remove from group:

- strategy + spec - service WIP
hpi-schul-cloud · Sep 28, 2023 · dcb221d · dcb221d
1 parent 5b4fa78
commit dcb221d
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 1 deletion.
diff --git a/apps/server/src/modules/provisioning/strategy/oidc/oidc.strategy.spec.ts b/apps/server/src/modules/provisioning/strategy/oidc/oidc.strategy.spec.ts
@@ -198,6 +198,18 @@ describe('OidcStrategy', () => {
 				};
 			};
 
+			it('should call the OidcProvisioningService.removeUserFromExternalGroups', async () => {
+				const { oauthData } = setup();
+
+				await strategy.apply(oauthData);
+
+				expect(oidcProvisioningService.removeUserFromExternalGroups).toHaveBeenCalledWith(
+					oauthData.externalUser.externalId,
+					oauthData.externalGroups,
+					oauthData.system.systemId
+				);
+			});
+
 			it('should call the OidcProvisioningService.provisionExternalGroup for each group', async () => {
 				const { oauthData } = setup();
 
@@ -241,6 +253,14 @@ describe('OidcStrategy', () => {
 				};
 			};
 
+			it('should not call the OidcProvisioningService.removeUserFromExternalGroups', async () => {
+				const { oauthData } = setup();
+
+				await strategy.apply(oauthData);
+
+				expect(oidcProvisioningService.removeUserFromExternalGroups).not.toHaveBeenCalled();
+			});
+
 			it('should not call the OidcProvisioningService.provisionExternalGroup', async () => {
 				const { oauthData } = setup();
 

diff --git a/apps/server/src/modules/provisioning/strategy/oidc/oidc.strategy.ts b/apps/server/src/modules/provisioning/strategy/oidc/oidc.strategy.ts
@@ -24,7 +24,11 @@ export abstract class OidcProvisioningStrategy extends ProvisioningStrategy {
 		);
 
 		if (Configuration.get('FEATURE_SANIS_GROUP_PROVISIONING_ENABLED') && data.externalGroups) {
-			// TODO: N21-1212 remove user from groups
+			await this.oidcProvisioningService.removeUserFromExternalGroups(
+				data.externalUser.externalId,
+				data.externalGroups,
+				data.system.systemId
+			);
 
 			await Promise.all(
 				data.externalGroups.map((externalGroup) =>

diff --git a/apps/server/src/modules/provisioning/strategy/oidc/service/oidc-provisioning.service.ts b/apps/server/src/modules/provisioning/strategy/oidc/service/oidc-provisioning.service.ts
@@ -185,4 +185,19 @@ export class OidcProvisioningService {
 
 		return filteredUsers;
 	}
+
+	async removeUserFromExternalGroups(
+		externalUserId: EntityId,
+		externalGroups: ExternalGroupDto[],
+		systemId: EntityId
+	): Promise<void> {
+		const existingGroupsOfUser: Group[] = await this.groupService.findByUserId(externalUserId); // TODO implement service and repo function
+
+		const groupsWithoutUser: Group[] = await Promise.all(
+			existingGroupsOfUser.map(async (existingGroup: Group): Promise<Group> => {
+				// TODO check for existingGroup not in externalGroups[] and remove user from this group
+			})
+		);
+		// TODO remove all groupsWithoutUser.length === 0
+	}
 }