @Test
- void testGetCompositesNotFound() {
- when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
- .thenReturn(Optional.empty());
-
- Response response = roleResource.getComposites("role", REALM);
-
- assertEquals(404, response.getStatus());
- }
-
- @Test
- void testGetCompositesError() {
- RoleDTO role = RoleDTO.builder().id("1").name("role").build();
- when(roleService.getRoleByName("role", REALM, TypeRole.REALM_ROLE, null))
- .thenReturn(Optional.of(role));
- when(roleService.getCompositeRoles("1", REALM, TypeRole.REALM_ROLE, null))
- .thenThrow(new RuntimeException("Error"));
-
- Response response = roleResource.getComposites("role", REALM);
-
- assertEquals(500, response.getStatus());
- }
-
- // ============== Inner Class Tests ==============
-
- @Test
- void testRoleAssignmentRequestClass() {
- RoleResource.RoleAssignmentRequest request = new RoleResource.RoleAssignmentRequest();
- request.roleNames = List.of("role1", "role2");
-
- assertEquals(2, request.roleNames.size());
- assertTrue(request.roleNames.contains("role1"));
+ assertEquals(composites, result);
}
}
diff --git a/src/test/java/dev/lions/user/manager/resource/SyncResourceTest.java b/src/test/java/dev/lions/user/manager/resource/SyncResourceTest.java
index 9f30ea8..7287cf0 100644
--- a/src/test/java/dev/lions/user/manager/resource/SyncResourceTest.java
+++ b/src/test/java/dev/lions/user/manager/resource/SyncResourceTest.java
@@ -1,15 +1,15 @@
package dev.lions.user.manager.resource;
+import dev.lions.user.manager.api.SyncResourceApi;
+import dev.lions.user.manager.dto.sync.HealthStatusDTO;
+import dev.lions.user.manager.dto.sync.SyncResultDTO;
import dev.lions.user.manager.service.SyncService;
-import jakarta.ws.rs.core.Response;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
-import java.util.Collections;
-import java.util.List;
import java.util.Map;
import static org.junit.jupiter.api.Assertions.*;
@@ -26,228 +26,57 @@ class SyncResourceTest {
SyncResource syncResource;
private static final String REALM = "test-realm";
- private static final String CLIENT_ID = "test-client";
+
+ @Test
+ void testCheckKeycloakHealth() {
+ when(syncService.isKeycloakAvailable()).thenReturn(true);
+ when(syncService.getKeycloakHealthInfo()).thenReturn(Map.of("version", "23.0.0"));
+
+ HealthStatusDTO status = syncResource.checkKeycloakHealth();
+
+ assertTrue(status.isKeycloakAccessible());
+ assertTrue(status.isOverallHealthy());
+ assertEquals("23.0.0", status.getKeycloakVersion());
+ }
+
+ @Test
+ void testCheckKeycloakHealthError() {
+ when(syncService.isKeycloakAvailable()).thenThrow(new RuntimeException("Connection refused"));
+
+ HealthStatusDTO status = syncResource.checkKeycloakHealth();
+
+ assertFalse(status.isOverallHealthy());
+ assertTrue(status.getErrorMessage().contains("Connection refused"));
+ }
@Test
void testSyncUsers() {
when(syncService.syncUsersFromRealm(REALM)).thenReturn(10);
- Response response = syncResource.syncUsers(REALM);
+ SyncResultDTO result = syncResource.syncUsers(REALM);
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
+ assertTrue(result.isSuccess());
+ assertEquals(10, result.getUsersCount());
+ assertEquals(REALM, result.getRealmName());
}
@Test
void testSyncUsersError() {
- when(syncService.syncUsersFromRealm(REALM)).thenThrow(new RuntimeException("Error"));
+ when(syncService.syncUsersFromRealm(REALM)).thenThrow(new RuntimeException("Sync failed"));
- Response response = syncResource.syncUsers(REALM);
+ SyncResultDTO result = syncResource.syncUsers(REALM);
- assertEquals(500, response.getStatus());
+ assertFalse(result.isSuccess());
+ assertEquals("Sync failed", result.getErrorMessage());
}
@Test
- void testSyncRealmRoles() {
+ void testSyncRoles() {
when(syncService.syncRolesFromRealm(REALM)).thenReturn(5);
- Response response = syncResource.syncRealmRoles(REALM);
+ SyncResultDTO result = syncResource.syncRoles(REALM, null);
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testSyncRealmRolesError() {
- when(syncService.syncRolesFromRealm(REALM)).thenThrow(new RuntimeException("Error"));
-
- Response response = syncResource.syncRealmRoles(REALM);
-
- assertEquals(500, response.getStatus());
- }
-
- @Test
- void testSyncClientRoles() {
- when(syncService.syncRolesFromRealm(REALM)).thenReturn(3);
-
- Response response = syncResource.syncClientRoles(CLIENT_ID, REALM);
-
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testSyncClientRolesError() {
- when(syncService.syncRolesFromRealm(REALM)).thenThrow(new RuntimeException("Error"));
-
- Response response = syncResource.syncClientRoles(CLIENT_ID, REALM);
-
- assertEquals(500, response.getStatus());
- }
-
- @Test
- void testSyncAll() {
- Map result = Map.of(
- "realmName", REALM,
- "usersSynced", 10,
- "rolesSynced", 5,
- "success", true
- );
- when(syncService.forceSyncRealm(REALM)).thenReturn(result);
-
- Response response = syncResource.syncAll(REALM);
-
- assertEquals(200, response.getStatus());
- assertEquals(result, response.getEntity());
- }
-
- @Test
- void testSyncAllError() {
- when(syncService.forceSyncRealm(REALM)).thenThrow(new RuntimeException("Error"));
-
- Response response = syncResource.syncAll(REALM);
-
- assertEquals(500, response.getStatus());
- }
-
- @Test
- void testCheckHealthHealthy() {
- when(syncService.isKeycloakAvailable()).thenReturn(true);
-
- Response response = syncResource.checkHealth();
-
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testCheckHealthUnhealthy() {
- when(syncService.isKeycloakAvailable()).thenReturn(false);
-
- Response response = syncResource.checkHealth();
-
- assertEquals(503, response.getStatus());
- }
-
- @Test
- void testCheckHealthError() {
- when(syncService.isKeycloakAvailable()).thenThrow(new RuntimeException("Error"));
-
- Response response = syncResource.checkHealth();
-
- assertEquals(503, response.getStatus());
- }
-
- @Test
- void testGetDetailedHealthStatus() {
- Map status = Map.of(
- "keycloakAvailable", true,
- "keycloakVersion", "21.0.0"
- );
- when(syncService.getKeycloakHealthInfo()).thenReturn(status);
-
- Response response = syncResource.getDetailedHealthStatus();
-
- assertEquals(200, response.getStatus());
- assertEquals(status, response.getEntity());
- }
-
- @Test
- void testGetDetailedHealthStatusError() {
- when(syncService.getKeycloakHealthInfo()).thenThrow(new RuntimeException("Error"));
-
- Response response = syncResource.getDetailedHealthStatus();
-
- assertEquals(500, response.getStatus());
- }
-
- @Test
- void testCheckRealmExistsTrue() {
- when(syncService.syncUsersFromRealm(REALM)).thenReturn(5);
-
- Response response = syncResource.checkRealmExists(REALM);
-
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testCheckRealmExistsFalse() {
- when(syncService.syncUsersFromRealm(REALM)).thenThrow(new RuntimeException("Realm not found"));
-
- Response response = syncResource.checkRealmExists(REALM);
-
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testCheckRealmExistsError() {
- when(syncService.syncUsersFromRealm(REALM)).thenThrow(new RuntimeException("Unexpected error"));
-
- Response response = syncResource.checkRealmExists(REALM);
-
- // checkRealmExists catches all exceptions and returns 200 with exists=false
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testCheckUserExists() {
- // La méthode checkUserExists retourne toujours false dans l'implémentation actuelle
- Response response = syncResource.checkUserExists("user1", REALM);
-
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testCheckUserExistsError() {
- // Test d'erreur si une exception est levée
- // Note: L'implémentation actuelle ne lève pas d'exception, mais testons quand même
- Response response = syncResource.checkUserExists("user1", REALM);
-
- assertEquals(200, response.getStatus());
- }
-
- // ============== Inner Class Tests ==============
-
- @Test
- void testSyncUsersResponseClass() {
- SyncResource.SyncUsersResponse response = new SyncResource.SyncUsersResponse(1, null);
-
- assertEquals(1, response.count);
- assertNull(response.users);
- }
-
- @Test
- void testSyncRolesResponseClass() {
- SyncResource.SyncRolesResponse response = new SyncResource.SyncRolesResponse(1, null);
-
- assertEquals(1, response.count);
- assertNull(response.roles);
- }
-
- @Test
- void testHealthCheckResponseClass() {
- SyncResource.HealthCheckResponse response = new SyncResource.HealthCheckResponse(true, "OK");
-
- assertTrue(response.healthy);
- assertEquals("OK", response.message);
- }
-
- @Test
- void testExistsCheckResponseClass() {
- SyncResource.ExistsCheckResponse response = new SyncResource.ExistsCheckResponse(true, "realm", "test");
-
- assertTrue(response.exists);
- assertEquals("realm", response.resourceType);
- assertEquals("test", response.resourceId);
- }
-
- @Test
- void testErrorResponseClass() {
- SyncResource.ErrorResponse response = new SyncResource.ErrorResponse("Error");
- assertEquals("Error", response.message);
+ assertTrue(result.isSuccess());
+ assertEquals(5, result.getRealmRolesCount());
}
}
diff --git a/src/test/java/dev/lions/user/manager/resource/UserMetricsResourceTest.java b/src/test/java/dev/lions/user/manager/resource/UserMetricsResourceTest.java
new file mode 100644
index 0000000..3e62f10
--- /dev/null
+++ b/src/test/java/dev/lions/user/manager/resource/UserMetricsResourceTest.java
@@ -0,0 +1,95 @@
+package dev.lions.user.manager.resource;
+
+import dev.lions.user.manager.client.KeycloakAdminClient;
+import dev.lions.user.manager.dto.common.UserSessionStatsDTO;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.keycloak.admin.client.resource.RealmResource;
+import org.keycloak.admin.client.resource.UserResource;
+import org.keycloak.admin.client.resource.UsersResource;
+import org.keycloak.representations.idm.UserRepresentation;
+import org.junit.jupiter.api.Assertions;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.when;
+
+@ExtendWith(MockitoExtension.class)
+class UserMetricsResourceTest {
+
+ @Mock
+ KeycloakAdminClient keycloakAdminClient;
+
+ @Mock
+ RealmResource realmResource;
+
+ @Mock
+ UsersResource usersResource;
+
+ @Mock
+ UserResource userResource1;
+
+ @Mock
+ UserResource userResource2;
+
+ @InjectMocks
+ UserMetricsResource userMetricsResource;
+
+ @Test
+ void testGetUserSessionStats() {
+ // Préparer deux utilisateurs avec des sessions différentes
+ UserRepresentation u1 = new UserRepresentation();
+ u1.setId("u1");
+ UserRepresentation u2 = new UserRepresentation();
+ u2.setId("u2");
+
+ when(keycloakAdminClient.getRealm("test-realm")).thenReturn(realmResource);
+ when(realmResource.users()).thenReturn(usersResource);
+ when(usersResource.list()).thenReturn(List.of(u1, u2));
+
+ // u1 a 2 sessions, u2 en a 0
+ when(usersResource.get("u1")).thenReturn(userResource1);
+ when(usersResource.get("u2")).thenReturn(userResource2);
+ when(userResource1.getUserSessions()).thenReturn(List.of(new org.keycloak.representations.idm.UserSessionRepresentation(),
+ new org.keycloak.representations.idm.UserSessionRepresentation()));
+ when(userResource2.getUserSessions()).thenReturn(List.of());
+
+ UserSessionStatsDTO stats = userMetricsResource.getUserSessionStats("test-realm");
+
+ assertNotNull(stats);
+ assertEquals("test-realm", stats.getRealmName());
+ assertEquals(2L, stats.getTotalUsers());
+ assertEquals(2L, stats.getActiveSessions()); // 2 sessions au total
+ assertEquals(1L, stats.getOnlineUsers()); // 1 utilisateur avec au moins une session
+ }
+
+ @Test
+ void testGetUserSessionStats_DefaultRealm() {
+ when(keycloakAdminClient.getRealm("master")).thenReturn(realmResource);
+ when(realmResource.users()).thenReturn(usersResource);
+ when(usersResource.list()).thenReturn(List.of());
+
+ UserSessionStatsDTO stats = userMetricsResource.getUserSessionStats(null);
+
+ assertNotNull(stats);
+ assertEquals("master", stats.getRealmName());
+ assertEquals(0L, stats.getTotalUsers());
+ }
+
+ @Test
+ void testGetUserSessionStats_OnError() {
+ when(keycloakAdminClient.getRealm(anyString()))
+ .thenThrow(new RuntimeException("KC error"));
+
+ Assertions.assertThrows(RuntimeException.class,
+ () -> userMetricsResource.getUserSessionStats("realm"));
+ }
+}
+
+
diff --git a/src/test/java/dev/lions/user/manager/resource/UserResourceTest.java b/src/test/java/dev/lions/user/manager/resource/UserResourceTest.java
index 85f6466..f892a9f 100644
--- a/src/test/java/dev/lions/user/manager/resource/UserResourceTest.java
+++ b/src/test/java/dev/lions/user/manager/resource/UserResourceTest.java
@@ -1,8 +1,6 @@
package dev.lions.user.manager.resource;
-import dev.lions.user.manager.dto.user.UserDTO;
-import dev.lions.user.manager.dto.user.UserSearchCriteriaDTO;
-import dev.lions.user.manager.dto.user.UserSearchResultDTO;
+import dev.lions.user.manager.dto.user.*;
import dev.lions.user.manager.service.UserService;
import jakarta.ws.rs.core.Response;
import org.junit.jupiter.api.Test;
@@ -12,6 +10,7 @@ import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import java.util.Collections;
+import java.util.List;
import java.util.Optional;
import static org.junit.jupiter.api.Assertions.*;
@@ -45,23 +44,10 @@ class UserResourceTest {
when(userService.searchUsers(any())).thenReturn(mockResult);
- Response response = userResource.searchUsers(criteria);
+ UserSearchResultDTO result = userResource.searchUsers(criteria);
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testSearchUsersError() {
- UserSearchCriteriaDTO criteria = UserSearchCriteriaDTO.builder()
- .realmName(REALM)
- .build();
-
- when(userService.searchUsers(any())).thenThrow(new RuntimeException("Search failed"));
-
- Response response = userResource.searchUsers(criteria);
-
- assertEquals(500, response.getStatus());
+ assertNotNull(result);
+ assertEquals(1, result.getTotalCount());
}
@Test
@@ -69,28 +55,17 @@ class UserResourceTest {
UserDTO user = UserDTO.builder().id("1").username("testuser").build();
when(userService.getUserById("1", REALM)).thenReturn(Optional.of(user));
- Response response = userResource.getUserById("1", REALM);
+ UserDTO result = userResource.getUserById("1", REALM);
- assertEquals(200, response.getStatus());
- assertEquals(user, response.getEntity());
+ assertNotNull(result);
+ assertEquals(user, result);
}
@Test
void testGetUserByIdNotFound() {
when(userService.getUserById("1", REALM)).thenReturn(Optional.empty());
- Response response = userResource.getUserById("1", REALM);
-
- assertEquals(404, response.getStatus());
- }
-
- @Test
- void testGetUserByIdError() {
- when(userService.getUserById("1", REALM)).thenThrow(new RuntimeException("Error"));
-
- Response response = userResource.getUserById("1", REALM);
-
- assertEquals(500, response.getStatus());
+ assertThrows(RuntimeException.class, () -> userResource.getUserById("1", REALM));
}
@Test
@@ -101,18 +76,10 @@ class UserResourceTest {
.build();
when(userService.getAllUsers(REALM, 0, 20)).thenReturn(mockResult);
- Response response = userResource.getAllUsers(REALM, 0, 20);
+ UserSearchResultDTO result = userResource.getAllUsers(REALM, 0, 20);
- assertEquals(200, response.getStatus());
- }
-
- @Test
- void testGetAllUsersError() {
- when(userService.getAllUsers(REALM, 0, 20)).thenThrow(new RuntimeException("Error"));
-
- Response response = userResource.getAllUsers(REALM, 0, 20);
-
- assertEquals(500, response.getStatus());
+ assertNotNull(result);
+ assertEquals(0, result.getTotalCount());
}
@Test
@@ -128,17 +95,6 @@ class UserResourceTest {
assertEquals(createdUser, response.getEntity());
}
- @Test
- void testCreateUserError() {
- UserDTO newUser = UserDTO.builder().username("newuser").email("new@test.com").build();
-
- when(userService.createUser(any(), eq(REALM))).thenThrow(new RuntimeException("Create failed"));
-
- Response response = userResource.createUser(newUser, REALM);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testUpdateUser() {
UserDTO updateUser = UserDTO.builder()
@@ -157,197 +113,80 @@ class UserResourceTest {
when(userService.updateUser(eq("1"), any(), eq(REALM))).thenReturn(updatedUser);
- Response response = userResource.updateUser("1", updateUser, REALM);
+ UserDTO result = userResource.updateUser("1", updateUser, REALM);
- assertEquals(200, response.getStatus());
- assertEquals(updatedUser, response.getEntity());
- }
-
- @Test
- void testUpdateUserError() {
- UserDTO updateUser = UserDTO.builder()
- .username("updated")
- .prenom("John")
- .nom("Doe")
- .email("john.doe@test.com")
- .build();
-
- when(userService.updateUser(eq("1"), any(), eq(REALM))).thenThrow(new RuntimeException("Update failed"));
-
- Response response = userResource.updateUser("1", updateUser, REALM);
-
- assertEquals(500, response.getStatus());
+ assertNotNull(result);
+ assertEquals(updatedUser, result);
}
@Test
void testDeleteUser() {
doNothing().when(userService).deleteUser("1", REALM, false);
- Response response = userResource.deleteUser("1", REALM, false);
+ userResource.deleteUser("1", REALM, false);
- assertEquals(204, response.getStatus());
verify(userService).deleteUser("1", REALM, false);
}
- @Test
- void testDeleteUserHard() {
- doNothing().when(userService).deleteUser("1", REALM, true);
-
- Response response = userResource.deleteUser("1", REALM, true);
-
- assertEquals(204, response.getStatus());
- verify(userService).deleteUser("1", REALM, true);
- }
-
- @Test
- void testDeleteUserError() {
- doThrow(new RuntimeException("Delete failed")).when(userService).deleteUser("1", REALM, false);
-
- Response response = userResource.deleteUser("1", REALM, false);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testActivateUser() {
doNothing().when(userService).activateUser("1", REALM);
- Response response = userResource.activateUser("1", REALM);
+ userResource.activateUser("1", REALM);
- assertEquals(204, response.getStatus());
verify(userService).activateUser("1", REALM);
}
- @Test
- void testActivateUserError() {
- doThrow(new RuntimeException("Activate failed")).when(userService).activateUser("1", REALM);
-
- Response response = userResource.activateUser("1", REALM);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testDeactivateUser() {
doNothing().when(userService).deactivateUser("1", REALM, "reason");
- Response response = userResource.deactivateUser("1", REALM, "reason");
+ userResource.deactivateUser("1", REALM, "reason");
- assertEquals(204, response.getStatus());
verify(userService).deactivateUser("1", REALM, "reason");
}
- @Test
- void testDeactivateUserError() {
- doThrow(new RuntimeException("Deactivate failed")).when(userService).deactivateUser("1", REALM, null);
-
- Response response = userResource.deactivateUser("1", REALM, null);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testResetPassword() {
doNothing().when(userService).resetPassword("1", REALM, "newpassword", true);
- UserResource.PasswordResetRequest request = new UserResource.PasswordResetRequest();
- request.password = "newpassword";
- request.temporary = true;
+ PasswordResetRequestDTO request = PasswordResetRequestDTO.builder()
+ .password("newpassword")
+ .temporary(true)
+ .build();
- Response response = userResource.resetPassword("1", REALM, request);
+ userResource.resetPassword("1", REALM, request);
- assertEquals(204, response.getStatus());
verify(userService).resetPassword("1", REALM, "newpassword", true);
}
- @Test
- void testResetPasswordError() {
- doThrow(new RuntimeException("Reset failed")).when(userService).resetPassword(any(), any(), any(),
- anyBoolean());
-
- UserResource.PasswordResetRequest request = new UserResource.PasswordResetRequest();
- request.password = "newpassword";
-
- Response response = userResource.resetPassword("1", REALM, request);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testSendVerificationEmail() {
doNothing().when(userService).sendVerificationEmail("1", REALM);
- Response response = userResource.sendVerificationEmail("1", REALM);
+ userResource.sendVerificationEmail("1", REALM);
- assertEquals(204, response.getStatus());
verify(userService).sendVerificationEmail("1", REALM);
}
- @Test
- void testSendVerificationEmailError() {
- doThrow(new RuntimeException("Email failed")).when(userService).sendVerificationEmail("1", REALM);
-
- Response response = userResource.sendVerificationEmail("1", REALM);
-
- assertEquals(500, response.getStatus());
- }
-
@Test
void testLogoutAllSessions() {
when(userService.logoutAllSessions("1", REALM)).thenReturn(5);
- Response response = userResource.logoutAllSessions("1", REALM);
+ SessionsRevokedDTO result = userResource.logoutAllSessions("1", REALM);
- assertEquals(200, response.getStatus());
- assertNotNull(response.getEntity());
- }
-
- @Test
- void testLogoutAllSessionsError() {
- when(userService.logoutAllSessions("1", REALM)).thenThrow(new RuntimeException("Logout failed"));
-
- Response response = userResource.logoutAllSessions("1", REALM);
-
- assertEquals(500, response.getStatus());
+ assertNotNull(result);
+ assertEquals(5, result.getCount());
}
@Test
void testGetActiveSessions() {
- when(userService.getActiveSessions("1", REALM)).thenReturn(Collections.emptyList());
+ when(userService.getActiveSessions("1", REALM)).thenReturn(Collections.singletonList("session-1"));
- Response response = userResource.getActiveSessions("1", REALM);
+ List result = userResource.getActiveSessions("1", REALM);
- assertEquals(200, response.getStatus());
- }
-
- @Test
- void testGetActiveSessionsError() {
- when(userService.getActiveSessions("1", REALM)).thenThrow(new RuntimeException("Sessions failed"));
-
- Response response = userResource.getActiveSessions("1", REALM);
-
- assertEquals(500, response.getStatus());
- }
-
- @Test
- void testPasswordResetRequestClass() {
- UserResource.PasswordResetRequest request = new UserResource.PasswordResetRequest();
- request.password = "password123";
- request.temporary = false;
-
- assertEquals("password123", request.password);
- assertFalse(request.temporary);
- }
-
- @Test
- void testSessionsRevokedResponseClass() {
- UserResource.SessionsRevokedResponse response = new UserResource.SessionsRevokedResponse(5);
- assertEquals(5, response.count);
- }
-
- @Test
- void testErrorResponseClass() {
- UserResource.ErrorResponse response = new UserResource.ErrorResponse("Error message");
- assertEquals("Error message", response.message);
+ assertNotNull(result);
+ assertEquals(1, result.size());
+ assertEquals("session-1", result.get(0));
}
}
diff --git a/src/test/java/dev/lions/user/manager/service/impl/AuditServiceImplTest.java b/src/test/java/dev/lions/user/manager/service/impl/AuditServiceImplTest.java
index 75c0a90..e35bd39 100644
--- a/src/test/java/dev/lions/user/manager/service/impl/AuditServiceImplTest.java
+++ b/src/test/java/dev/lions/user/manager/service/impl/AuditServiceImplTest.java
@@ -2,21 +2,44 @@ package dev.lions.user.manager.service.impl;
import dev.lions.user.manager.dto.audit.AuditLogDTO;
import dev.lions.user.manager.enums.audit.TypeActionAudit;
+import dev.lions.user.manager.server.impl.entity.AuditLogEntity;
+import dev.lions.user.manager.server.impl.mapper.AuditLogMapper;
+import dev.lions.user.manager.server.impl.repository.AuditLogRepository;
+import io.quarkus.hibernate.orm.panache.PanacheQuery;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
-import java.time.LocalDateTime;
-import java.util.List;
-import static org.junit.jupiter.api.Assertions.*;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.mockito.junit.jupiter.MockitoSettings;
+import org.mockito.quality.Strictness;
+import java.time.LocalDateTime;
+import java.util.Collections;
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.*;
+
+@ExtendWith(MockitoExtension.class)
+@MockitoSettings(strictness = Strictness.LENIENT)
class AuditServiceImplTest {
+ @Mock
+ AuditLogRepository auditLogRepository;
+
+ @Mock
+ AuditLogMapper auditLogMapper;
+
+ @InjectMocks
AuditServiceImpl auditService;
@BeforeEach
void setUp() {
- auditService = new AuditServiceImpl();
- auditService.auditEnabled = true; // manually injecting config property
- auditService.logToDatabase = false;
+ auditService.auditEnabled = true;
+ auditService.logToDatabase = true;
}
@Test
@@ -25,11 +48,11 @@ class AuditServiceImplTest {
log.setTypeAction(TypeActionAudit.USER_CREATE);
log.setActeurUsername("admin");
+ when(auditLogMapper.toEntity(any(AuditLogDTO.class))).thenReturn(new AuditLogEntity());
+
auditService.logAction(log);
- assertEquals(1, auditService.getTotalCount());
- assertNotNull(log.getId());
- assertNotNull(log.getDateAction());
+ verify(auditLogRepository).persist(any(AuditLogEntity.class));
}
@Test
@@ -38,41 +61,58 @@ class AuditServiceImplTest {
AuditLogDTO log = new AuditLogDTO();
auditService.logAction(log);
- assertEquals(0, auditService.getTotalCount());
+
+ verify(auditLogRepository, never()).persist(any(AuditLogEntity.class));
}
@Test
void testLogSuccess() {
+ when(auditLogMapper.toEntity(any(AuditLogDTO.class))).thenReturn(new AuditLogEntity());
+
auditService.logSuccess(TypeActionAudit.USER_CREATE, "USER", "1", "user", "realm", "admin", "desc");
- assertEquals(1, auditService.getTotalCount());
+
+ verify(auditLogRepository).persist(any(AuditLogEntity.class));
}
@Test
void testLogFailure() {
+ when(auditLogMapper.toEntity(any(AuditLogDTO.class))).thenReturn(new AuditLogEntity());
+
auditService.logFailure(TypeActionAudit.USER_CREATE, "USER", "1", "user", "realm", "admin", "ERR", "Error");
- assertEquals(1, auditService.getTotalCount());
+
+ verify(auditLogRepository).persist(any(AuditLogEntity.class));
+
+ // Test findFailures mock logic
+ when(auditLogRepository.search(anyString(), any(), any(), any(), any(), eq(false), anyInt(), anyInt()))
+ .thenReturn(Collections.singletonList(new AuditLogEntity()));
+ when(auditLogMapper.toDTOList(anyList())).thenReturn(Collections.singletonList(new AuditLogDTO()));
+
List