diff --git a/src/main/java/com/epam/ta/reportportal/core/user/EditUserHandler.java b/src/main/java/com/epam/ta/reportportal/core/user/EditUserHandler.java index 6c75ca210e..4888868d33 100644 --- a/src/main/java/com/epam/ta/reportportal/core/user/EditUserHandler.java +++ b/src/main/java/com/epam/ta/reportportal/core/user/EditUserHandler.java @@ -65,6 +65,13 @@ public interface EditUserHandler { */ OperationCompletionRS deletePhoto(String username); + /** + * Delete user's photo. + * + * @param userId id of user + */ + void deletePhoto(Long userId); + /** * Change password * diff --git a/src/main/java/com/epam/ta/reportportal/core/user/impl/EditUserHandlerImpl.java b/src/main/java/com/epam/ta/reportportal/core/user/impl/EditUserHandlerImpl.java index a573c6c60c..e10b0c40e0 100644 --- a/src/main/java/com/epam/ta/reportportal/core/user/impl/EditUserHandlerImpl.java +++ b/src/main/java/com/epam/ta/reportportal/core/user/impl/EditUserHandlerImpl.java @@ -191,6 +191,15 @@ public OperationCompletionRS deletePhoto(String login) { return new OperationCompletionRS("Profile photo has been deleted successfully"); } + @Override + public void deletePhoto(Long userId) { + User user = userRepository.findById(userId) + .orElseThrow(() -> new ReportPortalException(ErrorType.USER_NOT_FOUND, userId)); + expect(user.getUserType(), equalTo(INTERNAL)).verify(ACCESS_DENIED, + "Unable to change photo for external user"); + userBinaryDataService.deleteUserPhoto(user); + } + @Override public OperationCompletionRS changePassword(ReportPortalUser loggedInUser, ChangePasswordRQ request) { diff --git a/src/main/java/com/epam/ta/reportportal/ws/controller/FileStorageController.java b/src/main/java/com/epam/ta/reportportal/ws/controller/FileStorageController.java index 07269a7d43..8887197554 100644 --- a/src/main/java/com/epam/ta/reportportal/ws/controller/FileStorageController.java +++ b/src/main/java/com/epam/ta/reportportal/ws/controller/FileStorageController.java @@ -111,6 +111,7 @@ public void getUserPhoto(@PathVariable String projectKey, @Transactional @PostMapping(value = "/photo", consumes = {MediaType.MULTIPART_FORM_DATA_VALUE}) @Operation(summary = "Upload user's photo") + @Deprecated(forRemoval = true) public OperationCompletionRS uploadPhoto(@RequestParam("file") MultipartFile file, @AuthenticationPrincipal ReportPortalUser user) { return editUserHandler.uploadPhoto(EntityUtils.normalizeId(user.getUsername()), file); @@ -119,6 +120,7 @@ public OperationCompletionRS uploadPhoto(@RequestParam("file") MultipartFile fil @Transactional @DeleteMapping(value = "/photo") @Operation(summary = "Delete user's photo") + @Deprecated(forRemoval = true) public OperationCompletionRS deletePhoto(@AuthenticationPrincipal ReportPortalUser user) { return editUserHandler.deletePhoto(EntityUtils.normalizeId(user.getUsername())); } diff --git a/src/main/java/com/epam/ta/reportportal/ws/controller/UserController.java b/src/main/java/com/epam/ta/reportportal/ws/controller/UserController.java index a0e8ed0a3f..876938936d 100644 --- a/src/main/java/com/epam/ta/reportportal/ws/controller/UserController.java +++ b/src/main/java/com/epam/ta/reportportal/ws/controller/UserController.java @@ -104,4 +104,12 @@ public ResponseEntity postUsersUserIdAvatar(Long userId, editUserHandler.uploadPhoto(userId, file); return new ResponseEntity<>(HttpStatus.CREATED); } + + @Override + @Transactional + @PreAuthorize(ALLOWED_TO_USER_ITSELF) + public ResponseEntity deleteUsersUserIdAvatar(Long userId) { + editUserHandler.deletePhoto(userId); + return new ResponseEntity<>(HttpStatus.NO_CONTENT); + } } diff --git a/src/test/java/com/epam/ta/reportportal/ws/controller/FileStorageControllerTest.java b/src/test/java/com/epam/ta/reportportal/ws/controller/FileStorageControllerTest.java index 5810c435f9..e7a6250833 100644 --- a/src/test/java/com/epam/ta/reportportal/ws/controller/FileStorageControllerTest.java +++ b/src/test/java/com/epam/ta/reportportal/ws/controller/FileStorageControllerTest.java @@ -69,13 +69,13 @@ void userPhoto() throws Exception { token(oAuthHelper.getDefaultToken()))) .andExpect(status().isOk()); - mockMvc.perform(delete("/v1/data/photo").with(token(oAuthHelper.getDefaultToken()))) - .andExpect(status().isOk()); + mockMvc.perform(delete("/users/2/avatar").with(token(oAuthHelper.getDefaultToken()))) + .andExpect(status().isNoContent()); } @Test @Sql("/db/user/user-viewer.sql") - public void testUserPhotoAccessDeniedForCustomer() throws Exception { + void testUserPhotoAccessDeniedForCustomer() throws Exception { mockMvc.perform(get("/v1/data/default_personal/userphoto?login=default").with( token(oAuthHelper.getCustomerToken()))) .andExpect(status().isForbidden()); diff --git a/src/test/java/com/epam/ta/reportportal/ws/controller/UserControllerTest.java b/src/test/java/com/epam/ta/reportportal/ws/controller/UserControllerTest.java index c3003fdcfe..0e70ec3d07 100644 --- a/src/test/java/com/epam/ta/reportportal/ws/controller/UserControllerTest.java +++ b/src/test/java/com/epam/ta/reportportal/ws/controller/UserControllerTest.java @@ -502,7 +502,7 @@ void userPhoto() throws Exception { token(oAuthHelper.getDefaultToken()))) .andExpect(status().isOk()); - mockMvc.perform(delete("/v1/data/photo").with(token(oAuthHelper.getDefaultToken()))) - .andExpect(status().isOk()); + mockMvc.perform(delete("/users/2/avatar").with(token(oAuthHelper.getDefaultToken()))) + .andExpect(status().isNoContent()); } }