DTSRD-2133. Delete organisation and user from UP even if he is in active status

src/contractTest/java/uk/gov/hmcts/reform/professionalapi/provider/OrganisationalExternalControllerProviderUsersTest.java

@@ -36,6 +36,7 @@
 import uk.gov.hmcts.reform.professionalapi.repository.IdamRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.OrganisationRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.ProfessionalUserRepository;
+import uk.gov.hmcts.reform.professionalapi.repository.UserAttributeRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.UserConfiguredAccessRepository;
 import uk.gov.hmcts.reform.professionalapi.service.ProfessionalUserService;
 
@@ -94,6 +95,9 @@ public class OrganisationalExternalControllerProviderUsersTest extends WebMvcPro
     @Mock
     SecurityContext securityContext;
 
+    @Autowired
+    UserAttributeRepository userAttributeRepository;
+
     private final ObjectMapper objectMapper = new ObjectMapper();
     private Organisation organisation;
 

src/contractTest/java/uk/gov/hmcts/reform/professionalapi/provider/OrganisationalExternalControllerProviderUsersTestConfiguration.java

@@ -16,6 +16,7 @@
 import uk.gov.hmcts.reform.professionalapi.repository.OrganisationRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PaymentAccountRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PrdEnumRepository;
+import uk.gov.hmcts.reform.professionalapi.repository.UserAttributeRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.UserConfiguredAccessRepository;
 import uk.gov.hmcts.reform.professionalapi.service.FeatureToggleService;
 import uk.gov.hmcts.reform.professionalapi.service.PaymentAccountService;
@@ -68,6 +69,9 @@ public class OrganisationalExternalControllerProviderUsersTestConfiguration exte
     @MockBean
     OrgAttributeRepository orgAttributeRepository;
 
+    @MockBean
+    UserAttributeRepository userAttributeRepository;
+
     @Bean
     @Primary
     protected OrganisationServiceImpl organisationService() {

src/contractTest/java/uk/gov/hmcts/reform/professionalapi/provider/OrganisationalInternalControllerProviderTest.java

@@ -37,6 +37,7 @@
 import uk.gov.hmcts.reform.professionalapi.repository.OrganisationRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PaymentAccountRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.ProfessionalUserRepository;
+import uk.gov.hmcts.reform.professionalapi.repository.UserAttributeRepository;
 import uk.gov.hmcts.reform.professionalapi.service.MfaStatusService;
 import uk.gov.hmcts.reform.professionalapi.service.PaymentAccountService;
 import uk.gov.hmcts.reform.professionalapi.service.PrdEnumService;
@@ -107,6 +108,10 @@ public class OrganisationalInternalControllerProviderTest extends MockMvcProvide
     @Autowired
     OrganisationIdentifierValidatorImpl organisationIdentifierValidatorImplMock;
 
+    @Autowired
+    UserAttributeRepository userAttributeRepository;
+
+
     public static final String ORG_NAME = "Org-Name";
     public static final String SRA_ID = "sra-id";
     public static final String COMPANY_NUMBER = "companyN";

src/contractTest/java/uk/gov/hmcts/reform/professionalapi/provider/OrganisationalInternalControllerProviderTestConfiguration.java

@@ -14,6 +14,7 @@
 import uk.gov.hmcts.reform.professionalapi.repository.OrganisationRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PaymentAccountRepository;
 import uk.gov.hmcts.reform.professionalapi.repository.PrdEnumRepository;
+import uk.gov.hmcts.reform.professionalapi.repository.UserAttributeRepository;
 import uk.gov.hmcts.reform.professionalapi.service.PaymentAccountService;
 import uk.gov.hmcts.reform.professionalapi.service.ProfessionalUserService;
 import uk.gov.hmcts.reform.professionalapi.service.UserAttributeService;
@@ -58,6 +59,9 @@ public class OrganisationalInternalControllerProviderTestConfiguration extends P
 
     @MockBean
     OrganisationMfaStatusRepository organisationMfaStatusRepository;
+    @MockBean
+    UserAttributeRepository userAttributeRepository;
+
 
     @Bean
     @Primary

src/integrationTest/java/uk/gov/hmcts/reform/professionalapi/DeleteOrganisationIntTest.java

@@ -89,15 +89,14 @@ void return_404_when_un_known_org_identifier_in_the_request_to_delete_pending_or
     }
 
     @Test
-    void returns_400_with_error_msg_when_delete_active_organisation_with_active_user_profile() {
+    void returns_200_when_delete_active_organisation_with_active_user_profile() {
         userProfileCreateUserWireMock(HttpStatus.resolve(201));
         String orgIdentifier = createAndActivateOrganisation();
-
+        getUserProfileByEmailWireMock(HttpStatus.resolve(200));
+        deleteUserProfileMock(HttpStatus.resolve(204));
         Map<String, Object> deleteResponse =
             professionalReferenceDataClient.deleteOrganisation(hmctsAdmin, orgIdentifier);
-        assertThat(deleteResponse.get("http_status")).isEqualTo("400");
-        assertThat((String) deleteResponse.get("response_body"))
-            .contains("The organisation admin is not in Pending state");
+        assertThat(deleteResponse.get("http_status")).isEqualTo(204);
 
     }
 
@@ -114,13 +113,14 @@ void returns_204_when_delete_active_organisation_with_one_pending_user_profile()
     }
 
     @Test
-    void returns_400_when_delete_active_organisation_with_more_than_one__user_profile() {
+    void returns_200_when_delete_active_organisation_with_more_than_one_user_profile() {
         List<String> userRoles = new ArrayList<>();
         userRoles.add("pui-user-manager");
 
         userProfileCreateUserWireMock(HttpStatus.resolve(201));
         String orgIdentifier = createAndActivateOrganisation();
-
+        getUserProfileByEmailWireMock(HttpStatus.resolve(200));
+        deleteUserProfileMock(HttpStatus.resolve(204));
         Map<String, Object> newUserResponse = professionalReferenceDataClient
                 .addUserToOrganisation(orgIdentifier,
                         inviteUserCreationRequest("[email protected]", userRoles), hmctsAdmin);
@@ -132,7 +132,7 @@ void returns_400_when_delete_active_organisation_with_more_than_one__user_profil
 
         Map<String, Object> deleteResponse =
                 professionalReferenceDataClient.deleteOrganisation(hmctsAdmin, orgIdentifier);
-        assertThat(deleteResponse.get("http_status")).isEqualTo("400");
+        assertThat(deleteResponse.get("http_status")).isEqualTo(204);
     }
 
     @Test

src/integrationTest/java/uk/gov/hmcts/reform/professionalapi/DeleteOtherOrganisationIntTest.java

@@ -77,15 +77,14 @@ void return_forbidden_when_no_role_associated_with_end_point_to_delete_pending_o
 
 
     @Test
-    void returns_400_with_error_msg_when_delete_active_otherOrganisation_with_active_user_profile() {
+    void returns_200_with_error_msg_when_delete_active_otherOrganisation_with_active_user_profile() {
         userProfileCreateUserWireMock(HttpStatus.resolve(201));
         String orgIdentifier = createAndActivateOtherOrganisation();
-
+        getUserProfileByEmailWireMock(HttpStatus.resolve(200));
+        deleteUserProfileMock(HttpStatus.resolve(204));
         Map<String, Object> deleteResponse =
                 professionalReferenceDataClient.deleteOrganisation(hmctsAdmin, orgIdentifier);
-        assertThat(deleteResponse.get("http_status")).isEqualTo("400");
-        assertThat((String) deleteResponse.get("response_body"))
-                .contains("The organisation admin is not in Pending state");
+        assertThat(deleteResponse.get("http_status")).isEqualTo(204);
 
     }
 
@@ -102,13 +101,16 @@ void returns_204_when_delete_active_otherOrganisation_with_one_pending_user_prof
     }
 
     @Test
-    void returns_400_when_delete_active_otherOrganisation_with_more_than_one__user_profile() {
+    void returns_200_when_delete_active_otherOrganisation_with_more_than_one__user_profile() {
         List<String> userRoles = new ArrayList<>();
         userRoles.add("pui-user-manager");
 
         userProfileCreateUserWireMock(HttpStatus.resolve(201));
         String orgIdentifier = createAndActivateOtherOrganisation();
 
+        getUserProfileByEmailWireMock(HttpStatus.resolve(200));
+        deleteUserProfileMock(HttpStatus.resolve(204));
+
         Map<String, Object> newUserResponse = professionalReferenceDataClient
                 .addUserToOrganisation(orgIdentifier,
                         inviteUserCreationRequest("[email protected]", userRoles), hmctsAdmin);
@@ -118,9 +120,11 @@ void returns_400_when_delete_active_otherOrganisation_with_more_than_one__user_p
         assertThat(newUserResponse).isNotNull();
         assertEquals(newUserResponse.get(USER_IDENTIFIER), userIdentifierResponse);
 
+
+
         Map<String, Object> deleteResponse =
                 professionalReferenceDataClient.deleteOrganisation(hmctsAdmin, orgIdentifier);
-        assertThat(deleteResponse.get("http_status")).isEqualTo("400");
+        assertThat(deleteResponse.get("http_status")).isEqualTo(204);
     }
 
     @Test

src/main/java/uk/gov/hmcts/reform/professionalapi/controller/internal/OrganisationInternalController.java

@@ -36,8 +36,10 @@
 import uk.gov.hmcts.reform.professionalapi.controller.request.OrganisationCreationRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.PbaRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.UpdatePbaRequest;
+import uk.gov.hmcts.reform.professionalapi.controller.request.UserDeletionRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.request.validator.impl.OrganisationByProfileIdsRequestValidator;
 import uk.gov.hmcts.reform.professionalapi.controller.response.DeleteOrganisationResponse;
+import uk.gov.hmcts.reform.professionalapi.controller.response.DeleteUserResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.MultipleOrganisationsResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.NewUserResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.OrganisationEntityResponse;
@@ -49,6 +51,7 @@
 import uk.gov.hmcts.reform.professionalapi.domain.Organisation;
 import uk.gov.hmcts.reform.professionalapi.domain.PbaResponse;
 
+import java.util.List;
 import java.util.Optional;
 import java.util.UUID;
 import javax.validation.Valid;
@@ -58,6 +61,7 @@
 
 import static org.apache.commons.lang3.BooleanUtils.isNotTrue;
 import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
+import static uk.gov.hmcts.reform.professionalapi.controller.constants.ProfessionalApiConstants.DEL_ORG_PBA_NOTES_1;
 import static uk.gov.hmcts.reform.professionalapi.controller.constants.ProfessionalApiConstants.ORGANISATION_IDENTIFIER_FORMAT_REGEX;
 import static uk.gov.hmcts.reform.professionalapi.controller.constants.ProfessionalApiConstants.ORG_ID_VALIDATION_ERROR_MESSAGE;
 import static uk.gov.hmcts.reform.professionalapi.controller.constants.ProfessionalApiConstants.ORG_NOT_ACTIVE;
@@ -744,4 +748,63 @@ public ResponseEntity<Object> retrieveOrganisationsByProfileIds(
                 .status(HttpStatus.OK)
                 .body(response);
     }
+
+    @Operation(
+        summary = "Deletes the provided list of user accounts from the organisation.",
+        description = "**IDAM Roles to access API** : <br> - pui-finance-manager",
+        security = {
+            @SecurityRequirement(name = "ServiceAuthorization"),
+            @SecurityRequirement(name = "Authorization")
+        }
+    )
+    @ApiResponse(
+        responseCode = "204",
+        description = "Successfully deleted the list of user accounts from the organisation.",
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "400",
+        description = DEL_ORG_PBA_NOTES_1,
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "401",
+        description = "Unauthorized Error : "
+            + "The requested resource is restricted and requires authentication",
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "403",
+        description = "Forbidden Error: "
+            + "Access denied for either invalid permissions or user is pending",
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "404",
+        description = "Resource Not Found Error: The user does not exist",
+        content = @Content
+    )
+    @ApiResponse(
+        responseCode = "500",
+        description = "Internal Server Error",
+        content = @Content
+    )
+
+    @DeleteMapping(path = "/users")
+    @ResponseStatus(value = HttpStatus.NO_CONTENT)
+    @Secured({"prd-admin"})
+    public ResponseEntity<DeleteUserResponse> deleteUserFromOrganisation(
+        @io.swagger.v3.oas.annotations.parameters.RequestBody(description = "deletePbaRequest")
+        @Valid @NotNull @RequestBody UserDeletionRequest userDeletionRequest) {
+
+        List<String> emails = userDeletionRequest.getEmails();
+
+        DeleteUserResponse deleteUserResponse =
+            organisationService.deleteUserForOrganisation(emails);
+
+        return ResponseEntity
+            .status(deleteUserResponse.getStatusCode())
+            .body(deleteUserResponse);
+
+    }
 }

src/main/java/uk/gov/hmcts/reform/professionalapi/controller/request/UserDeletionRequest.java

@@ -0,0 +1,31 @@
+package uk.gov.hmcts.reform.professionalapi.controller.request;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.util.List;
+
+@Getter
+@Setter
+@Builder(builderMethodName = "userDeletionRequest")
+public class UserDeletionRequest {
+
+    private String firstName;
+    private String lastName;
+    private List<String> emails;
+
+    @JsonCreator
+    public UserDeletionRequest(
+        @JsonProperty("firstName") String firstName,
+        @JsonProperty("lastName") String lastName,
+        @JsonProperty("emails") List<String> emails
+    ) {
+
+        this.firstName = firstName;
+        this.lastName = lastName;
+        this.emails = emails;
+    }
+}

src/main/java/uk/gov/hmcts/reform/professionalapi/controller/response/DeleteUserResponse.java

@@ -0,0 +1,17 @@
+package uk.gov.hmcts.reform.professionalapi.controller.response;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+public class DeleteUserResponse {
+
+    private int statusCode;
+    private String message;
+
+}

src/main/java/uk/gov/hmcts/reform/professionalapi/repository/UserAttributeRepository.java

@@ -1,6 +1,8 @@
 package uk.gov.hmcts.reform.professionalapi.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Modifying;
+import org.springframework.data.jpa.repository.Query;
 import org.springframework.stereotype.Repository;
 import uk.gov.hmcts.reform.professionalapi.domain.UserAttribute;
 
@@ -9,4 +11,9 @@
 @Repository
 public interface UserAttributeRepository extends JpaRepository<UserAttribute, UUID> {
 
+    @Modifying
+    @Query(value = "delete from dbrefdata.user_attribute ua where ua.professional_user_id = :profUserId ",
+        nativeQuery = true)
+    void deleteByProfessionalUserId(UUID profUserId);
+
 }

src/main/java/uk/gov/hmcts/reform/professionalapi/service/OrganisationService.java

@@ -8,6 +8,7 @@
 import uk.gov.hmcts.reform.professionalapi.controller.request.PbaRequest;
 import uk.gov.hmcts.reform.professionalapi.controller.response.BulkCustomerOrganisationsDetailResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.DeleteOrganisationResponse;
+import uk.gov.hmcts.reform.professionalapi.controller.response.DeleteUserResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.MultipleOrganisationsResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.OrganisationEntityResponse;
 import uk.gov.hmcts.reform.professionalapi.controller.response.OrganisationEntityResponseV2;
@@ -81,4 +82,5 @@ void addContactInformationsToOrganisation(
 
     ResponseEntity<OrganisationEntityResponse> retrieveOrganisationByUserId(String userId);
 
+    DeleteUserResponse deleteUserForOrganisation(List<String> emails);
 }