io.gravitee.common.http.HttpStatusCode Java Examples

@Test
public void shouldHavePromotedApiIfCategoryWithoutHighLightedApi() throws TechnicalException {
    doReturn(new CategoryEntity()).when(categoryService).findById("myCat");

    final Response response = target().queryParam("size", 3).queryParam("promoted", true).queryParam("category", "myCat").request().get();
    assertEquals(HttpStatusCode.OK_200, response.getStatus());

    ArgumentCaptor<ApiEntity> apiEntityCaptor = ArgumentCaptor.forClass(ApiEntity.class);
    Mockito.verify(apiMapper, Mockito.times(1)).convert(apiEntityCaptor.capture());
    final List<String> allNameValues = apiEntityCaptor.getAllValues().stream().map(a -> a.getName())
            .collect(Collectors.toList());
    assertEquals(1, allNameValues.size());
    assertTrue(allNameValues.containsAll(Arrays.asList("1")));

    ApisResponse apiResponse = response.readEntity(ApisResponse.class);
    assertEquals(1, apiResponse.getData().size());
}
 

@Test
public void shouldNotInvokeAuthorizationEndpoint_implicitFlow_nonceMissing() throws Exception {
    final Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    client.setScopes(Collections.singletonList("read"));
    client.setRedirectUris(Collections.singletonList("http://localhost:9999/callback"));

    testRequest(
            HttpMethod.GET,
            "/oauth/authorize?response_type=id_token&client_id=client-id&redirect_uri=http://localhost:9999/callback",
            null,
            resp -> {
                String location = resp.headers().get("location");
                assertNotNull(location);
                assertTrue(location.contains("/test/oauth/error?client_id=client-id&error=invalid_request&error_description=Missing+parameter%253A+nonce+is+required+for+Implicit+and+Hybrid+Flow"));
                },
            HttpStatusCode.FOUND_302, "Found", null);
}
 

@Test
public void shouldNotInvokeAuthorizationEndpoint_noUser_code_challenge_method_without_code_challenge() throws Exception {
    final Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    client.setRedirectUris(Collections.singletonList("http://localhost:9999/callback"));

    when(clientSyncService.findByClientId("client-id")).thenReturn(Maybe.just(client));

    router.route().order(-1).handler(routingContext -> {
        routingContext.put(CLIENT_CONTEXT_KEY, client);
        routingContext.next();
    });

    testRequest(
            HttpMethod.GET,
            "/oauth/authorize?response_type=code&client_id=client-id&redirect_uri=http://localhost:9999/callback&code_challenge_method=plain",
            null,
            resp -> {
                String location = resp.headers().get("location");
                assertNotNull(location);
                assertEquals("http://localhost:9999/callback?error=invalid_request&error_description=Missing+parameter%253A+code_challenge", location);
            },
            HttpStatusCode.FOUND_302, "Found", null);
}
 

/**
 * Read client_metadata.
 * See <a href="https://openid.net/specs/openid-connect-registration-1_0.html#ReadRequest">Read Request</a>
 * See <a href="https://openid.net/specs/openid-connect-registration-1_0.html#ReadResponse">Read Response</a>
 *
 * @param context
 */
public void read(RoutingContext context) {
    LOGGER.debug("Dynamic client registration GET endpoint");

    this.getClient(context)
            .map(DynamicClientRegistrationResponse::fromClient)
            .map(response -> {
                //The Authorization Server need not include the registration access_token or client_uri unless they have been updated.
                response.setRegistrationAccessToken(null);
                response.setRegistrationClientUri(null);
                return response;
            })
            .subscribe(
                    result -> context.response()
                            .putHeader(HttpHeaders.CACHE_CONTROL, "no-store")
                            .putHeader(HttpHeaders.PRAGMA, "no-cache")
                            .putHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON)
                            .setStatusCode(HttpStatusCode.OK_200)
                            .end(Json.encodePrettily(result))
                    , error -> context.fail(error)
            );
}
 

@Test
public void shouldGetFetcherWithoutSchema() {
    Mockito.reset(fetcherService);
    FetcherEntity fetcherEntity = new FetcherEntity();
    fetcherEntity.setId("my-id");

    when(fetcherService.findById("my-id")).thenReturn(fetcherEntity);
    when(fetcherService.getSchema(anyString())).thenReturn("schema");

    final Response response = target().request().get();

    assertThat(response).isNotNull();
    assertThat(response.getStatus()).isEqualTo(HttpStatusCode.OK_200);
    Object o = response.readEntity(Object.class);
    assertThat(o).isNotNull();
    assertThat(o).isInstanceOf(LinkedHashMap.class);
    LinkedHashMap<String, String> elt = (LinkedHashMap<String, String>)o;
    assertThat(elt).hasSize(1);
    assertThat(elt.get("id")).isEqualTo("my-id");

    verify(fetcherService, times(1)).findById("my-id");
    verify(fetcherService, times(0)).getSchema(anyString());
}
 

public void list(RoutingContext context) {
    final JWT accessToken = context.get(OAuth2AuthHandler.TOKEN_CONTEXT_KEY);
    final Client client = context.get(OAuth2AuthHandler.CLIENT_CONTEXT_KEY);
    final String resource = context.request().getParam(RESOURCE_ID);

    resourceService.findAccessPolicies(domain.getId(), client.getId(), accessToken.getSub(), resource)
            .map(accessPolicies -> accessPolicies.stream().map(AccessPolicy::getId).collect(Collectors.toList()))
            .subscribe(
                    response -> context.response()
                            .putHeader(HttpHeaders.CACHE_CONTROL, "no-store")
                            .putHeader(HttpHeaders.PRAGMA, "no-cache")
                            .putHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON)
                            .setStatusCode(response.isEmpty() ? HttpStatusCode.NO_CONTENT_204 : HttpStatusCode.OK_200)
                            .end(Json.encodePrettily(response))
                    , error -> context.fail(error)
            );
}
 

@Test
public void shouldRenewClientSecret() {
    final String domainId = "domain-id";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    final String clientId = "client-id";
    final Application mockClient = new Application();
    mockClient.setId(clientId);
    mockClient.setName("client-name");
    mockClient.setDomain(domainId);

    doReturn(Single.just(Permission.allPermissionAcls(ReferenceType.APPLICATION))).when(permissionService).findAllPermissions(any(User.class), eq(ReferenceType.APPLICATION), anyString());
    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Single.just(mockClient)).when(applicationService).renewClientSecret(eq(domainId), eq(clientId), any());

    final Response response = target("domains")
            .path(domainId)
            .path("applications")
            .path(clientId)
            .path("secret/_renew")
            .request()
            .post(null);
    assertEquals(HttpStatusCode.OK_200, response.getStatus());
}
 

@Test
@Ignore
public void shouldUpdate() {
    final String emailId = "email-1";
    final String domainId = "domain-1";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    UpdateEmail updateEmail = new UpdateEmail();
    updateEmail.setFrom("test");
    updateEmail.setSubject("subject");
    updateEmail.setContent("content");
    updateEmail.setExpiresAfter(1000);

    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Single.just(new Email())).when(emailTemplateService).update(eq(domainId), eq(emailId), any(), any(User.class));
    doReturn(Single.just(new Email())).when(emailManager).reloadEmail(any());

    final Response response = target("domains")
            .path(domainId)
            .path("emails")
            .path(emailId)
            .request().put(Entity.json(updateEmail));
    assertEquals(HttpStatusCode.OK_200, response.getStatus());
}
 

/**
 * https://docs.kantarainitiative.org/uma/wg/rec-oauth-uma-federated-authz-2.0.html#reg-api
 * The spec state that if the resource can not be found, it must result in a 404.
 * By the way this may be better than a 403 to avoid confirming ids to a potential attacks.
 * @param context
 */
public void update(RoutingContext context) {
    JWT accessToken = context.get(OAuth2AuthHandler.TOKEN_CONTEXT_KEY);
    Client client = context.get(OAuth2AuthHandler.CLIENT_CONTEXT_KEY);
    String resource_id = context.request().getParam(RESOURCE_ID);

    this.extractRequest(context)
            .flatMap(request -> this.resourceService.update(request, domain.getId(), client.getId(), accessToken.getSub(), resource_id))
            .subscribe(
                    resource -> context.response()
                            .putHeader(HttpHeaders.CACHE_CONTROL, "no-store")
                            .putHeader(HttpHeaders.PRAGMA, "no-cache")
                            .putHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON)
                            .setStatusCode(HttpStatusCode.OK_200)
                            .end(Json.encodePrettily(ResourceResponse.from(resource)))
                    , error -> context.fail(error)
            );
}
 

@Test
public void shouldGetCertificate() {
    final String domainId = "domain-id";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    final String certificateId = "certificate-id";
    final Certificate mockCertificate = new Certificate();
    mockCertificate.setId(certificateId);
    mockCertificate.setName("certificate-name");
    mockCertificate.setDomain(domainId);

    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Maybe.just(mockCertificate)).when(certificateService).findById(certificateId);

    final Response response = target("domains").path(domainId).path("certificates").path(certificateId).request().get();
    assertEquals(HttpStatusCode.OK_200, response.getStatus());

    final Certificate certificate = readEntity(response, Certificate.class);
    assertEquals(domainId, certificate.getDomain());
    assertEquals(certificateId, certificate.getId());
}
 

@Test
public void shouldCreate() {
    NewDomain newDomain = new NewDomain();
    newDomain.setName("domain-name");

    Domain domain = new Domain();
    domain.setId("domain-id");
    domain.setName("domain-name");

    doReturn(Single.just(domain)).when(domainService).create(eq("DEFAULT"), eq("DEFAULT"), any(), any());
    doReturn(Single.just(new IdentityProvider())).when(identityProviderManager).create(domain.getId());
    doReturn(Single.just(new Reporter())).when(reporterService).createDefault(domain.getId());

    final Response response = target("domains").request().post(Entity.json(newDomain));
    assertEquals(HttpStatusCode.CREATED_201, response.getStatus());
}
 

@Test
public void shouldInvokeJWKSetEndpoint() throws Exception {
    JWK jwk = new RSAKey();
    jwk.setKty("RSA");
    jwk.setKid("my-test-key");

    JWKSet jwkSet = new JWKSet();
    jwkSet.setKeys(Collections.singletonList(jwk));

    when(jwkService.getKeys()).thenReturn(Single.just(jwkSet));

    testRequest(
            HttpMethod.GET, "/.well-known/jwks.json",
            HttpStatusCode.OK_200, "OK", "{\n" +
                    "  \"keys\" : [ {\n" +
                    "    \"kty\" : \"RSA\",\n" +
                    "    \"kid\" : \"my-test-key\"\n" +
                    "  } ]\n" +
                    "}");
}
 

@Test
public void shouldGetRole() {
    final String domainId = "domain-id";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    final String roleId = "role-id";
    final Role mockRole = new Role();
    mockRole.setId(roleId);
    mockRole.setName("role-name");
    mockRole.setReferenceId(domainId);

    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Maybe.just(mockRole)).when(roleService).findById(roleId);

    final Response response = target("domains").path(domainId).path("roles").path(roleId).request().get();
    assertEquals(HttpStatusCode.OK_200, response.getStatus());

    final Role role = readEntity(response, Role.class);
    assertEquals(domainId, role.getReferenceId());
    assertEquals(roleId, role.getId());
}
 

@Test
public void shouldNotInvokeAuthorizationEndpoint_noUser_noRedirectUri() throws Exception {
    final Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    client.setRedirectUris(Collections.singletonList("http://localhost:9999/callback"));

    when(clientSyncService.findByClientId("client-id")).thenReturn(Maybe.just(client));

    testRequest(
            HttpMethod.GET,
            "/oauth/authorize?response_type=code&client_id=client-id",
            null,
            resp -> {
                String location = resp.headers().get("location");
                assertNotNull(location);
                assertTrue(location.contains("http://localhost:9999/callback?error=access_denied"));
            },
            HttpStatusCode.FOUND_302, "Found", null);
}
 

@Test
public void shouldNotAddMember_groupNotFound() {
    final String domainId = "domain-1";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    final Group mockGroup = new Group();
    mockGroup.setId("group-id-1");

    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Maybe.empty()).when(groupService).findById(mockGroup.getId());

    final Response response = target("domains")
            .path(domainId)
            .path("groups")
            .path(mockGroup.getId())
            .path("members")
            .path("member-1")
            .request()
            .post(null);

    assertEquals(HttpStatusCode.NOT_FOUND_404, response.getStatus());
}
 

@Test
public void shouldFallbackToDefaultHandler_noProcessorFailureKey() {
    ResponseTemplate template = new ResponseTemplate();
    template.setStatusCode(HttpStatusCode.BAD_REQUEST_400);

    Map<String, ResponseTemplate> mapTemplates = new HashMap<>();
    mapTemplates.put(ResponseTemplateBasedFailureProcessor.WILDCARD_CONTENT_TYPE, template);

    ResponseTemplates responseTemplates = new ResponseTemplates();
    responseTemplates.setTemplates(mapTemplates);

    Map<String, ResponseTemplates> templates = new HashMap<>();
    templates.put("POLICY_ERROR_KEY", responseTemplates);

    processor = new ResponseTemplateBasedFailureProcessor(templates);
    processor.handler(next);

    // Set failure
    DummyProcessorFailure failure = new DummyProcessorFailure();
    failure.setStatusCode(HttpStatusCode.INTERNAL_SERVER_ERROR_500);
    when(context.getAttribute(ExecutionContext.ATTR_PREFIX + "failure")).thenReturn(failure);

    processor.handle(context);

    verify(response, times(1)).status(HttpStatusCode.INTERNAL_SERVER_ERROR_500);
}
 

@Test
public void shouldInvokeUserEndpoint() throws Exception {
    User user = new User();
    user.setAdditionalInformation(Collections.singletonMap("sub", "user"));

    JWT jwt = new JWT();
    jwt.setJti("id-token");
    jwt.setAud("client-id");
    jwt.setSub("id-subject");
    jwt.setScope("openid");

    Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");

    router.route().order(-1).handler(createOAuth2AuthHandler(oAuth2AuthProvider(jwt, client)));

    when(userService.findById(anyString())).thenReturn(Maybe.just(user));

    testRequest(
            HttpMethod.GET, "/userinfo", req -> req.putHeader(HttpHeaders.AUTHORIZATION, "Bearer test-token"),
            HttpStatusCode.OK_200, "OK", null);
}
 

@Test
public void shouldGetMembers() {
    Organization organization = new Organization();
    organization.setId("orga#1");

    Membership membership = new Membership();
    membership.setId("membership#1");

    doReturn(Single.just(organization)).when(organizationService).findById(organization.getId());
    doReturn(Single.just(Arrays.asList(membership))).when(membershipService).findByReference(organization.getId(), ReferenceType.ORGANIZATION);
    doReturn(Single.just(new HashMap<>())).when(membershipService).getMetadata(anyList());

    final Response response = target("organizations")
            .path(organization.getId())
            .path("members")
            .request()
            .get();

    assertEquals(HttpStatusCode.OK_200, response.getStatus());
}
 

@Test
public void shouldGetUser() {
    final String domainId = "domain-id";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    final String userId = "user-id";
    final User mockUser = new User();
    mockUser.setId(userId);
    mockUser.setUsername("user-username");
    mockUser.setReferenceType(ReferenceType.DOMAIN);
    mockUser.setReferenceId(domainId);

    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Maybe.just(mockUser)).when(userService).findById(userId);

    final Response response = target("domains").path(domainId).path("users").path(userId).request().get();
    assertEquals(HttpStatusCode.OK_200, response.getStatus());

    final User user = readEntity(response, User.class);
    assertEquals(domainId, user.getReferenceId());
    assertEquals("user-username", user.getUsername());
}
 

@Test
public void shouldNotInvokeAuthorizationEndpoint_prompt_login() throws Exception {
    final Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    client.setScopes(Collections.singletonList("read"));
    client.setRedirectUris(Collections.singletonList("http://localhost:9999/callback"));

    when(clientSyncService.findByClientId("client-id")).thenReturn(Maybe.just(client));

    router.route().order(-1).handler(routingContext -> {
        routingContext.setUser(new User(new io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User(new io.gravitee.am.model.User())));
        routingContext.next();
    });

    testRequest(
            HttpMethod.GET,
            "/oauth/authorize?response_type=code&client_id=client-id&redirect_uri=http://localhost:9999/callback&prompt=login",
            null,
            resp -> {
                String location = resp.headers().get("location");
                assertNotNull(location);
                assertEquals("http://localhost:9999/callback?error=access_denied", location);
            },
            HttpStatusCode.FOUND_302, "Found", null);
}
 

@Test
public void shouldGetEmail() {
    final String domainId = "domain-1";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    final Email mockEmail = new Email();
    mockEmail.setId("email-1-id");
    mockEmail.setTemplate(Template.LOGIN.template());
    mockEmail.setReferenceType(ReferenceType.DOMAIN);
    mockEmail.setReferenceId(domainId);

    doReturn(Maybe.just(mockEmail)).when(emailTemplateService).findByDomainAndTemplate(domainId, Template.LOGIN.template());

    final Response response = target("domains").path(domainId).path("emails").queryParam("template", Template.LOGIN).request().get();
    assertEquals(HttpStatusCode.OK_200, response.getStatus());

    final Email responseEntity = readEntity(response, Email.class);
    assertTrue(responseEntity.getId().equals("email-1-id"));
}
 

@Test
public void shouldFail_UserAlreadyExistsException() throws Exception {
    Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    client.setRedirectUris(Collections.singletonList("http://localhost:9999/callback"));

    router.route().order(-1).handler(routingContext -> {
        routingContext.put("client", client);
        routingContext.next();
    });

    when(userService.register(eq(client), any(), any())).thenReturn(Single.error(new UserAlreadyExistsException("test")));

    testRequest(
            HttpMethod.POST, "/register",
            null,
            resp -> {
                String location = resp.headers().get("location");
                assertNotNull(location);
                assertTrue(location.endsWith("/register?error=registration_failed&client_id=client-id"));
            },
            HttpStatusCode.FOUND_302, "Found", null);
}
 

@Test
public void shouldRevokeUserConsent() {
    final String domainId = "domain-1";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    final User mockUser = new User();
    mockUser.setId("user-id-1");

    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Completable.complete()).when(scopeApprovalService).revokeByConsent(eq(domainId), eq(mockUser.getId()), eq("consent1"), any());

    final Response response = target("domains")
            .path(domainId)
            .path("users")
            .path(mockUser.getId())
            .path("consents")
            .path("consent1")
            .request()
            .delete();

    assertEquals(HttpStatusCode.NO_CONTENT_204, response.getStatus());
}
 

@Test
public void shouldGetExtensionGrant() {
    final String domainId = "domain-id";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    final String extensionGrantId = "extensionGrant-id";
    final ExtensionGrant mockExtensionGrant = new ExtensionGrant();
    mockExtensionGrant.setId(extensionGrantId);
    mockExtensionGrant.setName("extensionGrant-name");
    mockExtensionGrant.setDomain(domainId);

    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Maybe.just(mockExtensionGrant)).when(extensionGrantService).findById(extensionGrantId);

    final Response response = target("domains").path(domainId).path("extensionGrants").path(extensionGrantId).request().get();
    assertEquals(HttpStatusCode.OK_200, response.getStatus());

    final ExtensionGrant extensionGrant = readEntity(response, ExtensionGrant.class);
    assertEquals(domainId, extensionGrant.getDomain());
    assertEquals(extensionGrantId, extensionGrant.getId());
}
 

@Test
public void testInvokeTokenEndpoint_umaException() throws Exception{
    Client client = new Client();
    client.setClientId("my-client");
    client.setAuthorizedGrantTypes(Arrays.asList(GrantType.UMA));

    router.route().order(-1).handler(routingContext -> {
        routingContext.put("client", client);
        routingContext.next();
    });

    when(tokenGranter.grant(any(TokenRequest.class), any(io.gravitee.am.model.oidc.Client.class))).thenReturn(Single.error(UmaException.requestDeniedBuilder().build()));

    testRequest(
            HttpMethod.POST, "/oauth/token?client_id=my-client&client_secret=my-secret&grant_type=urn:ietf:params:oauth:grant-type:uma-ticket",
            HttpStatusCode.FORBIDDEN_403, "Forbidden");
}
 

@Test
public void shouldCreate() {
    final String domainId = "domain-1";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    NewCertificate newCertificate = new NewCertificate();
    newCertificate.setName("certificate-name");
    newCertificate.setType("certificate-type");
    newCertificate.setConfiguration("certificate-configuration");

    Certificate certificate = new Certificate();
    certificate.setId("certificate-id");
    certificate.setName("certificate-name");

    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Maybe.just("certificate-schema")).when(certificatePluginService).getSchema(anyString());
    doReturn(Single.just(certificate)).when(certificateService).create(eq(domainId), any(), any());

    final Response response = target("domains")
            .path(domainId)
            .path("certificates")
            .request().post(Entity.json(newCertificate));
    assertEquals(HttpStatusCode.CREATED_201, response.getStatus());
}
 

@OnRequestContent
public ReadWriteStream onRequestContent(Request request, PolicyChain policyChain) {
    return new BufferedReadWriteStream() {

        Buffer buffer = Buffer.buffer();

        @Override
        public SimpleReadWriteStream<Buffer> write(Buffer content) {
            buffer.appendBuffer(content);
            return this;
        }

        @Override
        public void end() {
            policyChain.streamFailWith(PolicyResult.failure(GATEWAY_INVALID_REQUEST_KEY, HttpStatusCode.BAD_REQUEST_400, "Bad request"));
        }
    };
}
 

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Find a email for a client",
        notes = "User must have APPLICATION_EMAIL_TEMPLATE[READ] permission on the specified client " +
                "or APPLICATION_EMAIL_TEMPLATE[READ] permission on the specified domain " +
                "or APPLICATION_EMAIL_TEMPLATE[READ] permission on the specified environment " +
                "or APPLICATION_EMAIL_TEMPLATE[READ] permission on the specified organization")
@ApiResponses({
        @ApiResponse(code = 200, message = "Email successfully fetched"),
        @ApiResponse(code = 500, message = "Internal server error")})
public void get(
        @PathParam("organizationId") String organizationId,
        @PathParam("environmentId") String environmentId,
        @PathParam("domain") String domain,
        @PathParam("client") String client,
        @NotNull @QueryParam("template") Template emailTemplate,
        @Suspended final AsyncResponse response) {

    checkAnyPermission(organizationId, environmentId, domain, client, Permission.APPLICATION_EMAIL_TEMPLATE, Acl.READ)
            .andThen(emailTemplateService.findByDomainAndClientAndTemplate(domain, client, emailTemplate.template())
                    .map(email -> Response.ok(email).build())
                    .defaultIfEmpty(Response.status(HttpStatusCode.NOT_FOUND_404).build()))
            .subscribe(response::resume, response::resume);
}
 

@Test
public void shouldAddMember() {
    Organization organization = new Organization();
    organization.setId(Organization.DEFAULT);

    Membership membership = new Membership();
    membership.setId("membership-1");

    doReturn(Single.just(organization)).when(organizationService).findById(organization.getId());
    doReturn(Single.just(membership)).when(membershipService).addOrUpdate(eq(organization.getId()), any(Membership.class), any(io.gravitee.am.identityprovider.api.User.class));

    NewMembership newMembership = new NewMembership();
    newMembership.setMemberId("member#1");
    newMembership.setMemberType(MemberType.USER);
    newMembership.setRole("role#1");

    final Response response = target("organizations")
            .path(organization.getId())
            .path("members")
            .request()
            .post(Entity.json(newMembership));

    assertEquals(HttpStatusCode.CREATED_201, response.getStatus());
}
 

@Test
public void shouldNotRemoveMember_userNotFound() {
    final String domainId = "domain-1";
    final Domain mockDomain = new Domain();
    mockDomain.setId(domainId);

    final Group mockGroup = new Group();
    mockGroup.setId("group-id-1");

    doReturn(Maybe.just(mockDomain)).when(domainService).findById(domainId);
    doReturn(Maybe.just(mockGroup)).when(groupService).findById(mockGroup.getId());
    doReturn(Maybe.empty()).when(userService).findById("member-1");

    final Response response = target("domains")
            .path(domainId)
            .path("groups")
            .path(mockGroup.getId())
            .path("members")
            .path("member-1")
            .request()
            .delete();

    assertEquals(HttpStatusCode.NOT_FOUND_404, response.getStatus());
}