Merge pull request 'OZG-5424 do not delete user if realm already deleted'...

Merge pull request 'OZG-5424 do not delete user if realm already deleted' (#23) from OZG-5424-check-realm-before-delete-uiser into master

Reviewed-on: https://git.ozg-sh.de/ozgcloud-devops/operator/pulls/23


Reviewed-by: OZGCloud <ozgcloud@mgm-tp.com>

ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserPreconditionService.java

@@ -41,7 +41,7 @@ class KeycloakUserPreconditionService {
 	public Optional<String> getPreconditionErrors(OzgCloudKeycloakUser user) {
 		var namespace = user.getMetadata().getNamespace();
 
-		if (!keycloakGenericRemoteService.realmExists(namespace)) {
+		if (!realmExists(namespace)) {
 			return Optional.of(String.format("Realm %s does not yet exist", namespace));
 		}
 
@@ -58,6 +58,10 @@ class KeycloakUserPreconditionService {
 		return Optional.empty();
 	}
 
+	boolean realmExists(String realmName) {
+		return keycloakGenericRemoteService.realmExists(realmName);
+	}
+
 	Optional<String> clientsExists(OzgCloudKeycloakUser user, String realm) {
 		return user.getSpec().getKeycloakUser().getClientRoles().stream()
 				.map(KeycloakUserSpecClientRole::getClientId)

ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserReconciler.java

@@ -88,6 +88,11 @@ public class KeycloakUserReconciler implements Reconciler<OzgCloudKeycloakUser>,
 			LOG.info("keep data");
 			return DeleteControl.defaultDelete();
 		}
+
+		if (!preconditionService.realmExists(user.getMetadata().getNamespace())) {
+			return DeleteControl.defaultDelete();
+		}
+
 		return deleteUser(user);
 	}
 

ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserPreconditionServiceTest.java

@@ -44,6 +44,8 @@ import de.ozgcloud.operator.keycloak.KeycloakGenericRemoteService;
 
 class KeycloakUserPreconditionServiceTest {
 
+	private String REALM = OzgCloudKeycloakUserTestFactory.METADATA_NAMESPACE;
+
 	@Spy
 	@InjectMocks
 	private KeycloakUserPreconditionService service;
@@ -70,9 +72,18 @@ class KeycloakUserPreconditionServiceTest {
 			verify(keycloakGenericRemoteService).realmExists(OzgCloudKeycloakUserTestFactory.METADATA_NAMESPACE);
 		}
 
+		@Test
+		void shouldReturnResponseFromRealmExists() {
+			when(service.realmExists(REALM)).thenReturn(true);
+
+			var response = service.getPreconditionErrors(OzgCloudKeycloakUserTestFactory.create());
+
+			assertThat(response).isPresent();
+		}
+
 		@Test
 		void shouldReturnErrorIfRealmNotExists() {
-			doReturn(false).when(keycloakGenericRemoteService).realmExists(anyString());
+			doReturn(false).when(service).realmExists(REALM);
 
 			var response = service.getPreconditionErrors(OzgCloudKeycloakUserTestFactory.create());
 
@@ -113,6 +124,26 @@ class KeycloakUserPreconditionServiceTest {
 		}
 	}
 
+	@Nested
+	class TestRealmExists {
+
+		@Test
+		void shouleCallRemoteService() {
+			service.realmExists(REALM);
+
+			verify(keycloakGenericRemoteService).realmExists(REALM);
+		}
+
+		@Test
+		void shouldReturnResponseFromRemoteService() {
+			when(keycloakGenericRemoteService.realmExists(REALM)).thenReturn(true);
+
+			var response = service.realmExists(REALM);
+
+			assertThat(response).isTrue();
+		}
+	}
+
 	@Nested
 	class TestClientExists {
 

ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserReconcilerTest.java

@@ -45,6 +45,8 @@ import io.javaoperatorsdk.operator.api.reconciler.DeleteControl;
 
 class KeycloakUserReconcilerTest {
 
+	private final String REALM = OzgCloudKeycloakUserTestFactory.METADATA_NAMESPACE;
+
 	@Spy
 	@InjectMocks
 	private KeycloakUserReconciler reconciler;
@@ -134,6 +136,8 @@ class KeycloakUserReconcilerTest {
 
 			@Test
 			void shouldCallDeleteUser() {
+				when(preconditionService.realmExists(REALM)).thenReturn(true);
+
 				reconciler.cleanup(user, null);
 
 				verify(reconciler).deleteUser(user);
@@ -143,11 +147,37 @@ class KeycloakUserReconcilerTest {
 			void shouldReturnValueFromDeleteUser() {
 				DeleteControl expected = DeleteControl.defaultDelete();
 				when(reconciler.deleteUser(user)).thenReturn(expected);
+				when(preconditionService.realmExists(REALM)).thenReturn(true);
 
 				DeleteControl response = reconciler.cleanup(user, null);
 
 				assertThat(response).isEqualTo(expected);
 			}
+
+			@Test
+			void shouldCallRealmExists() {
+				reconciler.cleanup(user, null);
+
+				verify(preconditionService).realmExists(REALM);
+			}
+
+			@Test
+			void shouldDeleteUserIfRealmExists() {
+				when(preconditionService.realmExists(REALM)).thenReturn(true);
+
+				reconciler.cleanup(user, null);
+
+				verify(reconciler).deleteUser(user);
+			}
+
+			@Test
+			void shouldNotDeleteUserIfRealmNotExists() {
+				when(preconditionService.realmExists(REALM)).thenReturn(false);
+
+				reconciler.cleanup(user, null);
+
+				verify(reconciler, never()).deleteUser(user);
+			}
 		}
 
 		@DisplayName("test delete")
@@ -172,6 +202,7 @@ class KeycloakUserReconcilerTest {
 
 			@Test
 			void shouldRescheduleOnError() {
+				when(preconditionService.realmExists(REALM)).thenReturn(true);
 				doThrow(RuntimeException.class).when(service)
 						.deleteUser(user.getSpec(), OzgCloudKeycloakRealmTestFactory.METADATA_NAMESPACE);