hmcts · SabinaHMCTS · Dec 11, 2023 · Apr 23, 2024 · Apr 24, 2024 · Apr 25, 2024
diff --git a/...ts/reform/professionalapi/provider/OrganisationalExternalControllerProviderUsersTest.java b/...ts/reform/professionalapi/provider/OrganisationalExternalControllerProviderUsersTest.java
@@ -39,6 +39,7 @@
 import uk.gov.hmcts.reform.professionalapi.repository.IdamRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.OrganisationRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.ProfessionalUserRepository;
+import uk.gov.hmcts.reform.professionalapi.repository.UserAttributeRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.UserConfiguredAccessRepository;
 import uk.gov.hmcts.reform.professionalapi.service.ProfessionalUserService;
 
@@ -89,6 +90,9 @@ public class OrganisationalExternalControllerProviderUsersTest extends WebMvcPro
     @Autowired
     JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverterMock;
 
+    @Autowired
+    UserAttributeRepository userAttributeRepository;
+
     @Autowired
     IdamRepository idamRepositoryMock;
 

diff --git a/...fessionalapi/provider/OrganisationalExternalControllerProviderUsersTestConfiguration.java b/...fessionalapi/provider/OrganisationalExternalControllerProviderUsersTestConfiguration.java
@@ -17,6 +17,7 @@
 import uk.gov.hmcts.reform.professionalapi.repository.OrganisationRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PaymentAccountRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PrdEnumRepository;
+import uk.gov.hmcts.reform.professionalapi.repository.UserAttributeRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.UserConfiguredAccessRepository;
 import uk.gov.hmcts.reform.professionalapi.service.FeatureToggleService;
 import uk.gov.hmcts.reform.professionalapi.service.PaymentAccountService;
@@ -69,6 +70,9 @@ public class OrganisationalExternalControllerProviderUsersTestConfiguration exte
     @MockBean
     OrgAttributeRepository orgAttributeRepository;
 
+    @MockBean
+    UserAttributeRepository userAttributeRepository;
+
     @Bean
     @Primary
     protected OrganisationServiceImpl organisationService() {

diff --git a/...v/hmcts/reform/professionalapi/provider/OrganisationalInternalControllerProviderTest.java b/...v/hmcts/reform/professionalapi/provider/OrganisationalInternalControllerProviderTest.java
@@ -37,6 +37,7 @@
 import uk.gov.hmcts.reform.professionalapi.repository.OrganisationRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PaymentAccountRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.ProfessionalUserRepository;
+import uk.gov.hmcts.reform.professionalapi.repository.UserAttributeRepository;
 import uk.gov.hmcts.reform.professionalapi.service.MfaStatusService;
 import uk.gov.hmcts.reform.professionalapi.service.PaymentAccountService;
 import uk.gov.hmcts.reform.professionalapi.service.PrdEnumService;
@@ -107,6 +108,9 @@ public class OrganisationalInternalControllerProviderTest extends MockMvcProvide
     @Autowired
     OrganisationIdentifierValidatorImpl organisationIdentifierValidatorImplMock;
 
+    @Autowired
+    UserAttributeRepository userAttributeRepository;
+
     public static final String ORG_NAME = "Org-Name";
     public static final String SRA_ID = "sra-id";
     public static final String COMPANY_NUMBER = "companyN";

diff --git a/...m/professionalapi/provider/OrganisationalInternalControllerProviderTestConfiguration.java b/...m/professionalapi/provider/OrganisationalInternalControllerProviderTestConfiguration.java
@@ -14,6 +14,7 @@
 import uk.gov.hmcts.reform.professionalapi.repository.OrganisationRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PaymentAccountRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PrdEnumRepository;
+import uk.gov.hmcts.reform.professionalapi.repository.UserAttributeRepository;
 import uk.gov.hmcts.reform.professionalapi.service.PaymentAccountService;
 import uk.gov.hmcts.reform.professionalapi.service.ProfessionalUserService;
 import uk.gov.hmcts.reform.professionalapi.service.UserAttributeService;
@@ -59,6 +60,9 @@ public class OrganisationalInternalControllerProviderTestConfiguration extends P
     @MockBean
     OrganisationMfaStatusRepository organisationMfaStatusRepository;
 
+    @MockBean
+    UserAttributeRepository userAttributeRepository;
+
     @Bean
     @Primary
     protected OrganisationInternalController organisationInternalController() {

diff --git a/...Test/java/uk/gov/hmcts/reform/professionalapi/ProfessionalInternalUserFunctionalTest.java b/...Test/java/uk/gov/hmcts/reform/professionalapi/ProfessionalInternalUserFunctionalTest.java
@@ -19,6 +19,7 @@
 import uk.gov.hmcts.reform.professionalapi.controller.request.PbaRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.PbaUpdateRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.UpdatePbaRequest;
+import uk.gov.hmcts.reform.professionalapi.controller.request.UserDeletionRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.response.FetchPbaByStatusResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.OrganisationsWithPbaStatusResponse;
 import uk.gov.hmcts.reform.professionalapi.domain.MFAStatus;
@@ -32,6 +33,7 @@
 
 import java.time.LocalDateTime;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Comparator;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -865,6 +867,46 @@ void testInternalOrganisationDeleteScenario() {
                 .retrieveOrganisationDetails(orgIdentifier, hmctsAdmin, NOT_FOUND);
     }
 
+    public List<String> setUpUsersToDelete() {
+        superUserEmail = generateRandomEmail();
+        invitedUserEmail = generateRandomEmail();
+        organisationCreationRequest = createOrganisationRequest()
+            .superUser(aUserCreationRequest()
+                .firstName("firstName")
+                .lastName("lastName")
+                .email(superUserEmail)
+                .build())
+            .build();
+        intActiveOrgId = createAndUpdateOrganisationToActive(hmctsAdmin, organisationCreationRequest);
+
+        List<String> roles = new ArrayList<>();
+        roles.add(puiCaseManager);
+        roles.add(puiOrgManager);
+        roles.add(puiFinanceManager);
+        idamOpenIdClient.createUser(roles, invitedUserEmail, "firstName", "lastName");
+
+        return Arrays.asList(superUserEmail.toLowerCase());
+    }
+
+    @Test
+    @DisplayName("PRD Internal Delete User for Professional and User Profile")
+    void deletUserFromProfessionalAndUserProfileShouldReturnSuccess() {
+
+        log.info("deletUserFromProfessionalAndUserProfileShouldReturnSuccess :: STARTED");
+
+        List<String> emails = setUpUsersToDelete();
+
+        UserDeletionRequest userDeletionRequest = new UserDeletionRequest(emails);
+
+        JsonPath response = professionalApiClient.deleteUserFromOrganisation(userDeletionRequest,OK);
+        Response getUserResponse = professionalApiClient.retrieveUserByIdNotFound(intActiveOrgId);
+        assertThat(getUserResponse).isNull();
+        assertThat(response).isNotNull();
+
+        log.info("deletUserFromProfessionalAndUserProfileShouldReturnSuccess :: END");
+
+    }
+
     private static void verifyOrganisationDetails(JsonPath response) {
 
         String companyUrl = response.get("companyUrl");

diff --git a/...functionalTest/java/uk/gov/hmcts/reform/professionalapi/client/ProfessionalApiClient.java b/...functionalTest/java/uk/gov/hmcts/reform/professionalapi/client/ProfessionalApiClient.java
@@ -25,6 +25,7 @@
 import uk.gov.hmcts.reform.professionalapi.controller.request.PbaRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.UpdatePbaRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.UserCreationRequest;
+import uk.gov.hmcts.reform.professionalapi.controller.request.UserDeletionRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.UsersInOrganisationsByOrganisationIdentifiersRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.response.OrganisationMinimalInfoResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.OrganisationsWithPbaStatusResponse;
@@ -488,6 +489,20 @@ public Map<String, Object> addNewUserToAnOrganisationExternal(NewUserCreationReq
         return response.body().as(Map.class);
     }
 
+    public JsonPath deleteUserFromOrganisation(UserDeletionRequest userDeletionRequest, HttpStatus status) {
+        Response response = getMultipleAuthHeadersInternal()
+            .body(userDeletionRequest)
+            .delete("/refdata/internal/v1/organisations/users")
+            .andReturn();
+
+        response.then()
+            .assertThat()
+            .statusCode(status.NO_CONTENT.value());
+
+        return response.body().jsonPath();
+    }
+
+
     @SuppressWarnings("unchecked")
     public JsonPath retrieveOrganisationDetails(String id, String role, HttpStatus status) {
         Response response = getMultipleAuthHeadersInternal()
@@ -504,6 +519,8 @@ public JsonPath retrieveOrganisationDetails(String id, String role, HttpStatus s
                 .statusCode(status.value());
 
         return response.body().jsonPath();
+
+
     }
 
     public Map<String, Object> retrieveOrganisationDetailsBySinceDate(String sinceDate, String page, String pageSize) {

diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/professionalapi/DeleteUserIntegrationTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/professionalapi/DeleteUserIntegrationTest.java
@@ -0,0 +1,58 @@
+package uk.gov.hmcts.reform.professionalapi;
+
+import groovy.util.logging.Slf4j;
+import org.junit.jupiter.api.Test;
+import uk.gov.hmcts.reform.professionalapi.controller.request.UserDeletionRequest;
+import uk.gov.hmcts.reform.professionalapi.util.AuthorizationEnabledIntegrationTest;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+
+@Slf4j
+class DeleteUserIntegrationTest extends AuthorizationEnabledIntegrationTest {
+
+    @Test
+    void delete_user_non_existing_emails_should_return_400() {
+        List<String> emails =  Arrays.asList("[email protected]","[email protected]");
+        UserDeletionRequest userDeletionRequest = new UserDeletionRequest(emails);
+        Map<String, Object> updateResponse = professionalReferenceDataClient
+            .deleteUser(userDeletionRequest,hmctsAdmin);
+        assertThat(updateResponse.get("http_status").toString()).contains("400");
+        assertThat(updateResponse.get("response_body").toString()).contains("Email addresses provided do not exist");
+
+    }
+
+    @Test
+    void delete_user_with_bad_request_should_return_400() {
+        Map<String, Object> updateResponse = professionalReferenceDataClient
+            .deleteUser(null,  hmctsAdmin);
+
+        assertThat(updateResponse).containsEntry("http_status", "400");
+
+    }
+
+    @Test
+    void delete_user_with_empty_emails_should_return_400() {
+        UserDeletionRequest userDeletionRequest = new UserDeletionRequest(new ArrayList<String>());
+
+        Map<String, Object> updateResponse = professionalReferenceDataClient
+            .deleteUser(userDeletionRequest,  hmctsAdmin);
+
+        assertThat(updateResponse).containsEntry("http_status", "400");
+        assertThat(updateResponse.get("response_body").toString())
+            .contains("Please provide both email addresses");
+
+    }
+
+
+
+
+
+
+
+}
diff --git a/...onTest/java/uk/gov/hmcts/reform/professionalapi/util/ProfessionalReferenceDataClient.java b/...onTest/java/uk/gov/hmcts/reform/professionalapi/util/ProfessionalReferenceDataClient.java
@@ -28,6 +28,7 @@
 import uk.gov.hmcts.reform.professionalapi.controller.request.OrganisationOtherOrgsCreationRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.PbaRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.UpdatePbaRequest;
+import uk.gov.hmcts.reform.professionalapi.controller.request.UserDeletionRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.UsersInOrganisationsByOrganisationIdentifiersRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.response.OrganisationMinimalInfoResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.OrganisationResponse;
@@ -1039,4 +1040,26 @@ public Map<String, Object> retrieveUsersInOrganisationsByOrganisationIdentifiers
         String uriPath = sb.toString();
         return postRequest(uriPath, request, null, null);
     }
+
+
+    public Map<String, Object> deleteUser(UserDeletionRequest userDeletionRequest,
+                                          String hmctsAdmin) {
+        ResponseEntity<Map> responseEntity = null;
+        var urlPath = "http://localhost:" + prdApiPort + APP_INT_BASE_PATH + "/users";
+
+        try {
+            HttpEntity<UserDeletionRequest> requestEntity = new HttpEntity<>(userDeletionRequest,
+                getMultipleAuthHeaders(hmctsAdmin));
+            responseEntity = restTemplate.exchange(urlPath, HttpMethod.DELETE, requestEntity, Map.class);
+
+        } catch (RestClientResponseException ex) {
+            var statusAndBody = new HashMap<String, Object>();
+            statusAndBody.put("http_status", String.valueOf(ex.getRawStatusCode()));
+            statusAndBody.put("response_body", ex.getResponseBodyAsString());
+            return statusAndBody;
+        }
+        Map<String, Object> deleteUserResponse = new HashMap<>();
+        deleteUserResponse.put("http_status", responseEntity.getStatusCodeValue());
+        return deleteUserResponse;
+    }
 }
diff --git a/...va/uk/gov/hmcts/reform/professionalapi/controller/constants/ProfessionalApiConstants.java b/...va/uk/gov/hmcts/reform/professionalapi/controller/constants/ProfessionalApiConstants.java
@@ -130,6 +130,10 @@ private ProfessionalApiConstants() {
             "<br>- Passed payment account numbers are in an invalid format.<br>";
     public static final String DEL_ORG_PBA_NOTES_5 = "-The payment accounts are not associated with users organisation";
 
+    public static final String DEL_USER_UP = "- Users  deleted successfully.";
+
+    public static final String ERROR_USER_DELETED_UP = "- Error in deleting users.";
+
     public static final String GET_PBA_EMAIL_NOTES_1 =
             "**IDAM Roles to access API** : <br> pui-finance-manager,<br>pui-";
     public static final String GET_PBA_EMAIL_NOTES_2 =

diff --git a/.../gov/hmcts/reform/professionalapi/controller/internal/OrganisationInternalController.java b/.../gov/hmcts/reform/professionalapi/controller/internal/OrganisationInternalController.java
@@ -36,8 +36,10 @@
 import uk.gov.hmcts.reform.professionalapi.controller.request.OrganisationCreationRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.PbaRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.UpdatePbaRequest;
+import uk.gov.hmcts.reform.professionalapi.controller.request.UserDeletionRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.validator.impl.OrganisationByProfileIdsRequestValidator;
 import uk.gov.hmcts.reform.professionalapi.controller.response.DeleteOrganisationResponse;
+import uk.gov.hmcts.reform.professionalapi.controller.response.DeleteUserResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.MultipleOrganisationsResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.NewUserResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.OrganisationEntityResponse;
@@ -49,6 +51,7 @@
 import uk.gov.hmcts.reform.professionalapi.domain.Organisation;
 import uk.gov.hmcts.reform.professionalapi.domain.PbaResponse;
 
+import java.util.List;
 import java.util.Optional;
 import java.util.UUID;
 import javax.validation.Valid;
@@ -58,6 +61,7 @@
 
 import static org.apache.commons.lang3.BooleanUtils.isNotTrue;
 import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
+import static uk.gov.hmcts.reform.professionalapi.controller.constants.ProfessionalApiConstants.DEL_ORG_PBA_NOTES_1;
 import static uk.gov.hmcts.reform.professionalapi.controller.constants.ProfessionalApiConstants.ORGANISATION_IDENTIFIER_FORMAT_REGEX;
 import static uk.gov.hmcts.reform.professionalapi.controller.constants.ProfessionalApiConstants.ORG_ID_VALIDATION_ERROR_MESSAGE;
 import static uk.gov.hmcts.reform.professionalapi.controller.constants.ProfessionalApiConstants.ORG_NOT_ACTIVE;
@@ -745,4 +749,63 @@ public ResponseEntity<Object> retrieveOrganisationsByProfileIds(
                 .status(HttpStatus.OK)
                 .body(response);
     }
+
+    @Operation(
+        summary = "Deletes the provided list of user accounts from the organisation.",
+        description = "**IDAM Roles to access API** : <br> - pui-finance-manager",
+        security = {
+            @SecurityRequirement(name = "ServiceAuthorization"),
+            @SecurityRequirement(name = "Authorization")
+        }
+    )
+    @ApiResponse(
+        responseCode = "204",
+        description = "Successfully deleted the list of user accounts from the organisation.",
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "400",
+        description = DEL_ORG_PBA_NOTES_1,
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "401",
+        description = "Unauthorized Error : "
+            + "The requested resource is restricted and requires authentication",
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "403",
+        description = "Forbidden Error: "
+            + "Access denied for either invalid permissions or user is pending",
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "404",
+        description = "Resource Not Found Error: The user does not exist",
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "500",
+        description = "Internal Server Error",
+        content = @Content
+    )
+
+    @DeleteMapping(path = "/users")
+    @ResponseStatus(value = HttpStatus.NO_CONTENT)
+    @Secured({"prd-admin"})
+    public ResponseEntity<DeleteUserResponse> deleteUserFromOrganisation(
+        @io.swagger.v3.oas.annotations.parameters.RequestBody(description = "deletePbaRequest")
+        @Valid @NotNull @RequestBody UserDeletionRequest userDeletionRequest) {
+
+        List<String> emails = userDeletionRequest.getEmails();
+
+        DeleteUserResponse deleteUserResponse =
+            organisationService.deleteUserForOrganisation(emails);
+
+        return ResponseEntity
+            .status(deleteUserResponse.getStatusCode())
+            .body(deleteUserResponse);
+
+    }
 }
diff --git a/...main/java/uk/gov/hmcts/reform/professionalapi/controller/request/UserDeletionRequest.java b/...main/java/uk/gov/hmcts/reform/professionalapi/controller/request/UserDeletionRequest.java
@@ -0,0 +1,25 @@
+package uk.gov.hmcts.reform.professionalapi.controller.request;
+
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.util.List;
+
+@Getter
+@Setter
+@Builder(builderMethodName = "userDeletionRequest")
+public class UserDeletionRequest {
+
+    private List<String> emails;
+
+    @JsonCreator
+    public UserDeletionRequest(
+        @JsonProperty("emails") List<String> emails
+    ) {
+        this.emails = emails;
+    }
+}