From 4672fc9b366c7b1607a1ceef18277e6fa726ea16 Mon Sep 17 00:00:00 2001
From: chasegawa <chasegawa@unicon.net>
Date: Tue, 4 Oct 2022 16:27:00 -0700
Subject: [PATCH] SHIBUI-2394

Added ability to unapprove
---
 .../ui/controller/ApprovalController.java     |  4 ++--
 .../admin/ui/domain/EntityDescriptor.java     |  6 +++++
 .../ui/service/EntityDescriptorService.java   |  2 +-
 .../JPAEntityDescriptorServiceImpl.java       | 22 ++++++++++++-------
 .../controller/ApproveControllerTests.groovy  | 21 ++++++++++++++++++
 5 files changed, 44 insertions(+), 11 deletions(-)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ApprovalController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ApprovalController.java
index f3945ef47..32bf84afb 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ApprovalController.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ApprovalController.java
@@ -24,8 +24,8 @@ public class ApprovalController {
     @PatchMapping(path = "/entityDescriptor/{resourceId}/{mode}")
     @Transactional
     public ResponseEntity<?> approveEntityDescriptor(@PathVariable String resourceId, @PathVariable String mode) throws PersistentEntityNotFound, ForbiddenException {
-//        boolean status = "approve".equalsIgnoreCase(mode); // can we un-approve?
-        EntityDescriptorRepresentation edr = entityDescriptorService.approveEntityDescriptor(resourceId);
+        boolean status = "approve".equalsIgnoreCase(mode);
+        EntityDescriptorRepresentation edr = entityDescriptorService.changeApproveStatusOfEntityDescriptor(resourceId, status);
         return ResponseEntity.ok(edr);
     }
 }
\ No newline at end of file
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java
index d1885ae14..33e7ce6d1 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java
@@ -323,4 +323,10 @@ public void addApproval(Group group) {
     public int approvedCount() {
         return approved.size();
     }
+
+    public void removeLastApproval() {
+        if (!approved.isEmpty()) {
+            approved.remove(approved.size() - 1);
+        }
+    }
 }
\ No newline at end of file
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityDescriptorService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityDescriptorService.java
index e5931f93a..1f37b83bc 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityDescriptorService.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityDescriptorService.java
@@ -123,5 +123,5 @@ EntityDescriptorRepresentation updateEntityDescriptorEnabledStatus(String resour
 
     EntityDescriptorRepresentation updateGroupForEntityDescriptor(String resourceId, String groupId);
 
-    EntityDescriptorRepresentation approveEntityDescriptor(String resourceId) throws PersistentEntityNotFound, ForbiddenException;
+    EntityDescriptorRepresentation changeApproveStatusOfEntityDescriptor(String resourceId, boolean status) throws PersistentEntityNotFound, ForbiddenException;
 }
\ No newline at end of file
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java
index 21607029b..0b1f67932 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java
@@ -76,19 +76,25 @@ public class JPAEntityDescriptorServiceImpl implements EntityDescriptorService {
     private UserService userService;
 
     @Override
-    public EntityDescriptorRepresentation approveEntityDescriptor(String resourceId) throws PersistentEntityNotFound, ForbiddenException {
+    public EntityDescriptorRepresentation changeApproveStatusOfEntityDescriptor(String resourceId, boolean status) throws PersistentEntityNotFound, ForbiddenException {
         EntityDescriptor ed = entityDescriptorRepository.findByResourceId(resourceId);
         if (ed == null) {
             throw new PersistentEntityNotFound("Entity with resourceid[" + resourceId + "] was not found for approval");
         }
-        int approvedCount = ed.approvedCount();
-        List<Approvers> approversList = groupService.find(ed.getIdOfOwner()).getApproversList();
-        if (!approversList.isEmpty() && approversList.size() > approvedCount) {
-            Approvers approvers = approversList.get(approvedCount); // yea for index zero - use the count to get the next approvers
-            if (!userService.currentUserCanApprove(approvers.getApproverGroups())) {
-                throw new ForbiddenException("You do not have the permissions necessary to approve this entity descriptor.");
+        if (status) { // approve
+            int approvedCount = ed.approvedCount();
+            List<Approvers> approversList = groupService.find(ed.getIdOfOwner()).getApproversList();
+            if (!approversList.isEmpty() && approversList.size() > approvedCount) {
+                Approvers approvers = approversList.get(
+                                approvedCount); // yea for index zero - use the count to get the next approvers
+                if (!userService.currentUserCanApprove(approvers.getApproverGroups())) {
+                    throw new ForbiddenException("You do not have the permissions necessary to approve this entity descriptor.");
+                }
+                ed.addApproval(userService.getCurrentUserGroup());
+                ed = entityDescriptorRepository.save(ed);
             }
-            ed.addApproval(userService.getCurrentUserGroup());
+        } else { // un-approve
+            ed.removeLastApproval();
             ed = entityDescriptorRepository.save(ed);
         }
         return createRepresentationFromDescriptor(ed);
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/ApproveControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/ApproveControllerTests.groovy
index 04ff8ceda..b18c40aad 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/ApproveControllerTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/ApproveControllerTests.groovy
@@ -141,4 +141,25 @@ class ApproveControllerTests extends AbstractBaseDataJpaTest {
                 .andExpect(jsonPath("\$.approved").value(true))
     }
 
+    @WithMockUser(value = "BUser", roles = ["USER"])
+    def 'Approver can approve and un-approve an entity descriptor'() {
+        when:
+        def result = mockMvc.perform(patch("/api/approve/entityDescriptor/" + defaultEntityDescriptorResourceId + "/approve"))
+
+        then:
+        result.andExpect(status().isOk())
+                .andExpect(jsonPath("\$.id").value(defaultEntityDescriptorResourceId))
+                .andExpect(jsonPath("\$.serviceEnabled").value(false))
+                .andExpect(jsonPath("\$.approved").value(true))
+
+        when:
+        def result2 = mockMvc.perform(patch("/api/approve/entityDescriptor/" + defaultEntityDescriptorResourceId + "/unapprove"))
+
+        then:
+        result2.andExpect(status().isOk())
+                .andExpect(jsonPath("\$.id").value(defaultEntityDescriptorResourceId))
+                .andExpect(jsonPath("\$.serviceEnabled").value(false))
+                .andExpect(jsonPath("\$.approved").value(false))
+
+    }
 }
\ No newline at end of file