From edb3d776aab47cb249c3552b2d10976baab39730 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Fri, 19 Jul 2024 16:55:03 +0100
Subject: [PATCH 01/30] Set reset service account

---
 .../aup/DefaultAupSignatureCheckService.java  |   2 +-
 .../iam/api/scim/converter/UserConverter.java |   5 +
 .../infn/mw/iam/api/scim/model/ScimUser.java  |  18 ++-
 .../provisioning/ScimUserProvisioning.java    |   4 +-
 .../mw/iam/api/scim/updater/UpdaterType.java  |   1 +
 .../api/scim/updater/builders/Replacers.java  |   7 ++
 .../factory/DefaultAccountUpdaterFactory.java |   2 +
 .../account/ServiceAccountReplacedEvent.java  |  41 +++++++
 .../webapp/WEB-INF/views/iam/dashboard.jsp    |   1 +
 .../user.request-aup-signature.component.html |   2 +-
 .../user.service.account.component.html       |  38 ++++++
 .../user.service.account.component.js         | 109 ++++++++++++++++++
 .../user.sign-on-behalf.component.html        |   2 +-
 .../components/user/user.component.html       |   3 +
 .../services/scim-factory.service.js          |  25 +++-
 .../mw/iam/persistence/model/IamAccount.java  |  11 ++
 .../h2/V106__add_service_account.sql          |   3 +
 17 files changed, 268 insertions(+), 6 deletions(-)
 create mode 100644 iam-login-service/src/main/java/it/infn/mw/iam/audit/events/account/ServiceAccountReplacedEvent.java
 create mode 100644 iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.html
 create mode 100644 iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js
 create mode 100644 iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql

diff --git a/iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java b/iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java
index 84743c82f..67c31f090 100644
--- a/iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java
+++ b/iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java
@@ -53,7 +53,7 @@ public boolean needsAupSignature(IamAccount account) {
 
     Date now = new Date(timeProvider.currentTimeMillis());
 
-    if (!aup.isPresent()) {
+    if (!aup.isPresent() || account.isServiceAccount()) {
       LOG.debug("AUP signature not needed for account '{}': AUP is not defined",
           account.getUsername());
       return false;
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/converter/UserConverter.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/converter/UserConverter.java
index c2a1aebfd..258f7b65e 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/converter/UserConverter.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/converter/UserConverter.java
@@ -91,6 +91,10 @@ public IamAccount entityFromDto(ScimUser scimUser) {
       account.setActive(scimUser.getActive());
     }
 
+    if (scimUser.getServiceAccount() != null) {
+      account.setServiceAccount(scimUser.getServiceAccount());
+    }
+
     if (scimUser.getPassword() != null) {
 
       account.setPassword(scimUser.getPassword());
@@ -190,6 +194,7 @@ public ScimUser dtoFromEntity(IamAccount entity) {
       .meta(getScimMeta(entity))
       .name(getScimName(entity))
       .active(entity.isActive())
+      .serviceAccount(entity.isServiceAccount())
       .displayName(entity.getUsername())
       .locale(entity.getUserInfo().getLocale())
       .nickName(entity.getUserInfo().getNickname())
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
index dc5e60bb3..19ec98509 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
@@ -68,6 +68,7 @@ public interface UpdateUserValidation extends Default {
   private final String locale;
   private final String timezone;
   private final Boolean active;
+  private final Boolean serviceAccount;
 
   @NotEmpty(groups = {NewUserValidation.class})
   @Valid
@@ -93,7 +94,8 @@ private ScimUser(@JsonProperty("id") String id, @JsonProperty("externalId") Stri
       @JsonProperty("userType") String userType,
       @JsonProperty("preferredLanguage") String preferredLanguage,
       @JsonProperty("locale") String locale, @JsonProperty("timezone") String timezone,
-      @JsonProperty("active") Boolean active, @JsonProperty("emails") List<ScimEmail> emails,
+      @JsonProperty("active") Boolean active, @JsonProperty("serviceAccount") Boolean serviceAccount,
+      @JsonProperty("emails") List<ScimEmail> emails,
       @JsonProperty("addresses") List<ScimAddress> addresses,
       @JsonProperty("photos") List<ScimPhoto> photos,
       @JsonProperty("groups") Set<ScimGroupRef> groups,
@@ -116,6 +118,7 @@ private ScimUser(@JsonProperty("id") String id, @JsonProperty("externalId") Stri
     this.timezone = timezone;
     this.emails = emails;
     this.active = active;
+    this.serviceAccount = serviceAccount;
     this.groups = groups;
     this.addresses = addresses;
     this.indigoUser = indigoUser;
@@ -135,6 +138,7 @@ private ScimUser(Builder b) {
     this.locale = b.locale;
     this.timezone = b.timezone;
     this.active = b.active;
+    this.serviceAccount = b.serviceAccount;
     this.emails = b.emails;
     this.addresses = b.addresses;
     /* build indigoUserBuilder only if it has been touched */
@@ -216,6 +220,11 @@ public Boolean getActive() {
     return active;
   }
 
+  public Boolean getServiceAccount() {
+
+    return serviceAccount;
+  }
+
   public List<ScimEmail> getEmails() {
 
     return emails;
@@ -300,6 +309,7 @@ public static class Builder extends ScimResource.Builder<ScimUser> {
     private String locale;
     private String timezone;
     private Boolean active;
+    private Boolean serviceAccount;
 
     private List<ScimEmail> emails = new ArrayList<>();
     private Set<ScimGroupRef> groups = new LinkedHashSet<>();
@@ -401,6 +411,12 @@ public Builder active(Boolean active) {
       return this;
     }
 
+    public Builder serviceAccount(Boolean serviceAccount) {
+
+      this.serviceAccount = serviceAccount;
+      return this;
+    }
+
     public Builder addGroupRef(ScimGroupRef scimGroupRef) {
 
       Preconditions.checkNotNull(scimGroupRef, "Null group ref");
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/provisioning/ScimUserProvisioning.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/provisioning/ScimUserProvisioning.java
index ad3931674..3726514b6 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/provisioning/ScimUserProvisioning.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/provisioning/ScimUserProvisioning.java
@@ -30,6 +30,7 @@
 import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_GIVEN_NAME;
 import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_PASSWORD;
 import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_PICTURE;
+import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_SERVICE_ACCOUNT;
 import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_USERNAME;
 
 import java.util.ArrayList;
@@ -79,7 +80,8 @@ public class ScimUserProvisioning
       ACCOUNT_ADD_SSH_KEY, ACCOUNT_REMOVE_SSH_KEY, ACCOUNT_ADD_X509_CERTIFICATE,
       ACCOUNT_REMOVE_X509_CERTIFICATE, ACCOUNT_REPLACE_ACTIVE, ACCOUNT_REPLACE_EMAIL,
       ACCOUNT_REPLACE_FAMILY_NAME, ACCOUNT_REPLACE_GIVEN_NAME, ACCOUNT_REPLACE_PASSWORD,
-      ACCOUNT_REPLACE_PICTURE, ACCOUNT_REPLACE_USERNAME, ACCOUNT_REMOVE_PICTURE);
+      ACCOUNT_REPLACE_PICTURE, ACCOUNT_REPLACE_USERNAME, ACCOUNT_REMOVE_PICTURE, 
+      ACCOUNT_REPLACE_SERVICE_ACCOUNT);
 
   private final IamAccountService accountService;
   private final IamAccountRepository accountRepository;
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/UpdaterType.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/UpdaterType.java
index b370099d5..cff249892 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/UpdaterType.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/UpdaterType.java
@@ -24,6 +24,7 @@ public enum UpdaterType {
   ACCOUNT_REPLACE_PICTURE("Replace user picture"),
   ACCOUNT_REPLACE_USERNAME("Replace user username"),
   ACCOUNT_REPLACE_ACTIVE("Replace user active status"),
+  ACCOUNT_REPLACE_SERVICE_ACCOUNT("Replace user service account status"),
 
   ACCOUNT_ADD_OIDC_ID("Add OpenID Connect account to user"),
   ACCOUNT_ADD_SAML_ID("Add SAML account to user"),
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/builders/Replacers.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/builders/Replacers.java
index 7340ec897..63ee27279 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/builders/Replacers.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/builders/Replacers.java
@@ -16,6 +16,7 @@
 package it.infn.mw.iam.api.scim.updater.builders;
 
 import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_ACTIVE;
+import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_SERVICE_ACCOUNT;
 import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_EMAIL;
 import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_FAMILY_NAME;
 import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_GIVEN_NAME;
@@ -36,6 +37,7 @@
 import it.infn.mw.iam.api.scim.updater.util.AccountFinder;
 import it.infn.mw.iam.api.scim.updater.util.IdNotBoundChecker;
 import it.infn.mw.iam.audit.events.account.ActiveReplacedEvent;
+import it.infn.mw.iam.audit.events.account.ServiceAccountReplacedEvent;
 import it.infn.mw.iam.audit.events.account.EmailReplacedEvent;
 import it.infn.mw.iam.audit.events.account.FamilyNameReplacedEvent;
 import it.infn.mw.iam.audit.events.account.GivenNameReplacedEvent;
@@ -146,4 +148,9 @@ public AccountUpdater active(boolean isActive) {
         account::isActive, account::setActive, isActive, ActiveReplacedEvent::new);
   }
 
+  public AccountUpdater serviceAccount(boolean isServiceAccount) {
+    return new DefaultAccountUpdater<Boolean, ServiceAccountReplacedEvent>(account, ACCOUNT_REPLACE_SERVICE_ACCOUNT,
+        account::isServiceAccount, account::setServiceAccount, isServiceAccount, ServiceAccountReplacedEvent::new);
+  }
+
 }
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
index d3533f044..11ef7126c 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
@@ -139,6 +139,7 @@ private void prepareAdders(List<AccountUpdater> updaters, ScimUser user, IamAcco
     addUpdater(updaters, Objects::nonNull, user::getUserName, add::username);
     addUpdater(updaters, Objects::nonNull, user::getPassword, add::password);
     addUpdater(updaters, Objects::nonNull, user::getActive, add::active);
+    //addUpdater(updaters, Objects::nonNull, user::getServiceAccount, add::serviceAccount);
 
     if (user.hasEmails()) {
       addUpdater(updaters, Objects::nonNull, user.getEmails().get(0)::getValue, add::email);
@@ -207,6 +208,7 @@ private void prepareReplacers(List<AccountUpdater> updaters, ScimUser user, IamA
     addUpdater(updaters, Objects::nonNull, user::getUserName, replace::username);
     addUpdater(updaters, Objects::nonNull, user::getPassword, replace::password);
     addUpdater(updaters, Objects::nonNull, user::getActive, replace::active);
+    addUpdater(updaters, Objects::nonNull, user::getServiceAccount, replace::serviceAccount);
 
     if (user.hasEmails()) {
       addUpdater(updaters, Objects::nonNull, user.getEmails().get(0)::getValue, replace::email);
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/audit/events/account/ServiceAccountReplacedEvent.java b/iam-login-service/src/main/java/it/infn/mw/iam/audit/events/account/ServiceAccountReplacedEvent.java
new file mode 100644
index 000000000..2a00d1e64
--- /dev/null
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/audit/events/account/ServiceAccountReplacedEvent.java
@@ -0,0 +1,41 @@
+/**
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package it.infn.mw.iam.audit.events.account;
+
+import static it.infn.mw.iam.api.scim.updater.UpdaterType.ACCOUNT_REPLACE_SERVICE_ACCOUNT;
+
+import it.infn.mw.iam.api.scim.updater.UpdaterType;
+import it.infn.mw.iam.persistence.model.IamAccount;
+
+public class ServiceAccountReplacedEvent extends AccountUpdatedEvent {
+
+  private static final long serialVersionUID = 5681737929767602266L;
+
+  private final Boolean serviceAccount;
+
+  public ServiceAccountReplacedEvent(Object source, IamAccount account, Boolean serviceAccount) {
+    super(source, account, ACCOUNT_REPLACE_SERVICE_ACCOUNT, buildMessage(ACCOUNT_REPLACE_SERVICE_ACCOUNT, serviceAccount));
+    this.serviceAccount = serviceAccount;
+  }
+
+  public Boolean getServiceAccount() {
+    return serviceAccount;
+  }
+
+  protected static String buildMessage(UpdaterType t, Boolean serviceAccount) {
+    return String.format("%s: %s", t.getDescription(), serviceAccount);
+  }
+}
diff --git a/iam-login-service/src/main/webapp/WEB-INF/views/iam/dashboard.jsp b/iam-login-service/src/main/webapp/WEB-INF/views/iam/dashboard.jsp
index a9bf2d60d..cfc6b003e 100644
--- a/iam-login-service/src/main/webapp/WEB-INF/views/iam/dashboard.jsp
+++ b/iam-login-service/src/main/webapp/WEB-INF/views/iam/dashboard.jsp
@@ -136,6 +136,7 @@
   <script type="text/javascript" src="${resourcesPrefix}/iam/apps/dashboard-app/components/user/edit/user.edit.component.js"></script>
   <script type="text/javascript" src="${resourcesPrefix}/iam/apps/dashboard-app/components/user/edit/edit-user.controller.js"></script>
   <script type="text/javascript" src="${resourcesPrefix}/iam/apps/dashboard-app/components/user/status/user.status.component.js"></script>
+  <script type="text/javascript" src="${resourcesPrefix}/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js"></script>
   <script type="text/javascript"
     src="${resourcesPrefix}/iam/apps/dashboard-app/components/user/privileges/user.privileges.component.js"></script>
   <script type="text/javascript"
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.html b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.html
index 52a80f618..cb3f1bfca 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.html
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.html
@@ -15,7 +15,7 @@
     limitations under the License.
 
 -->
-<button ng-if="$ctrl.aupIsEnabled() && !$ctrl.isMe()"
+<button ng-if="$ctrl.aupIsEnabled() && !$ctrl.user.serviceAccount && !$ctrl.isMe()"
     class="btn btn-warning btn-block"
     style="margin-top: 5px" 
     ng-click="$ctrl.openRequestAupSignatureModal()" 
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.html b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.html
new file mode 100644
index 000000000..f501c0fa0
--- /dev/null
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.html
@@ -0,0 +1,38 @@
+<!--
+
+    Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
+<!-- Set user as service account button -->
+<button class="btn btn-primary btn-block"
+    style="margin-top: 5px"
+    ng-if="!$ctrl.user.serviceAccount && !$ctrl.isMe()" 
+    ng-click="$ctrl.openDialog()" 
+    ng-enabled="$ctrl.enabled"
+    name="disable-user-btn">
+    <i class="fa fa-cogs"></i>
+    <strong>Set as service account</strong>
+</button>
+
+<!-- Revoke user as service account button -->
+<button class="btn btn-primary btn-block" 
+    ng-if="$ctrl.user.serviceAccount && !$ctrl.isMe()"
+    style="margin-top: 5px" 
+    ng-click="$ctrl.openDialog()" 
+    ng-enabled="$ctrl.enabled"
+    name="enable-user-btn">
+    <i class="fa fa-undo"></i>
+    <strong>Revoke service account</strong>
+</button>
\ No newline at end of file
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js
new file mode 100644
index 000000000..dc67ca6cc
--- /dev/null
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js
@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+(function() {
+  'use strict';
+
+  function UserServiceAccountStatusController(toaster, Utils, ModalService, scimFactory) {
+    var self = this;
+
+    self.$onInit = function() {
+      self.enabled = true;
+    };
+
+    self.handleError = function(error) {
+      self.userCtrl.handleError(error);
+      self.enabled = true;
+    };
+
+    self.handleSuccess = function() {
+      self.enabled = true;
+      self.userCtrl.loadUser().then(function(user) {
+        if (user.serviceAccount) {
+          toaster.pop({
+            type: 'success',
+            body:
+                `User '${user.name.formatted}' has been set as service account successfully.`
+          });
+        } else {
+          toaster.pop({
+            type: 'success',
+            body: `User '${user.name.formatted}' is no longer a service account.`
+          });
+        }
+      });
+    };
+
+    self.setServiceAccountStatus = function() {
+      return scimFactory.setServiceAccountStatus(self.user.id, true)
+          .then(self.handleSuccess)
+          .catch(self.handleError);
+    };
+
+    self.revokeServiceAccountStatus = function() {
+      return scimFactory.setServiceAccountStatus(self.user.id, false)
+          .then(self.handleSuccess)
+          .catch(self.handleError);
+    };
+
+
+    self.openDialog = function() {
+
+      var modalOptions = null;
+      var updateServiceAccountStatusFunc = null;
+
+      if (self.user.serviceAccount) {
+        modalOptions = {
+          closeButtonText: 'Cancel',
+          actionButtonText: 'Revoke service account status',
+          headerText: 'Revoke service account status of ' + self.user.name.formatted,
+          bodyText:
+              `Are you sure you want to revoke service account status of '${self.user.name.formatted}'?`
+        };
+        updateServiceAccountStatusFunc = self.revokeServiceAccountStatus;
+      } else {
+        modalOptions = {
+          closeButtonText: 'Cancel',
+          actionButtonText: 'Set as service account',
+          headerText: 'Set ' + self.user.name.formatted + ' as service account',
+          bodyText:
+              `Are you sure you want set user '${self.user.name.formatted}' as service account?`
+        };
+        updateServiceAccountStatusFunc = self.setServiceAccountStatus;
+      }
+
+      self.enable = false;
+      ModalService.showModal({}, modalOptions)
+          .then(function() { updateServiceAccountStatusFunc(); })
+          .catch(function() {
+
+          });
+    };
+
+
+    self.isMe = function() { return Utils.isMe(self.user.id); };
+  }
+
+  angular.module('dashboardApp').component('userServiceAccount', {
+    require: {userCtrl: '^user'},
+    bindings: {user: '='},
+    templateUrl:
+        '/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.html',
+    controller: [
+      'toaster', 'Utils', 'ModalService', 'scimFactory', UserServiceAccountStatusController
+    ]
+  });
+
+})();
\ No newline at end of file
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.html b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.html
index 73a66da16..05b95dc1d 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.html
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.html
@@ -15,7 +15,7 @@
     limitations under the License.
 
 -->
-<button ng-if="$ctrl.aupIsEnabled() && !$ctrl.isMe()"
+<button ng-if="$ctrl.aupIsEnabled() && !$ctrl.user.serviceAccount && !$ctrl.isMe()"
     class="btn btn-success btn-block"
     style="margin-top: 5px" 
     ng-click="$ctrl.openSignAupOnBehalfModal()" 
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/user.component.html b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/user.component.html
index 4a1b32498..00aad33f5 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/user.component.html
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/user.component.html
@@ -63,6 +63,9 @@ <h1>
                             <!-- Change membership end time -->
                             <user-end-time user="$ctrl.user"></user-end-time>
 
+                            <!-- Set/Revoke as service account -->
+                            <user-service-account user="$ctrl.user"></user-service-account>
+
                             <!-- Sign On Behalf into user page when you're an admin -->
                             <user-sign-on-behalf user="$ctrl.user" aup="$ctrl.aup"></user-sign-on-behalf>
 
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/scim-factory.service.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/scim-factory.service.js
index 0e99b868c..2f6b45a7f 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/scim-factory.service.js
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/scim-factory.service.js
@@ -47,7 +47,8 @@ angular.module('dashboardApp').factory("scimFactory", ['$q', '$http', '$httpPara
 		updateUser: updateUser,
 		updateMe: updateMe,
 		getAllUsers: getAllUsers,
-		getUserProfileConfig: getUserProfileConfig
+		getUserProfileConfig: getUserProfileConfig,
+		setServiceAccountStatus: setServiceAccountStatus
 	};
 
 	return service;
@@ -581,5 +582,27 @@ angular.module('dashboardApp').factory("scimFactory", ['$q', '$http', '$httpPara
 		return $http.patch(urlMe, data, config);
 	};
 
+	function setServiceAccountStatus(userId, status) {
+
+		console.info("Patch user-id, set serviceAccount to ", userId, status);
+
+		var config = {
+			headers: {
+				'Content-Type': 'application/scim+json'
+			}
+		};
+		var data = {
+			schemas: ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
+			operations: [{
+				op: "replace",
+				value: {
+					serviceAccount: status
+				}
+			}]
+		};
+		var url = urlUsers + '/' + userId;
+
+		return $http.patch(url, data, config);
+	};
 
 }]);
\ No newline at end of file
diff --git a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/model/IamAccount.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/model/IamAccount.java
index 6a90392c4..5093d3814 100644
--- a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/model/IamAccount.java
+++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/model/IamAccount.java
@@ -150,6 +150,9 @@ public class IamAccount implements Serializable {
       name = "iam_account_labels", joinColumns = @JoinColumn(name = "account_id"))
   private Set<IamLabel> labels = new HashSet<>();
 
+  @Column(name = "service_account")
+  private boolean serviceAccount;
+
   public IamAccount() {
     // empty constructor
   }
@@ -613,4 +616,12 @@ public Date getEndTime() {
   public void setEndTime(Date endTime) {
     this.endTime = endTime;
   }
+
+  public boolean isServiceAccount() {
+    return serviceAccount;
+  }
+
+  public void setServiceAccount(boolean serviceAccount) {
+    this.serviceAccount = serviceAccount;
+  }
 }
diff --git a/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql b/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql
new file mode 100644
index 000000000..8b5e2203e
--- /dev/null
+++ b/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql
@@ -0,0 +1,3 @@
+ALTER TABLE iam_account ADD COLUMN service_account boolean;
+
+UPDATE iam_account SET service_account = false;
\ No newline at end of file

From 4bfc038ddeff43f8d1894f728e31cf56449aaacd Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Mon, 22 Jul 2024 15:49:48 +0100
Subject: [PATCH 02/30] Fix vomsAc test

---
 .../db/migration/test/V100000___test_data.sql | 504 +++++++++---------
 .../voms-test/V100000___voms_test_data.sql    |   4 +-
 2 files changed, 254 insertions(+), 254 deletions(-)

diff --git a/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql b/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql
index 552295e37..82dde65d0 100644
--- a/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql
+++ b/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql
@@ -196,9 +196,9 @@ INSERT INTO iam_user_info(ID, GIVENNAME, FAMILYNAME, EMAIL, EMAILVERIFIED, BIRTH
   (2, 'Test', 'User', 'test@iam.test', true, '1950-01-01','M','test'),
   (1000, 'Test', 'MFA', 'testwithmfa@iam.test', true, '2000-01-01','F','testwithmfa');
 
-INSERT INTO iam_account(id, uuid, username, password, user_info_id, creationtime, lastupdatetime, active) VALUES
-  (2, '80e5fb8d-b7c8-451a-89ba-346ae278a66f', 'test', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 2, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-  (1000, '467c882e-90da-11ec-b909-0242ac120002', 'test-with-mfa', '$2a$12$S3lUZw/ESq9lULn5he6bBu9KNGCvs7C2rWo0XdVC6t65ITwAc22w2', 1000, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true);
+INSERT INTO iam_account(id, uuid, username, password, user_info_id, creationtime, lastupdatetime, active, service_account) VALUES
+  (2, '80e5fb8d-b7c8-451a-89ba-346ae278a66f', 'test', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 2, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+  (1000, '467c882e-90da-11ec-b909-0242ac120002', 'test-with-mfa', '$2a$12$S3lUZw/ESq9lULn5he6bBu9KNGCvs7C2rWo0XdVC6t65ITwAc22w2', 1000, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false);
 
 
 INSERT INTO iam_oidc_id(issuer, subject, account_id) VALUES
@@ -522,255 +522,255 @@ INSERT INTO iam_user_info(ID,GIVENNAME,FAMILYNAME, EMAIL, EMAILVERIFIED) VALUES
 (346, 'Test-346','User', 'test-346@test.org', true),
 (347, 'Test-347','User', 'test-347@test.org', true);
 
-INSERT INTO iam_account(id, uuid, username, password, user_info_id, creationtime, lastupdatetime, active) VALUES
-(100, 'f2ce8cb2-a1db-4884-9ef0-d8842cc02b4a', 'test_100', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 100, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(101, '1a78b3b8-22d2-4746-9269-df55aceb036f', 'test_101', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 101, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(102, 'a07d60c6-7ffa-475f-98e4-f9f648aa278b', 'test_102', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 102, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(103, '56e1b885-ea25-4ffc-ba17-fcde2b097d02', 'test_103', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 103, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(104, '67d2794d-c7fb-406e-9bc1-b66f43cbe60f', 'test_104', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 104, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(105, 'd11e04f7-f369-4de6-9375-394f7d886ac7', 'test_105', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 105, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(106, 'bbc76b76-9f9e-443b-8c63-cd775c50c6f3', 'test_106', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 106, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(107, 'b15c850c-e6e0-4afb-a02d-374653bb102e', 'test_107', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 107, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(108, 'afada6e8-d50d-47f6-912e-d6261605c771', 'test_108', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 108, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(109, 'fa3b4c97-4787-4b49-a32c-5b4c74d5a7c8', 'test_109', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 109, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(110, '33165df6-4d49-4728-883c-3fd42720d46b', 'test_110', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 110, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(111, '15fb8d3a-003d-4ef9-8349-867d81d4ae9c', 'test_111', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 111, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(112, '7a4dda33-c2e5-4304-998a-3fa4df481123', 'test_112', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 112, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(113, '7013f989-0a95-43b5-8637-2e2360a73bb3', 'test_113', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 113, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(114, '12caabc8-4766-4028-98ff-f4d7f288a5f0', 'test_114', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 114, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(115, 'f463ad2b-5814-4877-bb62-f954c67a8044', 'test_115', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 115, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(116, '28c656c4-5489-4654-a257-0806c6bab905', 'test_116', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 116, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(117, '11be5a72-9416-45fc-a0a7-f3e23c54bfda', 'test_117', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 117, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(118, '3cea2c01-786e-41a3-8fdf-4229cc4e3742', 'test_118', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 118, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(119, 'e0247677-4542-4df3-8d75-8efa11e70911', 'test_119', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 119, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(120, 'd905a115-d726-4e11-ba1f-b8482177bb05', 'test_120', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 120, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(121, '3479afd1-584c-4479-b6e2-25f6cef2f842', 'test_121', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 121, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(122, '8d4f467d-cb68-4feb-b898-71e4487e6820', 'test_122', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 122, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(123, '0ddee1c2-1426-4b83-b520-e20bdd8ef9b3', 'test_123', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 123, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(124, 'b8b638be-6e09-4dbe-bcc0-776c2403e8c7', 'test_124', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 124, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(125, '1dc3108a-b5c0-4e5b-accd-925054075bc4', 'test_125', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 125, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(126, '5eed3374-c131-4513-84b7-dd0ff965da35', 'test_126', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 126, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(127, '2d0b4c36-0301-49f6-a20b-23b6ca48cee2', 'test_127', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 127, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(128, 'db46065a-ba62-423d-9397-7bc6fab371a5', 'test_128', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 128, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(129, 'd9dbaabf-c51a-45e5-aee1-25134ba283ac', 'test_129', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 129, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(130, '5678f40a-f361-464c-aa71-ffb48d163aaa', 'test_130', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 130, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(131, '209ae3b9-e266-4e57-a639-db29f61a7594', 'test_131', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 131, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(132, 'f3fac505-d5c9-4d9c-83af-3976f357f19c', 'test_132', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 132, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(133, '13bfd34b-1dda-452e-bd9a-284aabccf07d', 'test_133', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 133, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(134, '15ccd152-1537-48d4-a55a-fd6565e5d86f', 'test_134', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 134, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(135, '6b2f4fc1-3e98-4f64-8fb4-517d2d4b3fa3', 'test_135', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 135, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(136, '398081ee-9c3c-4e5d-802c-90a4579030d4', 'test_136', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 136, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(137, '89a32317-dd45-481d-91a4-080e30c1f29e', 'test_137', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 137, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(138, '6dc0aa56-011d-45b8-bf26-cb03e8b40ccf', 'test_138', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 138, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(139, 'cd62277e-5acf-41af-acea-b4d208cba29e', 'test_139', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 139, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(140, '0ae29eac-64ee-45b4-a2e7-e58b34c7ff0e', 'test_140', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 140, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(141, '0f7fe907-fa84-429e-8057-02d809375ba3', 'test_141', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 141, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(142, '7aa4a733-d318-4392-b3d3-6618263f667d', 'test_142', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 142, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(143, 'b1d9b1ac-e77c-4d55-a895-cf0788ed2174', 'test_143', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 143, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(144, 'f975f1f7-ad05-4d66-9905-d44c13cbd08b', 'test_144', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 144, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(145, '857f6e6d-e415-4850-a82b-59d557864910', 'test_145', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 145, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(146, '4e1c059c-1d06-4997-8bfa-5bd09fdb4571', 'test_146', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 146, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(147, 'f4a0bc7f-b279-4caf-b8d1-c86a3c106f62', 'test_147', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 147, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(148, '007bbb9d-55b1-4f5e-80a5-bbcb22073db4', 'test_148', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 148, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(149, 'a1d22bbf-9afe-49da-b75d-b58f825db351', 'test_149', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 149, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(150, '8c2351d5-5460-4b2d-b1bb-7b086130090e', 'test_150', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 150, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(151, 'e6651896-66f8-4f63-b44f-71710fdb947c', 'test_151', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 151, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(152, 'caf04a3c-8f35-40a3-99b6-48ba6a05d8b8', 'test_152', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 152, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(153, 'd501e485-a306-4c9d-9baf-cc75f2321cfd', 'test_153', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 153, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(154, '57466d38-cae8-48bf-ac67-2cfc0266b5b0', 'test_154', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 154, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(155, '4bd5f059-f014-4356-8083-9c1a77adb6fd', 'test_155', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 155, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(156, '69130f52-f251-46fd-99ee-d646938e5f3f', 'test_156', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 156, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(157, 'dedfb4f0-a545-44b3-abba-dd77103db894', 'test_157', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 157, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(158, 'b5d98a8b-3780-4ace-ace1-ac12829dc469', 'test_158', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 158, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(159, '17de2f08-37fe-469d-b7b1-0e9ea9c6d2d8', 'test_159', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 159, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(160, '313abc40-4c88-45df-89e7-bd7bbf97b0fd', 'test_160', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 160, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(161, 'c5d7fc06-16fc-4711-be37-27bbf2c2c07c', 'test_161', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 161, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(162, 'ca31bf4d-f5da-4fc4-ae36-fd3cc0d35d7f', 'test_162', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 162, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(163, 'dc98bb8e-4b91-4915-86fb-476c9503a936', 'test_163', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 163, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(164, '79dd006c-0e4c-4a79-8600-ef8a0ae5bc04', 'test_164', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 164, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(165, '05cdc1f7-7787-43d6-80c6-588277fefb9b', 'test_165', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 165, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(166, 'dcdeb139-71ab-44f5-a709-ab33fec49882', 'test_166', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 166, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(167, '35a98804-b05e-47b0-917b-d72a4d4a5240', 'test_167', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 167, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(168, '5e4d4351-82c7-438d-8f83-ee2b7ebe1fe3', 'test_168', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 168, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(169, 'e1a205e2-f202-402d-8542-4cfc529ef514', 'test_169', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 169, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(170, 'a2e6271e-5b30-42d1-a211-494b98832676', 'test_170', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 170, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(171, '68515954-75ea-4022-9581-4cb4d28c6d6d', 'test_171', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 171, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(172, '41663b84-06b5-4787-a49e-1f745ca1eab3', 'test_172', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 172, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(173, 'b257f456-bdae-4c58-8519-756abbda462a', 'test_173', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 173, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(174, 'd848b9cb-05e4-4dcf-b9b7-431d83c41810', 'test_174', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 174, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(175, 'b6859250-dcca-47ef-b013-f609468d2389', 'test_175', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 175, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(176, 'e18bc682-897b-4696-a5ef-eee37a52a3de', 'test_176', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 176, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(177, '6b00471d-f496-4335-8209-5a9e13d18b9e', 'test_177', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 177, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(178, '35664644-7b32-4503-86f4-76adbb57762c', 'test_178', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 178, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(179, '7890415f-6563-4f25-bdf3-a5f45159a1b1', 'test_179', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 179, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(180, 'a1edf880-e270-4dac-b69f-73e61c517397', 'test_180', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 180, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(181, '73520029-5901-4022-b9da-38ccd73fe799', 'test_181', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 181, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(182, 'de5825a3-c585-45b3-88a1-7e5e80686826', 'test_182', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 182, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(183, 'bb50b80a-f471-4f64-85fb-4e5051708a4a', 'test_183', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 183, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(184, 'b7aa98b9-30da-468c-8566-06a5b804c4b9', 'test_184', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 184, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(185, 'c230e253-f874-4365-8b0e-7ba5ebc1cc26', 'test_185', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 185, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(186, '7593dbbf-9286-460b-a234-32b560817f60', 'test_186', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 186, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(187, 'ee1e2ce5-da23-4576-84e3-ad7cf4e0ce26', 'test_187', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 187, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(188, 'bf1cc1be-f405-4282-b7be-9a4578670046', 'test_188', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 188, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(189, 'e5ed670a-f944-40f0-8c10-d41c3350ead5', 'test_189', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 189, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(190, '8370db5c-e196-451a-9f5f-9b99c570cf46', 'test_190', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 190, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(191, '81498342-d247-4a60-80de-2c4cb4b1a84d', 'test_191', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 191, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(192, '213f1b3c-516e-4a6f-9785-d8c85d32f83e', 'test_192', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 192, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(193, '08ba27e6-b1b5-4d9e-a64a-6b5bc538bf43', 'test_193', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 193, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(194, 'cf0cfa8e-377c-44a0-a6d1-a74ce1de08fb', 'test_194', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 194, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(195, '2ea66412-8dc2-4081-8d48-e3637ca82604', 'test_195', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 195, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(196, '4ed466eb-ee51-4433-9d0f-3a56216698a2', 'test_196', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 196, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(197, 'cc03fc51-097d-43d6-bb6c-a0df72ec4838', 'test_197', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 197, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(198, '11844e66-8146-4263-aaa6-1fde7e5cfc58', 'test_198', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 198, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(199, 'b5a954c6-69a9-473c-a4c4-83c4f7a88c1c', 'test_199', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 199, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(200, '167e359e-7833-4ce2-9f8b-f035cee39505', 'test_200', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 200, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(201, '5afb5430-a023-4a50-aa92-b134a0fb68b3', 'test_201', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 201, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(202, 'de17b155-307c-4f9b-81f3-7f8b73d2526a', 'test_202', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 202, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(203, 'c966145b-ac05-4a2c-874d-f7b585d1d03b', 'test_203', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 203, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(204, '1d88ea5a-ab5f-40b1-bd48-f18f86eef5d9', 'test_204', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 204, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(205, '6cb0be93-7829-4bfc-ba4a-4d2cdff45447', 'test_205', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 205, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(206, 'e31a2ca7-fcaa-4b98-aac9-7e78f8605851', 'test_206', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 206, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(207, 'f26899b7-64e0-4c16-9134-cef3774f1614', 'test_207', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 207, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(208, '606cf6ab-6b5e-45d1-83b8-e535b197d2f0', 'test_208', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 208, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(209, '617bfc4e-17b1-4ca7-b736-58a74c267747', 'test_209', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 209, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(210, 'e5c26b7a-17bd-47ce-aac8-1430c57b8152', 'test_210', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 210, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(211, '7747bff5-b1e5-49b9-9a87-f93a5b790df0', 'test_211', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 211, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(212, 'c6e5b631-1e91-4ecd-8358-214eec07a91d', 'test_212', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 212, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(213, 'a874c7bd-97ac-4f48-bda5-7d3305d9067d', 'test_213', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 213, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(214, 'c7938cc2-8032-424b-8f49-85558f95364b', 'test_214', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 214, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(215, '46017ce9-d4dd-4ddc-8b73-d596e23d25ad', 'test_215', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 215, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(216, 'd5e66fd2-232e-476d-8de0-2bc1eb59630d', 'test_216', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 216, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(217, '097dc614-bc56-4f5f-a190-3ca1716a6400', 'test_217', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 217, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(218, 'a3b97132-067f-4839-9b99-830a7fb659d4', 'test_218', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 218, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(219, '8d35557f-7451-4c54-bb17-9c3d204c48d3', 'test_219', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 219, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(220, 'a6fba1ff-a5d7-4907-8cd4-1caa27cad85d', 'test_220', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 220, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(221, '427feb36-4401-4971-83de-f93672c028aa', 'test_221', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 221, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(222, '66541083-b1ab-4966-9f8b-8a1109fce0e0', 'test_222', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 222, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(223, '9939c37c-a9b9-43b7-9a4b-aacc470d47c4', 'test_223', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 223, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(224, '754379a0-bdc2-4a2d-9828-9480926b30ad', 'test_224', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 224, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(225, '18c870a1-9e2c-48fb-8a52-259e55e2052e', 'test_225', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 225, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(226, '02df9a97-b44c-4c46-ab3a-c11010d45e18', 'test_226', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 226, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(227, '20f609f7-c128-46b5-abeb-d16d46aab9ad', 'test_227', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 227, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(228, '75067ca5-872c-4149-85ad-f6685f14efc0', 'test_228', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 228, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(229, 'b8639303-d15f-4c81-b9d2-2863f53737c3', 'test_229', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 229, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(230, 'a0c4d9ea-7659-4009-ac7c-a3f089def76d', 'test_230', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 230, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(231, 'd3605113-fb9a-4640-b6fe-9931594eba6c', 'test_231', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 231, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(232, 'bf59d2cc-dd79-4ad6-9637-b04098768600', 'test_232', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 232, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(233, '304d5f24-274e-4fd6-aca4-97b761d1bd0c', 'test_233', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 233, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(234, '0d9491c3-c28b-4c11-8e28-14d93e612e35', 'test_234', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 234, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(235, 'f73a809f-78a6-4214-8060-d6037fe391aa', 'test_235', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 235, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(236, '11cc494a-86a4-44d2-b5fd-06438f95d6a4', 'test_236', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 236, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(237, '55b2e8cc-aaa4-4a8b-8a83-f732188cfab2', 'test_237', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 237, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(238, 'ebe14f0a-7bf7-4614-83c8-1e2da963139a', 'test_238', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 238, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(239, '3e83b092-95a1-4ee4-ac1f-e9df2f3954ad', 'test_239', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 239, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(240, '7304efcc-7974-453e-b2db-fdcc848f8a24', 'test_240', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 240, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(241, '6b0b51e8-f058-42a6-a9ed-3b6ebde935d8', 'test_241', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 241, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(242, 'c10f6de1-a64d-4f8f-bd0a-47bcd72ab8f7', 'test_242', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 242, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(243, '5537408c-41c6-4ee5-8f59-ca70fcdbd0ae', 'test_243', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 243, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(244, '0a920520-e271-42a6-8dc1-89f090023c89', 'test_244', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 244, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(245, 'a5120b27-cdd5-4209-b3da-bdf4b53db140', 'test_245', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 245, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(246, 'cd0f900a-dab8-4a49-805d-97e57cb5ad4c', 'test_246', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 246, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(247, '53b8b68c-0a11-411a-9b4d-01d58c9c0ff0', 'test_247', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 247, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(248, '57114ddf-7bb8-4e68-952a-faa83bf276bf', 'test_248', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 248, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(249, 'fa04c6fe-1bf0-489e-b0df-9fa4756bb90b', 'test_249', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 249, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(250, '5bf5b365-962e-4f6d-9576-94d5ac66cc3c', 'test_250', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 250, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(251, 'eca96575-798c-4919-ba93-4f0eca487490', 'test_251', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 251, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(252, 'd4e52ad1-ac1c-4f68-8d97-6858c8534f84', 'test_252', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 252, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(253, '74f88528-b57b-4482-a417-e7e8cf5ccd87', 'test_253', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 253, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(254, 'f1b969bd-2e43-4981-80d1-baeba6afd456', 'test_254', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 254, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(255, '11f5bcd3-096b-4b0f-8f1b-fa9292e3f5f3', 'test_255', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 255, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(256, 'b937e637-c00b-48de-8dd4-fae260cd9fb9', 'test_256', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 256, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(257, '49886ca5-c9a8-4c1f-9ef0-4784495e943c', 'test_257', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 257, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(258, '5cf6bbba-f2bf-4704-b288-36edb49a3c7a', 'test_258', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 258, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(259, '0a246675-78f2-47d3-a716-f9b85de0e885', 'test_259', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 259, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(260, 'b1e2509b-e9e4-40f8-b5c3-4e230e675ca8', 'test_260', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 260, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(261, 'c423ca4a-54b4-40f3-859d-d39f7d4cf266', 'test_261', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 261, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(262, '1452d005-8038-4092-ba0d-bd690dfdb2e2', 'test_262', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 262, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(263, 'f39a1721-6aeb-4f1e-90be-f54684ece8f0', 'test_263', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 263, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(264, 'ec2b02db-6eb2-4b9e-aa3b-ef53b6daf005', 'test_264', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 264, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(265, 'a6809581-e7b7-4d70-bfdd-c1f302322ee3', 'test_265', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 265, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(266, '794e2ba9-518d-4494-8ef0-01669807e10a', 'test_266', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 266, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(267, 'c258f48e-7f30-4c16-bd2d-6eed81529157', 'test_267', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 267, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(268, 'b7501b84-3a14-44d7-97da-271c416cbd16', 'test_268', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 268, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(269, '88b529d5-7804-4c4d-9f35-aa7dd1df0a37', 'test_269', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 269, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(270, '0c1b65d3-dee3-4429-864f-115fbbc6a2f4', 'test_270', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 270, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(271, '01667b0f-b397-47c1-8cdb-adb3ea7cba06', 'test_271', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 271, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(272, 'c8909fda-0453-4f74-a683-bd613fdc70c5', 'test_272', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 272, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(273, '796b8703-6f42-433f-b9e6-b115b4df25b0', 'test_273', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 273, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(274, 'de8f11f6-7298-4633-ad38-cc94e03314fd', 'test_274', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 274, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(275, 'e097f4e6-9c2d-4f35-912e-bd37f5cdec00', 'test_275', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 275, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(276, '3e0dab1e-c41f-4c0d-b2e3-d056ba6a3c60', 'test_276', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 276, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(277, 'b24cb998-40b7-471c-b55a-48b58b98b2e5', 'test_277', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 277, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(278, 'ab2113f4-56a2-4d1d-83a6-a54a763e371e', 'test_278', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 278, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(279, '2a2beb83-ccbf-413f-ade2-2fd2f79e5f49', 'test_279', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 279, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(280, 'ac53405d-8813-4cf7-ac12-fad7629d5602', 'test_280', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 280, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(281, 'b6c7b0e1-38b5-4e00-a22d-45c03d5fdeac', 'test_281', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 281, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(282, '8e41ff90-42f5-4736-89a6-24246917555c', 'test_282', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 282, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(283, '2b46023a-316f-41ae-955e-01185d67d7a5', 'test_283', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 283, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(284, '74c72c06-391e-4c72-92e7-92a5b75ac2da', 'test_284', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 284, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(285, '3e1246c2-96f9-4937-be0c-eb187822c3c7', 'test_285', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 285, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(286, '7f0e0193-b743-4394-b3e5-86e01813c094', 'test_286', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 286, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(287, '886cd06c-c30a-48df-b793-be4bfa2c1eb9', 'test_287', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 287, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(288, 'cb7cf6cd-bd2e-4956-be86-5d5935417098', 'test_288', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 288, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(289, 'd2e92f17-c26b-44dd-9c60-ca69b0f55b6d', 'test_289', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 289, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(290, 'ea3a53a1-b451-4d7b-9b9f-2b6790de314d', 'test_290', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 290, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(291, '723f2b0d-3473-445c-a6f2-9c8bb12b6019', 'test_291', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 291, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(292, '8f04e723-bb30-4952-a8f5-214845e525dc', 'test_292', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 292, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(293, '56e1991e-47e1-4136-9bd0-cd94fa40b3c8', 'test_293', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 293, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(294, 'b5ef5b82-483e-4331-ba84-78ece1f72602', 'test_294', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 294, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(295, '8238ae4e-5f13-42a3-9d6c-ea60f0ee64a1', 'test_295', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 295, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(296, '800a6a1d-1f63-4052-a14a-fcb56ab7e98b', 'test_296', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 296, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(297, '2eb884c0-8953-434d-898f-a162ffd44102', 'test_297', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 297, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(298, '06363941-bac6-4cc1-b56f-82d9d64d7c12', 'test_298', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 298, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(299, 'd8468131-79a2-4003-bf0a-e034a3455af9', 'test_299', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 299, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(300, 'e8e5f9d3-4473-46d9-b893-a195d5ccc6b4', 'test_300', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 300, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(301, '57db1144-49b7-4930-a214-9bba56c0eab6', 'test_301', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 301, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(302, '668a6ec5-142f-467d-891a-57fe10faf4bb', 'test_302', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 302, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(303, '9bcd9772-6c90-4c14-8ff4-16fa54744c87', 'test_303', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 303, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(304, '6c37ac4e-5213-4d60-8070-fadf3fa3ca38', 'test_304', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 304, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(305, 'fb5d7ea0-249f-4a0e-97aa-caa015d148e4', 'test_305', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 305, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(306, '26035205-595c-433a-8aba-4e0d6ce103a3', 'test_306', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 306, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(307, '1e4a6346-9da9-417c-bfbf-1a3cded61e12', 'test_307', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 307, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(308, '3af98cba-0cd4-4ea1-bcdc-c4c91672f038', 'test_308', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 308, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(309, 'a073f7ce-dfdc-424c-b4d0-bec7acaae445', 'test_309', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 309, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(310, '6524988e-5916-4410-a740-58d1e57d3f93', 'test_310', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 310, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(311, '58a190c4-789e-4c97-9fbb-245d3a58c8fe', 'test_311', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 311, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(312, '3244773f-b74b-461d-bf9a-916a05980c99', 'test_312', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 312, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(313, 'aaed5fa8-6555-43d2-adf4-c672008f8c92', 'test_313', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 313, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(314, 'f32415ac-f0fb-4815-bbef-27ba6115a1cc', 'test_314', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 314, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(315, '2030b697-b729-40c4-91b1-592e19fd4e73', 'test_315', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 315, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(316, 'ee47b98e-ebd5-44ae-8c9a-cbec609415b0', 'test_316', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 316, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(317, 'a47459c2-a709-4601-9151-cb57ae13bc8c', 'test_317', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 317, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(318, '5e274495-2c02-4f75-9ce2-c730e2686be9', 'test_318', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 318, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(319, 'f5f04ca8-f693-4758-9aa6-9a3c55938937', 'test_319', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 319, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(320, '5f876faf-2ad7-41f3-906d-2edd9fd2907d', 'test_320', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 320, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(321, '3d0665c6-db74-4d48-91cc-ebe39bbae605', 'test_321', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 321, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(322, '86c19bce-cb25-47a4-8aba-29c8ad4fc87d', 'test_322', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 322, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(323, 'efa06619-2301-4cb4-b9fa-6e9bddef94d7', 'test_323', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 323, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(324, '3cfc5976-aa7f-4281-8b43-6ea6eee1ac80', 'test_324', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 324, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(325, '19a56d56-1f57-45e6-9c2e-466a17d8c7ba', 'test_325', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 325, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(326, '026a45cf-cbeb-4ea9-8d20-21efbe206bad', 'test_326', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 326, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(327, '48312cae-f61d-4f87-9b20-a957d1e919ce', 'test_327', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 327, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(328, 'e06abc58-f451-4e9e-ac4f-51d5e9d424a6', 'test_328', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 328, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(329, '10b58273-4b30-4caf-954c-a1873ca4d6b5', 'test_329', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 329, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(330, '008892b7-6479-4e68-adf2-39e7ac29e66e', 'test_330', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 330, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(331, '7f864422-153c-4681-8c9e-4e942dce9548', 'test_331', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 331, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(332, '67c5538e-0363-4650-a42e-ba25746b4239', 'test_332', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 332, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(333, '208210c1-1601-47ae-883f-cdb16e0f802b', 'test_333', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 333, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(334, 'bb08395a-a0f0-490d-9d23-6f2f76b41514', 'test_334', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 334, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(335, '050c1a8e-256d-41ab-bd3a-3abe54d01b32', 'test_335', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 335, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(336, 'cf016005-9207-4a2d-a8fe-91c278029a18', 'test_336', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 336, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(337, '950a5d40-e604-4f6c-82dd-2b60a578d9aa', 'test_337', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 337, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(338, '3e00662d-6917-4759-b9a9-be8eda02f63b', 'test_338', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 338, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(339, 'bb339af3-2038-4f17-b489-46d4b7542cb6', 'test_339', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 339, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(340, '3927f6d5-5d90-4192-b84c-cebda90c0b0a', 'test_340', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 340, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(341, 'e6b29f71-bb4a-420b-8442-1f7639109465', 'test_341', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 341, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(342, 'ff7909b6-a90c-43c7-96fc-c375d439e373', 'test_342', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 342, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(343, '6f9902ca-7674-4f2f-b2e1-aeb3701bae14', 'test_343', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 343, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(344, '36d75eda-7573-474a-8aeb-f8555464154f', 'test_344', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 344, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(345, 'd3c489ae-3f03-48fe-9248-927a8bb3297f', 'test_345', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 345, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(346, '18764a4e-8b01-478e-80b3-217cc37d49c7', 'test_346', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 346, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true),
-(347, '00075d1c-f486-41a0-98f8-06f0354b8416', 'test_347', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 347, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true);
+INSERT INTO iam_account(id, uuid, username, password, user_info_id, creationtime, lastupdatetime, active, service_account) VALUES
+(100, 'f2ce8cb2-a1db-4884-9ef0-d8842cc02b4a', 'test_100', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 100, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(101, '1a78b3b8-22d2-4746-9269-df55aceb036f', 'test_101', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 101, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(102, 'a07d60c6-7ffa-475f-98e4-f9f648aa278b', 'test_102', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 102, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(103, '56e1b885-ea25-4ffc-ba17-fcde2b097d02', 'test_103', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 103, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(104, '67d2794d-c7fb-406e-9bc1-b66f43cbe60f', 'test_104', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 104, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(105, 'd11e04f7-f369-4de6-9375-394f7d886ac7', 'test_105', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 105, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(106, 'bbc76b76-9f9e-443b-8c63-cd775c50c6f3', 'test_106', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 106, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(107, 'b15c850c-e6e0-4afb-a02d-374653bb102e', 'test_107', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 107, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(108, 'afada6e8-d50d-47f6-912e-d6261605c771', 'test_108', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 108, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(109, 'fa3b4c97-4787-4b49-a32c-5b4c74d5a7c8', 'test_109', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 109, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(110, '33165df6-4d49-4728-883c-3fd42720d46b', 'test_110', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 110, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(111, '15fb8d3a-003d-4ef9-8349-867d81d4ae9c', 'test_111', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 111, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(112, '7a4dda33-c2e5-4304-998a-3fa4df481123', 'test_112', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 112, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(113, '7013f989-0a95-43b5-8637-2e2360a73bb3', 'test_113', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 113, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(114, '12caabc8-4766-4028-98ff-f4d7f288a5f0', 'test_114', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 114, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(115, 'f463ad2b-5814-4877-bb62-f954c67a8044', 'test_115', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 115, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(116, '28c656c4-5489-4654-a257-0806c6bab905', 'test_116', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 116, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(117, '11be5a72-9416-45fc-a0a7-f3e23c54bfda', 'test_117', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 117, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(118, '3cea2c01-786e-41a3-8fdf-4229cc4e3742', 'test_118', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 118, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(119, 'e0247677-4542-4df3-8d75-8efa11e70911', 'test_119', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 119, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(120, 'd905a115-d726-4e11-ba1f-b8482177bb05', 'test_120', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 120, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(121, '3479afd1-584c-4479-b6e2-25f6cef2f842', 'test_121', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 121, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(122, '8d4f467d-cb68-4feb-b898-71e4487e6820', 'test_122', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 122, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(123, '0ddee1c2-1426-4b83-b520-e20bdd8ef9b3', 'test_123', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 123, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(124, 'b8b638be-6e09-4dbe-bcc0-776c2403e8c7', 'test_124', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 124, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(125, '1dc3108a-b5c0-4e5b-accd-925054075bc4', 'test_125', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 125, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(126, '5eed3374-c131-4513-84b7-dd0ff965da35', 'test_126', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 126, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(127, '2d0b4c36-0301-49f6-a20b-23b6ca48cee2', 'test_127', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 127, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(128, 'db46065a-ba62-423d-9397-7bc6fab371a5', 'test_128', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 128, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(129, 'd9dbaabf-c51a-45e5-aee1-25134ba283ac', 'test_129', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 129, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(130, '5678f40a-f361-464c-aa71-ffb48d163aaa', 'test_130', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 130, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(131, '209ae3b9-e266-4e57-a639-db29f61a7594', 'test_131', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 131, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(132, 'f3fac505-d5c9-4d9c-83af-3976f357f19c', 'test_132', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 132, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(133, '13bfd34b-1dda-452e-bd9a-284aabccf07d', 'test_133', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 133, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(134, '15ccd152-1537-48d4-a55a-fd6565e5d86f', 'test_134', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 134, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(135, '6b2f4fc1-3e98-4f64-8fb4-517d2d4b3fa3', 'test_135', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 135, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(136, '398081ee-9c3c-4e5d-802c-90a4579030d4', 'test_136', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 136, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(137, '89a32317-dd45-481d-91a4-080e30c1f29e', 'test_137', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 137, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(138, '6dc0aa56-011d-45b8-bf26-cb03e8b40ccf', 'test_138', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 138, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(139, 'cd62277e-5acf-41af-acea-b4d208cba29e', 'test_139', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 139, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(140, '0ae29eac-64ee-45b4-a2e7-e58b34c7ff0e', 'test_140', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 140, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(141, '0f7fe907-fa84-429e-8057-02d809375ba3', 'test_141', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 141, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(142, '7aa4a733-d318-4392-b3d3-6618263f667d', 'test_142', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 142, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(143, 'b1d9b1ac-e77c-4d55-a895-cf0788ed2174', 'test_143', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 143, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(144, 'f975f1f7-ad05-4d66-9905-d44c13cbd08b', 'test_144', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 144, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(145, '857f6e6d-e415-4850-a82b-59d557864910', 'test_145', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 145, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(146, '4e1c059c-1d06-4997-8bfa-5bd09fdb4571', 'test_146', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 146, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(147, 'f4a0bc7f-b279-4caf-b8d1-c86a3c106f62', 'test_147', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 147, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(148, '007bbb9d-55b1-4f5e-80a5-bbcb22073db4', 'test_148', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 148, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(149, 'a1d22bbf-9afe-49da-b75d-b58f825db351', 'test_149', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 149, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(150, '8c2351d5-5460-4b2d-b1bb-7b086130090e', 'test_150', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 150, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(151, 'e6651896-66f8-4f63-b44f-71710fdb947c', 'test_151', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 151, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(152, 'caf04a3c-8f35-40a3-99b6-48ba6a05d8b8', 'test_152', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 152, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(153, 'd501e485-a306-4c9d-9baf-cc75f2321cfd', 'test_153', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 153, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(154, '57466d38-cae8-48bf-ac67-2cfc0266b5b0', 'test_154', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 154, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(155, '4bd5f059-f014-4356-8083-9c1a77adb6fd', 'test_155', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 155, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(156, '69130f52-f251-46fd-99ee-d646938e5f3f', 'test_156', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 156, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(157, 'dedfb4f0-a545-44b3-abba-dd77103db894', 'test_157', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 157, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(158, 'b5d98a8b-3780-4ace-ace1-ac12829dc469', 'test_158', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 158, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(159, '17de2f08-37fe-469d-b7b1-0e9ea9c6d2d8', 'test_159', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 159, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(160, '313abc40-4c88-45df-89e7-bd7bbf97b0fd', 'test_160', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 160, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(161, 'c5d7fc06-16fc-4711-be37-27bbf2c2c07c', 'test_161', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 161, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(162, 'ca31bf4d-f5da-4fc4-ae36-fd3cc0d35d7f', 'test_162', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 162, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(163, 'dc98bb8e-4b91-4915-86fb-476c9503a936', 'test_163', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 163, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(164, '79dd006c-0e4c-4a79-8600-ef8a0ae5bc04', 'test_164', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 164, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(165, '05cdc1f7-7787-43d6-80c6-588277fefb9b', 'test_165', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 165, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(166, 'dcdeb139-71ab-44f5-a709-ab33fec49882', 'test_166', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 166, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(167, '35a98804-b05e-47b0-917b-d72a4d4a5240', 'test_167', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 167, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(168, '5e4d4351-82c7-438d-8f83-ee2b7ebe1fe3', 'test_168', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 168, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(169, 'e1a205e2-f202-402d-8542-4cfc529ef514', 'test_169', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 169, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(170, 'a2e6271e-5b30-42d1-a211-494b98832676', 'test_170', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 170, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(171, '68515954-75ea-4022-9581-4cb4d28c6d6d', 'test_171', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 171, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(172, '41663b84-06b5-4787-a49e-1f745ca1eab3', 'test_172', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 172, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(173, 'b257f456-bdae-4c58-8519-756abbda462a', 'test_173', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 173, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(174, 'd848b9cb-05e4-4dcf-b9b7-431d83c41810', 'test_174', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 174, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(175, 'b6859250-dcca-47ef-b013-f609468d2389', 'test_175', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 175, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(176, 'e18bc682-897b-4696-a5ef-eee37a52a3de', 'test_176', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 176, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(177, '6b00471d-f496-4335-8209-5a9e13d18b9e', 'test_177', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 177, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(178, '35664644-7b32-4503-86f4-76adbb57762c', 'test_178', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 178, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(179, '7890415f-6563-4f25-bdf3-a5f45159a1b1', 'test_179', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 179, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(180, 'a1edf880-e270-4dac-b69f-73e61c517397', 'test_180', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 180, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(181, '73520029-5901-4022-b9da-38ccd73fe799', 'test_181', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 181, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(182, 'de5825a3-c585-45b3-88a1-7e5e80686826', 'test_182', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 182, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(183, 'bb50b80a-f471-4f64-85fb-4e5051708a4a', 'test_183', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 183, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(184, 'b7aa98b9-30da-468c-8566-06a5b804c4b9', 'test_184', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 184, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(185, 'c230e253-f874-4365-8b0e-7ba5ebc1cc26', 'test_185', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 185, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(186, '7593dbbf-9286-460b-a234-32b560817f60', 'test_186', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 186, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(187, 'ee1e2ce5-da23-4576-84e3-ad7cf4e0ce26', 'test_187', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 187, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(188, 'bf1cc1be-f405-4282-b7be-9a4578670046', 'test_188', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 188, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(189, 'e5ed670a-f944-40f0-8c10-d41c3350ead5', 'test_189', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 189, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(190, '8370db5c-e196-451a-9f5f-9b99c570cf46', 'test_190', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 190, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(191, '81498342-d247-4a60-80de-2c4cb4b1a84d', 'test_191', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 191, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(192, '213f1b3c-516e-4a6f-9785-d8c85d32f83e', 'test_192', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 192, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(193, '08ba27e6-b1b5-4d9e-a64a-6b5bc538bf43', 'test_193', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 193, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(194, 'cf0cfa8e-377c-44a0-a6d1-a74ce1de08fb', 'test_194', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 194, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(195, '2ea66412-8dc2-4081-8d48-e3637ca82604', 'test_195', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 195, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(196, '4ed466eb-ee51-4433-9d0f-3a56216698a2', 'test_196', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 196, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(197, 'cc03fc51-097d-43d6-bb6c-a0df72ec4838', 'test_197', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 197, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(198, '11844e66-8146-4263-aaa6-1fde7e5cfc58', 'test_198', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 198, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(199, 'b5a954c6-69a9-473c-a4c4-83c4f7a88c1c', 'test_199', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 199, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(200, '167e359e-7833-4ce2-9f8b-f035cee39505', 'test_200', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 200, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(201, '5afb5430-a023-4a50-aa92-b134a0fb68b3', 'test_201', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 201, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(202, 'de17b155-307c-4f9b-81f3-7f8b73d2526a', 'test_202', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 202, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(203, 'c966145b-ac05-4a2c-874d-f7b585d1d03b', 'test_203', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 203, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(204, '1d88ea5a-ab5f-40b1-bd48-f18f86eef5d9', 'test_204', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 204, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(205, '6cb0be93-7829-4bfc-ba4a-4d2cdff45447', 'test_205', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 205, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(206, 'e31a2ca7-fcaa-4b98-aac9-7e78f8605851', 'test_206', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 206, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(207, 'f26899b7-64e0-4c16-9134-cef3774f1614', 'test_207', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 207, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(208, '606cf6ab-6b5e-45d1-83b8-e535b197d2f0', 'test_208', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 208, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(209, '617bfc4e-17b1-4ca7-b736-58a74c267747', 'test_209', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 209, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(210, 'e5c26b7a-17bd-47ce-aac8-1430c57b8152', 'test_210', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 210, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(211, '7747bff5-b1e5-49b9-9a87-f93a5b790df0', 'test_211', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 211, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(212, 'c6e5b631-1e91-4ecd-8358-214eec07a91d', 'test_212', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 212, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(213, 'a874c7bd-97ac-4f48-bda5-7d3305d9067d', 'test_213', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 213, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(214, 'c7938cc2-8032-424b-8f49-85558f95364b', 'test_214', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 214, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(215, '46017ce9-d4dd-4ddc-8b73-d596e23d25ad', 'test_215', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 215, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(216, 'd5e66fd2-232e-476d-8de0-2bc1eb59630d', 'test_216', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 216, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(217, '097dc614-bc56-4f5f-a190-3ca1716a6400', 'test_217', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 217, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(218, 'a3b97132-067f-4839-9b99-830a7fb659d4', 'test_218', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 218, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(219, '8d35557f-7451-4c54-bb17-9c3d204c48d3', 'test_219', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 219, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(220, 'a6fba1ff-a5d7-4907-8cd4-1caa27cad85d', 'test_220', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 220, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(221, '427feb36-4401-4971-83de-f93672c028aa', 'test_221', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 221, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(222, '66541083-b1ab-4966-9f8b-8a1109fce0e0', 'test_222', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 222, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(223, '9939c37c-a9b9-43b7-9a4b-aacc470d47c4', 'test_223', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 223, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(224, '754379a0-bdc2-4a2d-9828-9480926b30ad', 'test_224', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 224, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(225, '18c870a1-9e2c-48fb-8a52-259e55e2052e', 'test_225', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 225, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(226, '02df9a97-b44c-4c46-ab3a-c11010d45e18', 'test_226', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 226, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(227, '20f609f7-c128-46b5-abeb-d16d46aab9ad', 'test_227', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 227, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(228, '75067ca5-872c-4149-85ad-f6685f14efc0', 'test_228', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 228, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(229, 'b8639303-d15f-4c81-b9d2-2863f53737c3', 'test_229', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 229, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(230, 'a0c4d9ea-7659-4009-ac7c-a3f089def76d', 'test_230', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 230, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(231, 'd3605113-fb9a-4640-b6fe-9931594eba6c', 'test_231', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 231, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(232, 'bf59d2cc-dd79-4ad6-9637-b04098768600', 'test_232', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 232, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(233, '304d5f24-274e-4fd6-aca4-97b761d1bd0c', 'test_233', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 233, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(234, '0d9491c3-c28b-4c11-8e28-14d93e612e35', 'test_234', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 234, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(235, 'f73a809f-78a6-4214-8060-d6037fe391aa', 'test_235', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 235, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(236, '11cc494a-86a4-44d2-b5fd-06438f95d6a4', 'test_236', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 236, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(237, '55b2e8cc-aaa4-4a8b-8a83-f732188cfab2', 'test_237', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 237, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(238, 'ebe14f0a-7bf7-4614-83c8-1e2da963139a', 'test_238', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 238, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(239, '3e83b092-95a1-4ee4-ac1f-e9df2f3954ad', 'test_239', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 239, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(240, '7304efcc-7974-453e-b2db-fdcc848f8a24', 'test_240', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 240, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(241, '6b0b51e8-f058-42a6-a9ed-3b6ebde935d8', 'test_241', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 241, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(242, 'c10f6de1-a64d-4f8f-bd0a-47bcd72ab8f7', 'test_242', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 242, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(243, '5537408c-41c6-4ee5-8f59-ca70fcdbd0ae', 'test_243', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 243, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(244, '0a920520-e271-42a6-8dc1-89f090023c89', 'test_244', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 244, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(245, 'a5120b27-cdd5-4209-b3da-bdf4b53db140', 'test_245', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 245, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(246, 'cd0f900a-dab8-4a49-805d-97e57cb5ad4c', 'test_246', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 246, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(247, '53b8b68c-0a11-411a-9b4d-01d58c9c0ff0', 'test_247', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 247, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(248, '57114ddf-7bb8-4e68-952a-faa83bf276bf', 'test_248', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 248, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(249, 'fa04c6fe-1bf0-489e-b0df-9fa4756bb90b', 'test_249', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 249, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(250, '5bf5b365-962e-4f6d-9576-94d5ac66cc3c', 'test_250', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 250, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(251, 'eca96575-798c-4919-ba93-4f0eca487490', 'test_251', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 251, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(252, 'd4e52ad1-ac1c-4f68-8d97-6858c8534f84', 'test_252', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 252, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(253, '74f88528-b57b-4482-a417-e7e8cf5ccd87', 'test_253', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 253, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(254, 'f1b969bd-2e43-4981-80d1-baeba6afd456', 'test_254', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 254, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(255, '11f5bcd3-096b-4b0f-8f1b-fa9292e3f5f3', 'test_255', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 255, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(256, 'b937e637-c00b-48de-8dd4-fae260cd9fb9', 'test_256', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 256, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(257, '49886ca5-c9a8-4c1f-9ef0-4784495e943c', 'test_257', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 257, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(258, '5cf6bbba-f2bf-4704-b288-36edb49a3c7a', 'test_258', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 258, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(259, '0a246675-78f2-47d3-a716-f9b85de0e885', 'test_259', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 259, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(260, 'b1e2509b-e9e4-40f8-b5c3-4e230e675ca8', 'test_260', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 260, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(261, 'c423ca4a-54b4-40f3-859d-d39f7d4cf266', 'test_261', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 261, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(262, '1452d005-8038-4092-ba0d-bd690dfdb2e2', 'test_262', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 262, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(263, 'f39a1721-6aeb-4f1e-90be-f54684ece8f0', 'test_263', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 263, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(264, 'ec2b02db-6eb2-4b9e-aa3b-ef53b6daf005', 'test_264', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 264, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(265, 'a6809581-e7b7-4d70-bfdd-c1f302322ee3', 'test_265', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 265, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(266, '794e2ba9-518d-4494-8ef0-01669807e10a', 'test_266', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 266, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(267, 'c258f48e-7f30-4c16-bd2d-6eed81529157', 'test_267', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 267, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(268, 'b7501b84-3a14-44d7-97da-271c416cbd16', 'test_268', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 268, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(269, '88b529d5-7804-4c4d-9f35-aa7dd1df0a37', 'test_269', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 269, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(270, '0c1b65d3-dee3-4429-864f-115fbbc6a2f4', 'test_270', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 270, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(271, '01667b0f-b397-47c1-8cdb-adb3ea7cba06', 'test_271', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 271, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(272, 'c8909fda-0453-4f74-a683-bd613fdc70c5', 'test_272', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 272, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(273, '796b8703-6f42-433f-b9e6-b115b4df25b0', 'test_273', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 273, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(274, 'de8f11f6-7298-4633-ad38-cc94e03314fd', 'test_274', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 274, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(275, 'e097f4e6-9c2d-4f35-912e-bd37f5cdec00', 'test_275', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 275, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(276, '3e0dab1e-c41f-4c0d-b2e3-d056ba6a3c60', 'test_276', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 276, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(277, 'b24cb998-40b7-471c-b55a-48b58b98b2e5', 'test_277', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 277, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(278, 'ab2113f4-56a2-4d1d-83a6-a54a763e371e', 'test_278', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 278, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(279, '2a2beb83-ccbf-413f-ade2-2fd2f79e5f49', 'test_279', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 279, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(280, 'ac53405d-8813-4cf7-ac12-fad7629d5602', 'test_280', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 280, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(281, 'b6c7b0e1-38b5-4e00-a22d-45c03d5fdeac', 'test_281', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 281, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(282, '8e41ff90-42f5-4736-89a6-24246917555c', 'test_282', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 282, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(283, '2b46023a-316f-41ae-955e-01185d67d7a5', 'test_283', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 283, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(284, '74c72c06-391e-4c72-92e7-92a5b75ac2da', 'test_284', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 284, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(285, '3e1246c2-96f9-4937-be0c-eb187822c3c7', 'test_285', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 285, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(286, '7f0e0193-b743-4394-b3e5-86e01813c094', 'test_286', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 286, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(287, '886cd06c-c30a-48df-b793-be4bfa2c1eb9', 'test_287', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 287, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(288, 'cb7cf6cd-bd2e-4956-be86-5d5935417098', 'test_288', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 288, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(289, 'd2e92f17-c26b-44dd-9c60-ca69b0f55b6d', 'test_289', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 289, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(290, 'ea3a53a1-b451-4d7b-9b9f-2b6790de314d', 'test_290', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 290, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(291, '723f2b0d-3473-445c-a6f2-9c8bb12b6019', 'test_291', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 291, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(292, '8f04e723-bb30-4952-a8f5-214845e525dc', 'test_292', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 292, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(293, '56e1991e-47e1-4136-9bd0-cd94fa40b3c8', 'test_293', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 293, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(294, 'b5ef5b82-483e-4331-ba84-78ece1f72602', 'test_294', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 294, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(295, '8238ae4e-5f13-42a3-9d6c-ea60f0ee64a1', 'test_295', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 295, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(296, '800a6a1d-1f63-4052-a14a-fcb56ab7e98b', 'test_296', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 296, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(297, '2eb884c0-8953-434d-898f-a162ffd44102', 'test_297', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 297, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(298, '06363941-bac6-4cc1-b56f-82d9d64d7c12', 'test_298', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 298, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(299, 'd8468131-79a2-4003-bf0a-e034a3455af9', 'test_299', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 299, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(300, 'e8e5f9d3-4473-46d9-b893-a195d5ccc6b4', 'test_300', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 300, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(301, '57db1144-49b7-4930-a214-9bba56c0eab6', 'test_301', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 301, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(302, '668a6ec5-142f-467d-891a-57fe10faf4bb', 'test_302', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 302, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(303, '9bcd9772-6c90-4c14-8ff4-16fa54744c87', 'test_303', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 303, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(304, '6c37ac4e-5213-4d60-8070-fadf3fa3ca38', 'test_304', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 304, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(305, 'fb5d7ea0-249f-4a0e-97aa-caa015d148e4', 'test_305', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 305, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(306, '26035205-595c-433a-8aba-4e0d6ce103a3', 'test_306', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 306, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(307, '1e4a6346-9da9-417c-bfbf-1a3cded61e12', 'test_307', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 307, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(308, '3af98cba-0cd4-4ea1-bcdc-c4c91672f038', 'test_308', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 308, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(309, 'a073f7ce-dfdc-424c-b4d0-bec7acaae445', 'test_309', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 309, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(310, '6524988e-5916-4410-a740-58d1e57d3f93', 'test_310', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 310, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(311, '58a190c4-789e-4c97-9fbb-245d3a58c8fe', 'test_311', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 311, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(312, '3244773f-b74b-461d-bf9a-916a05980c99', 'test_312', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 312, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(313, 'aaed5fa8-6555-43d2-adf4-c672008f8c92', 'test_313', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 313, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(314, 'f32415ac-f0fb-4815-bbef-27ba6115a1cc', 'test_314', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 314, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(315, '2030b697-b729-40c4-91b1-592e19fd4e73', 'test_315', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 315, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(316, 'ee47b98e-ebd5-44ae-8c9a-cbec609415b0', 'test_316', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 316, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(317, 'a47459c2-a709-4601-9151-cb57ae13bc8c', 'test_317', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 317, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(318, '5e274495-2c02-4f75-9ce2-c730e2686be9', 'test_318', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 318, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(319, 'f5f04ca8-f693-4758-9aa6-9a3c55938937', 'test_319', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 319, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(320, '5f876faf-2ad7-41f3-906d-2edd9fd2907d', 'test_320', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 320, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(321, '3d0665c6-db74-4d48-91cc-ebe39bbae605', 'test_321', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 321, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(322, '86c19bce-cb25-47a4-8aba-29c8ad4fc87d', 'test_322', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 322, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(323, 'efa06619-2301-4cb4-b9fa-6e9bddef94d7', 'test_323', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 323, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(324, '3cfc5976-aa7f-4281-8b43-6ea6eee1ac80', 'test_324', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 324, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(325, '19a56d56-1f57-45e6-9c2e-466a17d8c7ba', 'test_325', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 325, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(326, '026a45cf-cbeb-4ea9-8d20-21efbe206bad', 'test_326', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 326, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(327, '48312cae-f61d-4f87-9b20-a957d1e919ce', 'test_327', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 327, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(328, 'e06abc58-f451-4e9e-ac4f-51d5e9d424a6', 'test_328', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 328, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(329, '10b58273-4b30-4caf-954c-a1873ca4d6b5', 'test_329', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 329, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(330, '008892b7-6479-4e68-adf2-39e7ac29e66e', 'test_330', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 330, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(331, '7f864422-153c-4681-8c9e-4e942dce9548', 'test_331', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 331, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(332, '67c5538e-0363-4650-a42e-ba25746b4239', 'test_332', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 332, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(333, '208210c1-1601-47ae-883f-cdb16e0f802b', 'test_333', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 333, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(334, 'bb08395a-a0f0-490d-9d23-6f2f76b41514', 'test_334', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 334, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(335, '050c1a8e-256d-41ab-bd3a-3abe54d01b32', 'test_335', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 335, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(336, 'cf016005-9207-4a2d-a8fe-91c278029a18', 'test_336', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 336, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(337, '950a5d40-e604-4f6c-82dd-2b60a578d9aa', 'test_337', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 337, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(338, '3e00662d-6917-4759-b9a9-be8eda02f63b', 'test_338', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 338, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(339, 'bb339af3-2038-4f17-b489-46d4b7542cb6', 'test_339', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 339, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(340, '3927f6d5-5d90-4192-b84c-cebda90c0b0a', 'test_340', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 340, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(341, 'e6b29f71-bb4a-420b-8442-1f7639109465', 'test_341', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 341, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(342, 'ff7909b6-a90c-43c7-96fc-c375d439e373', 'test_342', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 342, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(343, '6f9902ca-7674-4f2f-b2e1-aeb3701bae14', 'test_343', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 343, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(344, '36d75eda-7573-474a-8aeb-f8555464154f', 'test_344', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 344, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(345, 'd3c489ae-3f03-48fe-9248-927a8bb3297f', 'test_345', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 345, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(346, '18764a4e-8b01-478e-80b3-217cc37d49c7', 'test_346', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 346, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false),
+(347, '00075d1c-f486-41a0-98f8-06f0354b8416', 'test_347', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 347, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false);
 
 INSERT into iam_account_authority(account_id, authority_id) VALUES
 (100,2),
diff --git a/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql b/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql
index f23ae847e..a0f6b589f 100644
--- a/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql
+++ b/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql
@@ -25,8 +25,8 @@ INSERT INTO client_grant_type (owner_id, grant_type) VALUES
 INSERT INTO iam_user_info(ID,GIVENNAME,FAMILYNAME, EMAIL, EMAILVERIFIED, BIRTHDATE, GENDER) VALUES
 (2, 'Test', 'User', 'test@iam.test', true, '1950-01-01','M');
 
-INSERT INTO iam_account(id, uuid, username, password, user_info_id, creationtime, lastupdatetime, active) VALUES
-(2, '80e5fb8d-b7c8-451a-89ba-346ae278a66f', 'test', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 2, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true);
+INSERT INTO iam_account(id, uuid, username, password, user_info_id, creationtime, lastupdatetime, active, service_account) VALUES
+(2, '80e5fb8d-b7c8-451a-89ba-346ae278a66f', 'test', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 2, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true, false);
 
 INSERT INTO iam_oidc_id(issuer, subject, account_id) VALUES
 ('https://accounts.google.com', '105440632287425289613', 2),

From fdfbac221e9e8ee8f96fa4670e4006b40c4603ee Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Thu, 25 Jul 2024 13:40:05 +0100
Subject: [PATCH 03/30] Fix typo and set service_account default to false

---
 .../user/service-account/user.service.account.component.js     | 2 +-
 .../resources/db/migration/h2/V106__add_service_account.sql    | 2 +-
 .../resources/db/migration/mysql/V106__add_service_account.sql | 3 +++
 3 files changed, 5 insertions(+), 2 deletions(-)
 create mode 100644 iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql

diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js
index dc67ca6cc..614fae139 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js
@@ -79,7 +79,7 @@
           actionButtonText: 'Set as service account',
           headerText: 'Set ' + self.user.name.formatted + ' as service account',
           bodyText:
-              `Are you sure you want set user '${self.user.name.formatted}' as service account?`
+              `Are you sure you want to set user '${self.user.name.formatted}' as service account?`
         };
         updateServiceAccountStatusFunc = self.setServiceAccountStatus;
       }
diff --git a/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql b/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql
index 8b5e2203e..b768ab033 100644
--- a/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql
+++ b/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql
@@ -1,3 +1,3 @@
-ALTER TABLE iam_account ADD COLUMN service_account boolean;
+ALTER TABLE iam_account ADD COLUMN service_account BOOLEAN DEFAULT false;
 
 UPDATE iam_account SET service_account = false;
\ No newline at end of file
diff --git a/iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql b/iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql
new file mode 100644
index 000000000..b768ab033
--- /dev/null
+++ b/iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql
@@ -0,0 +1,3 @@
+ALTER TABLE iam_account ADD COLUMN service_account BOOLEAN DEFAULT false;
+
+UPDATE iam_account SET service_account = false;
\ No newline at end of file

From 06cdacc6eea2c77773fb27a8571cd91587b65ebf Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Thu, 25 Jul 2024 14:38:20 +0100
Subject: [PATCH 04/30] Test ServiceAccountReplacer works

---
 .../iam/test/scim/updater/AccountUpdatersTests.java   | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/scim/updater/AccountUpdatersTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/scim/updater/AccountUpdatersTests.java
index 54592d26e..ee0bc4f59 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/scim/updater/AccountUpdatersTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/scim/updater/AccountUpdatersTests.java
@@ -878,4 +878,15 @@ public void testPictureRemoverWorks() {
     assertThat(u.update(), is(true));
     assertThat(u.update(), is(false));
   }
+
+  @Test
+  public void testServiceAccountReplacerWorks() {
+
+    account.setServiceAccount(false);
+    accountRepo.save(account);
+
+    Updater u = accountReplacers().serviceAccount(true);
+    assertThat(u.update(), is(true));
+    assertThat(u.update(), is(false));
+  }
 }

From d6efb952df3cf43e3135e50a1b8c5c21d5a346a5 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Mon, 29 Jul 2024 15:39:29 +0100
Subject: [PATCH 05/30] Test ServiceAccountReplacedEvent is called

---
 .../scim/updater/AccountUpdatersTests.java    | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/scim/updater/AccountUpdatersTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/scim/updater/AccountUpdatersTests.java
index ee0bc4f59..865d4d8a5 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/scim/updater/AccountUpdatersTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/scim/updater/AccountUpdatersTests.java
@@ -23,6 +23,9 @@
 import static org.hamcrest.Matchers.hasItems;
 import static org.hamcrest.Matchers.hasSize;
 import static org.hamcrest.Matchers.is;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
 
 import java.time.Instant;
 import java.util.Date;
@@ -32,7 +35,9 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mitre.oauth2.service.OAuth2TokenEntityService;
+import org.mockito.Mock;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.test.context.junit4.SpringRunner;
 
@@ -45,6 +50,7 @@
 import it.infn.mw.iam.api.scim.updater.builders.Removers;
 import it.infn.mw.iam.api.scim.updater.builders.Replacers;
 import it.infn.mw.iam.api.scim.updater.util.CollectionHelpers;
+import it.infn.mw.iam.audit.events.account.ServiceAccountReplacedEvent;
 import it.infn.mw.iam.authn.saml.util.Saml2Attribute;
 import it.infn.mw.iam.core.user.IamAccountService;
 import it.infn.mw.iam.persistence.model.IamAccount;
@@ -107,6 +113,9 @@ public class AccountUpdatersTests extends X509TestSupport {
   @Autowired
   private UsernameValidator usernameValidator;
 
+  @Mock
+  private ApplicationEventPublisher publisher;
+
   private IamAccount account;
   private IamAccount other;
 
@@ -889,4 +898,17 @@ public void testServiceAccountReplacerWorks() {
     assertThat(u.update(), is(true));
     assertThat(u.update(), is(false));
   }
+
+  @Test
+  public void testPublishEventIsCalledWithServiceAccountReplacedEvent() {
+
+    account.setServiceAccount(false);
+    accountRepo.save(account);
+
+    Updater u = accountReplacers().serviceAccount(true);
+    assertThat(u.update(), is(true));
+    
+    u.publishUpdateEvent(this, publisher);
+    verify(publisher, times(1)).publishEvent(any(ServiceAccountReplacedEvent.class));
+  }
 }

From fff9c98a0c0c1a99e63af0dbf52b58cfa6d01e7b Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Tue, 6 Aug 2024 15:58:42 +0100
Subject: [PATCH 06/30] Throw error on AUP update for service account

---
 .../iam/api/aup/AupSignatureController.java   |  3 +-
 .../dashboard-app/services/aup.service.js     |  8 ++++
 .../IamAupSignatureRepositoryTests.java       | 37 +++++++++++++++++++
 .../IamAupSignatureRepositoryImpl.java        |  9 ++++-
 .../IamAupSignatureUpdateError.java           | 30 +++++++++++++++
 5 files changed, 84 insertions(+), 3 deletions(-)
 create mode 100644 iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java
index c2c24cb48..89b7c2412 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java
@@ -57,6 +57,7 @@
 import it.infn.mw.iam.persistence.model.IamAupSignature;
 import it.infn.mw.iam.persistence.repository.IamAupRepository;
 import it.infn.mw.iam.persistence.repository.IamAupSignatureRepository;
+import it.infn.mw.iam.persistence.repository.IamAupSignatureUpdateError;
 
 @SuppressWarnings("deprecation")
 @RestController
@@ -146,7 +147,7 @@ public AupSignatureDTO getSignatureForAccount(@PathVariable String accountId)
   @PreAuthorize("#iam.hasScope('iam:admin.write') or #iam.hasDashboardRole('ROLE_ADMIN')")
   public AupSignatureDTO updateSignatureForAccount(@PathVariable String accountId,
       @RequestBody(required = false) @Validated AupSignaturePatchRequestDTO dto,
-      Authentication authentication) throws AccountNotFoundException {
+      Authentication authentication) throws AccountNotFoundException, IamAupSignatureUpdateError {
 
     Optional<IamAccount> updaterAccount = accountUtils.getAuthenticatedUserAccount();
 
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/aup.service.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/aup.service.js
index 8f34d87d3..8b667ec77 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/aup.service.js
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/aup.service.js
@@ -100,6 +100,10 @@
                     console.info("Account not found");
                     return null;
                 }
+                if (res.status == 405) {
+                    console.info("AUP operation not allowed for service account");
+                    return null;
+                }
                 return $q.reject(res);
             });
         }
@@ -110,6 +114,10 @@
                     console.info("Account not found");
                     return null;
                 }
+                if (res.status == 405) {
+                    console.info("AUP operation not allowed for service account");
+                    return null;
+                }
                 return $q.reject(res);
             });
         }
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamAupSignatureRepositoryTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamAupSignatureRepositoryTests.java
index f8d932c63..14a191215 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamAupSignatureRepositoryTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamAupSignatureRepositoryTests.java
@@ -17,6 +17,8 @@
 
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.equalTo;
+import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 
 import java.util.Date;
 
@@ -31,6 +33,7 @@
 import it.infn.mw.iam.persistence.repository.IamAccountRepository;
 import it.infn.mw.iam.persistence.repository.IamAupRepository;
 import it.infn.mw.iam.persistence.repository.IamAupSignatureRepository;
+import it.infn.mw.iam.persistence.repository.IamAupSignatureUpdateError;
 import it.infn.mw.iam.test.api.aup.AupTestSupport;
 import it.infn.mw.iam.test.util.annotation.IamNoMvcTest;
 
@@ -111,4 +114,38 @@ public void signatureUpdateUpdatesSignatureTime() throws InterruptedException {
     assertThat(sig.getSignatureTime(), equalTo(updateTime));
   }
 
+  @Test
+  public void testServiceAccountThrowsExceptionOnAUPSignatureCreation() {
+    IamAup aup = buildDefaultAup();
+    aupRepo.save(aup);
+    IamAccount testAccount = findTestAccount();
+    testAccount.setServiceAccount(true);
+
+    Exception exception = assertThrows(IamAupSignatureUpdateError.class,
+        () -> repo.createSignatureForAccount(aup, testAccount, new Date()));
+
+    String expectedMessage = "As user 'test' is a service account, AUP signature operation not allowed";
+    String actualMessage = exception.getMessage();
+
+    assertTrue(actualMessage.contains(expectedMessage));
+  }
+
+  
+  @Test
+  public void testServiceAccountThrowsExceptionOnDeleteSignatureForAccount() {
+    IamAup aup = buildDefaultAup();
+    aupRepo.save(aup);
+    IamAccount testAccount = findTestAccount();
+    repo.createSignatureForAccount(aup, testAccount, new Date());
+    testAccount.setServiceAccount(true);
+
+    Exception exception = assertThrows(IamAupSignatureUpdateError.class,
+        () -> repo.deleteSignatureForAccount(aup, testAccount));
+
+    String expectedMessage = "As user 'test' is a service account, AUP signature operation not allowed";
+    String actualMessage = exception.getMessage();
+
+    assertTrue(actualMessage.contains(expectedMessage));
+  }
+
 }
diff --git a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureRepositoryImpl.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureRepositoryImpl.java
index 34cc8b417..b59269103 100644
--- a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureRepositoryImpl.java
+++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureRepositoryImpl.java
@@ -68,7 +68,9 @@ private void deleteSignature(IamAccount account) {
   @Override
   public IamAupSignature createSignatureForAccount(IamAup aup, IamAccount account,
       Date currentTime) {
-
+    if (account.isServiceAccount()) {
+      throw new IamAupSignatureUpdateError(account, "As user '%s' is a service account, AUP signature operation not allowed");
+    }
     Optional<IamAupSignature> signature = signatureRepo.findByAupAndAccount(aup, account);
 
     if (signature.isEmpty()) {
@@ -79,7 +81,10 @@ public IamAupSignature createSignatureForAccount(IamAup aup, IamAccount account,
 
   @Override
   public void deleteSignatureForAccount(IamAup aup, IamAccount account) {
-
+    if (account.isServiceAccount()) {
+      throw new IamAupSignatureUpdateError(account, "As user '%s' is a service account, AUP signature operation not allowed");
+    }
+    
     if (signatureRepo.findByAupAndAccount(aup, account).isPresent()) {
       deleteSignature(account);
       return;
diff --git a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java
new file mode 100644
index 000000000..ea954e91e
--- /dev/null
+++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java
@@ -0,0 +1,30 @@
+/**
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package it.infn.mw.iam.persistence.repository;
+
+import it.infn.mw.iam.persistence.model.IamAccount;
+
+public class IamAupSignatureUpdateError extends RuntimeException {
+
+  /**
+   * 
+   */
+  private static final long serialVersionUID = 1L;
+
+  public IamAupSignatureUpdateError(IamAccount account, String message) {
+    super(String.format(message, account.getUsername()));
+  }
+}

From 7334fd46d7854025f6e560842e3cc13dc8287d68 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Tue, 6 Aug 2024 16:00:25 +0100
Subject: [PATCH 07/30] Send email notification on service account status
 change

---
 .../provisioning/ScimUserProvisioning.java    |  7 ++++
 .../iam/notification/NotificationFactory.java |  4 ++
 .../TransientNotificationFactory.java         | 38 +++++++++++++++++++
 .../accountRevokeServiceAccount.ftl           |  5 +++
 .../accountSetAsServiceAccount.ftl            |  5 +++
 5 files changed, 59 insertions(+)
 create mode 100644 iam-login-service/src/main/resources/email-templates/accountRevokeServiceAccount.ftl
 create mode 100644 iam-login-service/src/main/resources/email-templates/accountSetAsServiceAccount.ftl

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/provisioning/ScimUserProvisioning.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/provisioning/ScimUserProvisioning.java
index 3726514b6..ad3075952 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/provisioning/ScimUserProvisioning.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/provisioning/ScimUserProvisioning.java
@@ -285,6 +285,13 @@ private void handleSpecificUpdateType(IamAccount account, AccountUpdater u) {
         notificationFactory.createAccountSuspendedMessage(account);
       }
     }
+    if (ACCOUNT_REPLACE_SERVICE_ACCOUNT.equals(u.getType())) {
+      if (account.isServiceAccount()) {
+        notificationFactory.createSetAsServiceAccountMessage(account);
+      } else {
+        notificationFactory.createRevokeServiceAccountMessage(account);
+      }
+    }
   }
 
   @Override
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/notification/NotificationFactory.java b/iam-login-service/src/main/java/it/infn/mw/iam/notification/NotificationFactory.java
index a16359b05..8e41f28b9 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/notification/NotificationFactory.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/notification/NotificationFactory.java
@@ -57,4 +57,8 @@ IamEmailNotification createClientStatusChangedMessageFor(ClientDetailsEntity cli
   IamEmailNotification createAccountSuspendedMessage(IamAccount account);
 
   IamEmailNotification createAccountRestoredMessage(IamAccount account);
+
+  IamEmailNotification createSetAsServiceAccountMessage(IamAccount account);
+
+  IamEmailNotification createRevokeServiceAccountMessage(IamAccount account);
 }
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/notification/TransientNotificationFactory.java b/iam-login-service/src/main/java/it/infn/mw/iam/notification/TransientNotificationFactory.java
index 77ab7c021..2da5143f9 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/notification/TransientNotificationFactory.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/notification/TransientNotificationFactory.java
@@ -406,6 +406,44 @@ public IamEmailNotification createAccountRestoredMessage(IamAccount account) {
 
   }
 
+  @Override
+  public IamEmailNotification createSetAsServiceAccountMessage(IamAccount account) {
+    String recipient = account.getUserInfo().getName();
+
+    Map<String, Object> model = new HashMap<>();
+    model.put(RECIPIENT_FIELD, recipient);
+    model.put(ORGANISATION_NAME, organisationName);
+
+    String subject = "Account set as service account";
+
+    IamEmailNotification notification = createMessage("accountSetAsServiceAccount.ftl", model,
+        IamNotificationType.ACCOUNT_RESTORED, subject, asList(account.getUserInfo().getEmail()));
+
+    LOG.debug("Created set as service account message for the account {}", account.getUuid());
+
+    return notification;
+
+  }
+
+  @Override
+  public IamEmailNotification createRevokeServiceAccountMessage(IamAccount account) {
+    String recipient = account.getUserInfo().getName();
+
+    Map<String, Object> model = new HashMap<>();
+    model.put(RECIPIENT_FIELD, recipient);
+    model.put(ORGANISATION_NAME, organisationName);
+
+    String subject = "Account's service account status revoked";
+
+    IamEmailNotification notification = createMessage("accountRevokeServiceAccount.ftl", model,
+        IamNotificationType.ACCOUNT_RESTORED, subject, asList(account.getUserInfo().getEmail()));
+
+    LOG.debug("Created service account revoke message for the account {}", account.getUuid());
+
+    return notification;
+
+  }
+
   protected IamEmailNotification createMessage(String templateName, Map<String, Object> model,
       IamNotificationType messageType, String subject, List<String> receiverAddress) {
 
diff --git a/iam-login-service/src/main/resources/email-templates/accountRevokeServiceAccount.ftl b/iam-login-service/src/main/resources/email-templates/accountRevokeServiceAccount.ftl
new file mode 100644
index 000000000..ff6d99944
--- /dev/null
+++ b/iam-login-service/src/main/resources/email-templates/accountRevokeServiceAccount.ftl
@@ -0,0 +1,5 @@
+Dear ${recipient},
+
+This mail is to inform that your account in ${organisationName} is no longer a service account.
+
+The ${organisationName} registration service
diff --git a/iam-login-service/src/main/resources/email-templates/accountSetAsServiceAccount.ftl b/iam-login-service/src/main/resources/email-templates/accountSetAsServiceAccount.ftl
new file mode 100644
index 000000000..a3e14bdd8
--- /dev/null
+++ b/iam-login-service/src/main/resources/email-templates/accountSetAsServiceAccount.ftl
@@ -0,0 +1,5 @@
+Dear ${recipient},
+
+This mail is to inform that your account in ${organisationName} has been set as service account.
+
+The ${organisationName} registration service

From 3ccbe001972e850699a6c1ddebd26f2dc3d7c32f Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Thu, 8 Aug 2024 12:22:25 +0100
Subject: [PATCH 08/30] Test email notification on service account status
 change

---
 .../TransientNotificationFactory.java         |   4 +-
 .../controller/ScimUserControllerTest.java    | 129 ++++++++++++++++++
 .../infn/mw/iam/core/IamNotificationType.java |   3 +-
 3 files changed, 133 insertions(+), 3 deletions(-)
 create mode 100644 iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/notification/TransientNotificationFactory.java b/iam-login-service/src/main/java/it/infn/mw/iam/notification/TransientNotificationFactory.java
index 2da5143f9..64a9d8ef6 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/notification/TransientNotificationFactory.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/notification/TransientNotificationFactory.java
@@ -417,7 +417,7 @@ public IamEmailNotification createSetAsServiceAccountMessage(IamAccount account)
     String subject = "Account set as service account";
 
     IamEmailNotification notification = createMessage("accountSetAsServiceAccount.ftl", model,
-        IamNotificationType.ACCOUNT_RESTORED, subject, asList(account.getUserInfo().getEmail()));
+        IamNotificationType.SET_SERVICE_ACCOUNT, subject, asList(account.getUserInfo().getEmail()));
 
     LOG.debug("Created set as service account message for the account {}", account.getUuid());
 
@@ -436,7 +436,7 @@ public IamEmailNotification createRevokeServiceAccountMessage(IamAccount account
     String subject = "Account's service account status revoked";
 
     IamEmailNotification notification = createMessage("accountRevokeServiceAccount.ftl", model,
-        IamNotificationType.ACCOUNT_RESTORED, subject, asList(account.getUserInfo().getEmail()));
+        IamNotificationType.REVOKE_SERVICE_ACCOUNT, subject, asList(account.getUserInfo().getEmail()));
 
     LOG.debug("Created service account revoke message for the account {}", account.getUuid());
 
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
new file mode 100644
index 000000000..540ec0805
--- /dev/null
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
@@ -0,0 +1,129 @@
+/**
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package it.infn.mw.iam.test.api.scim.controller;
+
+import static org.hamcrest.Matchers.equalTo;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import java.util.List;
+
+import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.web.context.WebApplicationContext;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import it.infn.mw.iam.test.util.WithAnonymousUser;
+import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest;
+import it.infn.mw.iam.test.util.oauth.MockOAuth2Filter;
+import it.infn.mw.iam.api.scim.model.ScimUser;
+import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
+import it.infn.mw.iam.core.IamNotificationType;
+import it.infn.mw.iam.api.scim.model.ScimConstants;
+import it.infn.mw.iam.persistence.model.IamAccount;
+import it.infn.mw.iam.persistence.model.IamEmailNotification;
+import it.infn.mw.iam.persistence.repository.IamAccountRepository;
+import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
+import it.infn.mw.iam.test.api.TestSupport;
+
+@RunWith(SpringRunner.class)
+@IamMockMvcIntegrationTest
+@WithAnonymousUser
+public class ScimUserControllerTest extends TestSupport implements ScimConstants {
+
+    @Autowired
+    private WebApplicationContext context;
+    @Autowired
+    private MockOAuth2Filter mockOAuth2Filter;
+    @Autowired
+    private IamAccountRepository iamAccountRepo;
+    @Autowired
+    private ObjectMapper mapper;
+    @Autowired
+    private IamEmailNotificationRepository notificationRepo;
+
+    private MockMvc mvc;
+
+    @Before
+    public void setup() {
+        mvc = MockMvcBuilders.webAppContextSetup(context).alwaysDo(log()).apply(springSecurity()).build();
+        mockOAuth2Filter.cleanupSecurityContext();
+    }
+
+    @After
+    public void cleanupOAuthUser() {
+        mockOAuth2Filter.cleanupSecurityContext();
+    }
+
+    @Test
+    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
+    public void testEmailSentForSettingServiceAccount() throws Exception {
+        IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
+                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+        ScimUser user = ScimUser.builder().serviceAccount(true).build();
+
+        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
+
+        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
+                .content(mapper.writeValueAsString(patchRequest))
+                .contentType(SCIM_CONTENT_TYPE))
+                .andExpect(NO_CONTENT);
+        List<IamEmailNotification> notifications = notificationRepo
+                .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
+
+        assertEquals(1, notifications.size());
+        assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
+    }
+
+    @Test
+    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
+    public void testEmailSentForRevokingServiceAccount() throws Exception {
+        IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
+                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+        testUser.setServiceAccount(true);
+        iamAccountRepo.save(testUser);
+
+        ScimUser user = ScimUser.builder().serviceAccount(false).build();
+
+        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
+
+        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
+                .content(mapper.writeValueAsString(patchRequest))
+                .contentType(SCIM_CONTENT_TYPE))
+                .andExpect(NO_CONTENT);
+        List<IamEmailNotification> notifications = notificationRepo
+                .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
+
+        assertEquals(1, notifications.size());
+        assertEquals("[indigo-dc IAM] Account's service account status revoked", notifications.get(0).getSubject());
+    }
+}
diff --git a/iam-persistence/src/main/java/it/infn/mw/iam/core/IamNotificationType.java b/iam-persistence/src/main/java/it/infn/mw/iam/core/IamNotificationType.java
index ba3c26c74..3bc1c2050 100644
--- a/iam-persistence/src/main/java/it/infn/mw/iam/core/IamNotificationType.java
+++ b/iam-persistence/src/main/java/it/infn/mw/iam/core/IamNotificationType.java
@@ -16,5 +16,6 @@
 package it.infn.mw.iam.core;
 
 public enum IamNotificationType {
-  CONFIRMATION, RESETPASSWD, ACTIVATED, REJECTED, GROUP_MEMBERSHIP, AUP_REMINDER, AUP_EXPIRATION, AUP_SIGNATURE_REQUEST, ACCOUNT_SUSPENDED, ACCOUNT_RESTORED, CLIENT_STATUS
+  CONFIRMATION, RESETPASSWD, ACTIVATED, REJECTED, GROUP_MEMBERSHIP, AUP_REMINDER, AUP_EXPIRATION, AUP_SIGNATURE_REQUEST, ACCOUNT_SUSPENDED, ACCOUNT_RESTORED, CLIENT_STATUS,
+  SET_SERVICE_ACCOUNT, REVOKE_SERVICE_ACCOUNT
 }

From d675aa9cbfdd088837c4830ae33aec75c925a9f8 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Mon, 12 Aug 2024 10:17:56 +0100
Subject: [PATCH 09/30] Test email notification on scim user provisioning
 method call

---
 .../factory/DefaultAccountUpdaterFactory.java |  1 -
 .../controller/ScimUserControllerTest.java    |  5 -
 .../ScimUserProvisioningTest.java             | 92 +++++++++++++++++++
 3 files changed, 92 insertions(+), 6 deletions(-)
 create mode 100644 iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
index 11ef7126c..41c6fedaa 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
@@ -139,7 +139,6 @@ private void prepareAdders(List<AccountUpdater> updaters, ScimUser user, IamAcco
     addUpdater(updaters, Objects::nonNull, user::getUserName, add::username);
     addUpdater(updaters, Objects::nonNull, user::getPassword, add::password);
     addUpdater(updaters, Objects::nonNull, user::getActive, add::active);
-    //addUpdater(updaters, Objects::nonNull, user::getServiceAccount, add::serviceAccount);
 
     if (user.hasEmails()) {
       addUpdater(updaters, Objects::nonNull, user.getEmails().get(0)::getValue, add::email);
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
index 540ec0805..e249936b8 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
@@ -16,18 +16,13 @@
 
 package it.infn.mw.iam.test.api.scim.controller;
 
-import static org.hamcrest.Matchers.equalTo;
 import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 import java.util.List;
 
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 
 import org.junit.After;
 import org.junit.Before;
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java
new file mode 100644
index 000000000..52a69c4c6
--- /dev/null
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java
@@ -0,0 +1,92 @@
+/**
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package it.infn.mw.iam.test.api.scim.provisioning;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import java.util.List;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import com.google.common.collect.Lists;
+
+import it.infn.mw.iam.IamLoginService;
+import it.infn.mw.iam.api.scim.model.ScimPatchOperation;
+import it.infn.mw.iam.api.scim.model.ScimUser;
+import it.infn.mw.iam.api.scim.provisioning.ScimUserProvisioning;
+import it.infn.mw.iam.core.IamNotificationType;
+import it.infn.mw.iam.persistence.model.IamAccount;
+import it.infn.mw.iam.persistence.model.IamEmailNotification;
+import it.infn.mw.iam.persistence.repository.IamAccountRepository;
+import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
+import it.infn.mw.iam.test.api.TestSupport;
+import it.infn.mw.iam.test.core.CoreControllerTestSupport;
+import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest;
+
+@RunWith(SpringRunner.class)
+@IamMockMvcIntegrationTest
+@SpringBootTest(classes = { IamLoginService.class,
+        CoreControllerTestSupport.class }, webEnvironment = WebEnvironment.MOCK)
+public class ScimUserProvisioningTest extends TestSupport {
+    @Autowired
+    private ScimUserProvisioning provider;
+    @Autowired
+    private IamAccountRepository iamAccountRepo;
+    @Autowired
+    private IamEmailNotificationRepository notificationRepo;
+
+    @Test
+    public void testEmailSentForSettingServiceAccount() throws Exception {
+        IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
+                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+        ScimUser user = ScimUser.builder().serviceAccount(true).build();
+
+        List<ScimPatchOperation<ScimUser>> operations = Lists.newArrayList();
+        operations.add(new ScimPatchOperation.Builder<ScimUser>().replace().value(user).build());
+        provider.update(testUser.getUuid(), operations);
+
+        List<IamEmailNotification> notifications = notificationRepo
+                .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
+
+        assertEquals(1, notifications.size());
+        assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
+    }
+
+    @Test
+    public void testEmailSentForRevokingServiceAccount() throws Exception {
+        IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
+                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+        testUser.setServiceAccount(true);
+        iamAccountRepo.save(testUser);
+        ScimUser user = ScimUser.builder().serviceAccount(false).build();
+
+        List<ScimPatchOperation<ScimUser>> operations = Lists.newArrayList();
+        operations.add(new ScimPatchOperation.Builder<ScimUser>().replace().value(user).build());
+        provider.update(testUser.getUuid(), operations);
+
+        List<IamEmailNotification> notifications = notificationRepo
+                .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
+
+        assertEquals(1, notifications.size());
+        assertEquals("[indigo-dc IAM] Account's service account status revoked", notifications.get(0).getSubject());
+    }
+
+}

From 38520388b0ba4fff3af8215b94f602fd80a03148 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Mon, 12 Aug 2024 10:38:31 +0100
Subject: [PATCH 10/30] Remove the declaration of thrown exception

---
 .../test/api/scim/provisioning/ScimUserProvisioningTest.java  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java
index 52a69c4c6..a2ce9d058 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java
@@ -54,7 +54,7 @@ public class ScimUserProvisioningTest extends TestSupport {
     private IamEmailNotificationRepository notificationRepo;
 
     @Test
-    public void testEmailSentForSettingServiceAccount() throws Exception {
+    public void testEmailSentForSettingServiceAccount() {
         IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
                 .orElseThrow(() -> new AssertionError("Expected test user not found"));
         ScimUser user = ScimUser.builder().serviceAccount(true).build();
@@ -71,7 +71,7 @@ public void testEmailSentForSettingServiceAccount() throws Exception {
     }
 
     @Test
-    public void testEmailSentForRevokingServiceAccount() throws Exception {
+    public void testEmailSentForRevokingServiceAccount() {
         IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
                 .orElseThrow(() -> new AssertionError("Expected test user not found"));
         testUser.setServiceAccount(true);

From e955b0c821d79d0ff85867acea77d3c9094447e8 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Mon, 12 Aug 2024 16:46:14 +0100
Subject: [PATCH 11/30] Unit test email notifications for service account
 operations

---
 .../ScimUserProvisioningUnitTest.java         | 108 ++++++++++++++++++
 1 file changed, 108 insertions(+)
 create mode 100644 iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java
new file mode 100644
index 000000000..a690a06aa
--- /dev/null
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java
@@ -0,0 +1,108 @@
+package it.infn.mw.iam.test.api.scim.provisioning;
+
+import static org.hamcrest.Matchers.anything;
+import static org.mockito.Mockito.doNothing;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.util.List;
+import java.util.Optional;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mitre.oauth2.service.OAuth2TokenEntityService;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
+import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import com.google.common.collect.Lists;
+
+import it.infn.mw.iam.api.scim.converter.OidcIdConverter;
+import it.infn.mw.iam.api.scim.converter.SamlIdConverter;
+import it.infn.mw.iam.api.scim.converter.SshKeyConverter;
+import it.infn.mw.iam.api.scim.converter.UserConverter;
+import it.infn.mw.iam.api.scim.converter.X509CertificateConverter;
+import it.infn.mw.iam.api.scim.model.ScimPatchOperation;
+import it.infn.mw.iam.api.scim.model.ScimUser;
+import it.infn.mw.iam.api.scim.provisioning.ScimUserProvisioning;
+import it.infn.mw.iam.core.user.IamAccountService;
+import it.infn.mw.iam.notification.NotificationFactory;
+import it.infn.mw.iam.persistence.model.IamAccount;
+import it.infn.mw.iam.persistence.repository.IamAccountRepository;
+import it.infn.mw.iam.registration.validation.UsernameValidator;
+import it.infn.mw.iam.test.api.TestSupport;
+
+@RunWith(MockitoJUnitRunner.class)
+public class ScimUserProvisioningUnitTest extends TestSupport {
+
+    @Mock
+    IamAccountService accountService;
+    @Mock
+    OAuth2TokenEntityService tokenService;
+    @Mock
+    IamAccountRepository accountRepository;
+    @Mock
+    PasswordEncoder passwordEncoder;
+    @Mock
+    UserConverter userConverter;
+    @Mock
+    OidcIdConverter oidcIdConverter;
+    @Mock
+    SamlIdConverter samlIdConverter;
+    @Mock
+    SshKeyConverter sshKeyConverter;
+    @Mock
+    X509CertificateConverter x509CertificateConverter;
+    @Mock
+    UsernameValidator usernameValidator;
+    @Mock
+    NotificationFactory notificationFactory;
+    @Mock
+    ApplicationEventPublisher eventPublisher;
+
+    ScimUserProvisioning scimUserProvisioning;
+    IamAccount testUser;
+
+    @Before
+    public void before() {
+        testUser = new IamAccount();
+        testUser.setUuid(TEST_USER_UUID);
+        testUser.setServiceAccount(false);
+
+        when(accountRepository.findByUuid(testUser.getUuid())).thenReturn(Optional.of(testUser));
+
+        scimUserProvisioning = new ScimUserProvisioning(accountService, tokenService, accountRepository,
+                passwordEncoder, userConverter, oidcIdConverter, samlIdConverter, sshKeyConverter,
+                x509CertificateConverter, usernameValidator, notificationFactory);
+        scimUserProvisioning.setApplicationEventPublisher(eventPublisher);
+    }
+
+    @Test
+    public void testCreateSetAsServiceAccountMessageIsCalled() {
+        List<ScimPatchOperation<ScimUser>> operations = getOperations(true);
+
+        scimUserProvisioning.update(testUser.getUuid(), operations);
+
+        verify(notificationFactory, times(1)).createSetAsServiceAccountMessage(testUser);
+    }
+
+    @Test
+    public void testCreateRevokeServiceAccountMessageIsCalled() {
+        testUser.setServiceAccount(true);
+        List<ScimPatchOperation<ScimUser>> operations = getOperations(false);
+
+        scimUserProvisioning.update(testUser.getUuid(), operations);
+
+        verify(notificationFactory, times(1)).createRevokeServiceAccountMessage(testUser);
+    }
+
+    private List<ScimPatchOperation<ScimUser>> getOperations(boolean isServiceAccount) {
+        ScimUser user = ScimUser.builder().serviceAccount(isServiceAccount).build();
+        List<ScimPatchOperation<ScimUser>> operations = Lists.newArrayList();
+        operations.add(new ScimPatchOperation.Builder<ScimUser>().replace().value(user).build());
+        return operations;
+    }
+}

From 03e8c5d1cd41e0c907e8bc1e9e72cc8a13b71f86 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Mon, 12 Aug 2024 16:51:25 +0100
Subject: [PATCH 12/30] Add license

---
 .../ScimUserProvisioningUnitTest.java           | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java
index a690a06aa..42b7087f1 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java
@@ -1,7 +1,20 @@
+/**
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package it.infn.mw.iam.test.api.scim.provisioning;
 
-import static org.hamcrest.Matchers.anything;
-import static org.mockito.Mockito.doNothing;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;

From 8a9f6a8bb0f1c15b5cae0d531d78706761e0350e Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Wed, 14 Aug 2024 16:14:47 +0100
Subject: [PATCH 13/30] Add SpringBootTest annotation

---
 .../test/api/scim/controller/ScimUserControllerTest.java   | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
index e249936b8..0370d2176 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
@@ -29,6 +29,8 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
@@ -43,15 +45,20 @@
 import it.infn.mw.iam.api.scim.model.ScimUser;
 import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
 import it.infn.mw.iam.core.IamNotificationType;
+import it.infn.mw.iam.IamLoginService;
 import it.infn.mw.iam.api.scim.model.ScimConstants;
 import it.infn.mw.iam.persistence.model.IamAccount;
 import it.infn.mw.iam.persistence.model.IamEmailNotification;
 import it.infn.mw.iam.persistence.repository.IamAccountRepository;
 import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
 import it.infn.mw.iam.test.api.TestSupport;
+import it.infn.mw.iam.test.core.CoreControllerTestSupport;
+import it.infn.mw.iam.test.notification.NotificationTestConfig;
 
 @RunWith(SpringRunner.class)
 @IamMockMvcIntegrationTest
+@SpringBootTest(classes = {IamLoginService.class, CoreControllerTestSupport.class,
+    NotificationTestConfig.class}, webEnvironment = WebEnvironment.MOCK)
 @WithAnonymousUser
 public class ScimUserControllerTest extends TestSupport implements ScimConstants {
 

From 6c4d30b62f68d0f4b144afcd59d46e6a21dd2205 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Wed, 14 Aug 2024 16:48:30 +0100
Subject: [PATCH 14/30] Add unit test for service account emails message
 creation

---
 .../TransientNotificationFactoryTest.java     | 88 +++++++++++++++++++
 1 file changed, 88 insertions(+)
 create mode 100644 iam-login-service/src/test/java/it/infn/mw/iam/test/notification/TransientNotificationFactoryTest.java

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/TransientNotificationFactoryTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/TransientNotificationFactoryTest.java
new file mode 100644
index 000000000..35603e3ea
--- /dev/null
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/TransientNotificationFactoryTest.java
@@ -0,0 +1,88 @@
+/**
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package it.infn.mw.iam.test.notification;
+
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.when;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
+import org.springframework.beans.factory.annotation.Value;
+
+import freemarker.template.Configuration;
+import freemarker.template.Template;
+import it.infn.mw.iam.core.IamNotificationType;
+import it.infn.mw.iam.notification.NotificationProperties;
+import it.infn.mw.iam.notification.TransientNotificationFactory;
+import it.infn.mw.iam.notification.service.resolver.AdminNotificationDeliveryStrategy;
+import it.infn.mw.iam.notification.service.resolver.GroupManagerNotificationDeliveryStrategy;
+import it.infn.mw.iam.persistence.model.IamAccount;
+import it.infn.mw.iam.persistence.model.IamEmailNotification;
+import it.infn.mw.iam.persistence.model.IamUserInfo;
+
+@RunWith(MockitoJUnitRunner.class)
+public class TransientNotificationFactoryTest {
+    @Mock
+    Configuration fm;
+    @Mock
+    NotificationProperties np;
+    @Mock
+    AdminNotificationDeliveryStrategy ands;
+    @Mock
+    GroupManagerNotificationDeliveryStrategy gmds;
+    @Mock
+    Template template;
+    @Mock
+    IamAccount testUser;
+    @Mock
+    IamUserInfo testUserInfo;
+
+    @Value("${iam.organisation.name}")
+    private String organisationName;
+
+    @InjectMocks
+    TransientNotificationFactory transientNotificationFactory;
+
+    @Before
+    public void before() throws Exception {
+        when(testUser.getUserInfo()).thenReturn(testUserInfo);
+        when(testUserInfo.getName()).thenReturn("Test User");
+        when(fm.getTemplate(anyString())).thenReturn(template);
+    }
+
+    @Test
+    public void testCreateSetAsServiceAccountMessage() {
+        IamEmailNotification iamEmailNotification = transientNotificationFactory
+                .createSetAsServiceAccountMessage(testUser);
+
+        assertTrue(iamEmailNotification.getSubject().contains("Account set as service account"));
+        assertTrue(iamEmailNotification.getType().equals(IamNotificationType.SET_SERVICE_ACCOUNT));
+    }
+
+    @Test
+    public void testCreateRevokeServiceAccountMessage() {
+        IamEmailNotification iamEmailNotification = transientNotificationFactory
+                .createRevokeServiceAccountMessage(testUser);
+                
+        assertTrue(iamEmailNotification.getSubject().contains("Account's service account status revoked"));
+        assertTrue(iamEmailNotification.getType().equals(IamNotificationType.REVOKE_SERVICE_ACCOUNT));
+    }
+}

From ffb4319657163ca47475b695058ac0b7489f15d7 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Thu, 15 Aug 2024 12:52:29 +0000
Subject: [PATCH 15/30] Test notification delivery

---
 .../controller/ScimUserControllerTest.java    | 42 +++++++++++++++++--
 1 file changed, 38 insertions(+), 4 deletions(-)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
index 0370d2176..94a937c89 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
@@ -16,7 +16,10 @@
 
 package it.infn.mw.iam.test.api.scim.controller;
 
-import static org.junit.Assert.assertEquals;
+import static org.hamcrest.Matchers.hasSize;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.MatcherAssert.assertThat;
 
 import java.util.List;
 
@@ -32,6 +35,7 @@
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;
@@ -41,6 +45,7 @@
 
 import it.infn.mw.iam.test.util.WithAnonymousUser;
 import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest;
+import it.infn.mw.iam.test.util.notification.MockNotificationDelivery;
 import it.infn.mw.iam.test.util.oauth.MockOAuth2Filter;
 import it.infn.mw.iam.api.scim.model.ScimUser;
 import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
@@ -57,11 +62,12 @@
 
 @RunWith(SpringRunner.class)
 @IamMockMvcIntegrationTest
-@SpringBootTest(classes = {IamLoginService.class, CoreControllerTestSupport.class,
-    NotificationTestConfig.class}, webEnvironment = WebEnvironment.MOCK)
+@SpringBootTest(classes = { IamLoginService.class, CoreControllerTestSupport.class,
+        NotificationTestConfig.class }, webEnvironment = WebEnvironment.MOCK)
 @WithAnonymousUser
+@TestPropertySource(properties = { "notification.disable=false" })
 public class ScimUserControllerTest extends TestSupport implements ScimConstants {
-
+    
     @Autowired
     private WebApplicationContext context;
     @Autowired
@@ -72,6 +78,8 @@ public class ScimUserControllerTest extends TestSupport implements ScimConstants
     private ObjectMapper mapper;
     @Autowired
     private IamEmailNotificationRepository notificationRepo;
+    @Autowired
+    private MockNotificationDelivery notificationDelivery;
 
     private MockMvc mvc;
 
@@ -104,6 +112,19 @@ public void testEmailSentForSettingServiceAccount() throws Exception {
 
         assertEquals(1, notifications.size());
         assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
+
+        notificationDelivery.sendPendingNotifications();
+
+        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
+        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
+
+        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account set as service account"));
+
+        assertThat(message.getReceivers(), hasSize(1));
+        assertThat(message.getReceivers().get(0).getEmailAddress(),
+                equalTo(testUser.getUserInfo().getEmail()));
+
+        notificationDelivery.clearDeliveredNotifications();
     }
 
     @Test
@@ -127,5 +148,18 @@ public void testEmailSentForRevokingServiceAccount() throws Exception {
 
         assertEquals(1, notifications.size());
         assertEquals("[indigo-dc IAM] Account's service account status revoked", notifications.get(0).getSubject());
+
+        notificationDelivery.sendPendingNotifications();
+
+        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
+        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
+
+        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account's service account status revoked"));
+
+        assertThat(message.getReceivers(), hasSize(1));
+        assertThat(message.getReceivers().get(0).getEmailAddress(),
+                equalTo(testUser.getUserInfo().getEmail()));
+
+        notificationDelivery.clearDeliveredNotifications();
     }
 }

From 3b9d9e032a64023f9ad7e6428e478fc6c0508b7e Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Thu, 15 Aug 2024 15:51:29 +0000
Subject: [PATCH 16/30] Move test to notification test file

---
 .../RegistrationFlowNotificationTests.java    | 86 +++++++++++++++++++
 1 file changed, 86 insertions(+)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
index f2a392f56..81009120a 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
@@ -23,16 +23,20 @@
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasSize;
 import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.springframework.http.MediaType.APPLICATION_JSON;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication;
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.head;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
+import java.util.List;
+
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
@@ -42,6 +46,7 @@
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.http.MediaType;
+import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
@@ -52,9 +57,15 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import it.infn.mw.iam.IamLoginService;
+import it.infn.mw.iam.api.scim.model.ScimUser;
+import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
+import it.infn.mw.iam.core.IamNotificationType;
 import it.infn.mw.iam.notification.NotificationProperties;
+import it.infn.mw.iam.persistence.model.IamAccount;
 import it.infn.mw.iam.persistence.model.IamEmailNotification;
 import it.infn.mw.iam.persistence.repository.IamRegistrationRequestRepository;
+import it.infn.mw.iam.persistence.repository.IamAccountRepository;
+import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
 import it.infn.mw.iam.registration.PersistentUUIDTokenGenerator;
 import it.infn.mw.iam.registration.RegistrationRequestDto;
 import it.infn.mw.iam.test.core.CoreControllerTestSupport;
@@ -104,6 +115,12 @@ public class RegistrationFlowNotificationTests {
   @Autowired
   private IamRegistrationRequestRepository requestRepository;
 
+  @Autowired
+  private IamAccountRepository iamAccountRepo;
+
+  @Autowired
+  private IamEmailNotificationRepository notificationRepo;
+
   private MockMvc mvc;
 
   @Before
@@ -352,4 +369,73 @@ public void testRejectFlowMotivationNotifications() throws Exception {
 
   }
 
+  @Test
+    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
+    public void testEmailSentForSettingServiceAccount() throws Exception {
+        IamAccount testUser = iamAccountRepo.findByUsername("test")
+                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+        ScimUser user = ScimUser.builder().serviceAccount(true).build();
+
+        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
+
+        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
+                .content(mapper.writeValueAsString(patchRequest))
+                .contentType("application/scim+json;charset=UTF-8"))
+                .andExpect(status().isNoContent());
+        List<IamEmailNotification> notifications = notificationRepo
+                .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
+
+        assertEquals(1, notifications.size());
+        assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
+
+        notificationDelivery.sendPendingNotifications();
+
+        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
+        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
+
+        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account set as service account"));
+
+        assertThat(message.getReceivers(), hasSize(1));
+        assertThat(message.getReceivers().get(0).getEmailAddress(),
+                equalTo(testUser.getUserInfo().getEmail()));
+
+        notificationDelivery.clearDeliveredNotifications();
+    }
+
+    @Test
+    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
+    public void testEmailSentForRevokingServiceAccount() throws Exception {
+        IamAccount testUser = iamAccountRepo.findByUsername("test")
+                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+        testUser.setServiceAccount(true);
+        iamAccountRepo.save(testUser);
+
+        ScimUser user = ScimUser.builder().serviceAccount(false).build();
+
+        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
+
+        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
+                .content(mapper.writeValueAsString(patchRequest))
+                .contentType("application/scim+json;charset=UTF-8"))
+                .andExpect(status().isNoContent());
+        List<IamEmailNotification> notifications = notificationRepo
+                .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
+
+        assertEquals(1, notifications.size());
+        assertEquals("[indigo-dc IAM] Account's service account status revoked", notifications.get(0).getSubject());
+
+        notificationDelivery.sendPendingNotifications();
+
+        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
+        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
+
+        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account's service account status revoked"));
+
+        assertThat(message.getReceivers(), hasSize(1));
+        assertThat(message.getReceivers().get(0).getEmailAddress(),
+                equalTo(testUser.getUserInfo().getEmail()));
+
+        notificationDelivery.clearDeliveredNotifications();
+    }
+
 }

From 1aa1efde696310b9d3ea36e5d17926673a127120 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Fri, 16 Aug 2024 12:15:07 +0000
Subject: [PATCH 17/30] Delete unnecessary tests

---
 .../ScimUserProvisioningTest.java             |  92 -------------
 .../ScimUserProvisioningUnitTest.java         | 121 ------------------
 .../RegistrationFlowNotificationTests.java    |  86 -------------
 .../ServiceAccountNotificationTest.java}      |  62 ++++-----
 .../TransientNotificationFactoryTest.java     |  88 -------------
 5 files changed, 32 insertions(+), 417 deletions(-)
 delete mode 100644 iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java
 delete mode 100644 iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java
 rename iam-login-service/src/test/java/it/infn/mw/iam/test/{api/scim/controller/ScimUserControllerTest.java => notification/ServiceAccountNotificationTest.java} (89%)
 delete mode 100644 iam-login-service/src/test/java/it/infn/mw/iam/test/notification/TransientNotificationFactoryTest.java

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java
deleted file mode 100644
index a2ce9d058..000000000
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningTest.java
+++ /dev/null
@@ -1,92 +0,0 @@
-/**
- * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package it.infn.mw.iam.test.api.scim.provisioning;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-
-import java.util.List;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
-import org.springframework.test.context.junit4.SpringRunner;
-
-import com.google.common.collect.Lists;
-
-import it.infn.mw.iam.IamLoginService;
-import it.infn.mw.iam.api.scim.model.ScimPatchOperation;
-import it.infn.mw.iam.api.scim.model.ScimUser;
-import it.infn.mw.iam.api.scim.provisioning.ScimUserProvisioning;
-import it.infn.mw.iam.core.IamNotificationType;
-import it.infn.mw.iam.persistence.model.IamAccount;
-import it.infn.mw.iam.persistence.model.IamEmailNotification;
-import it.infn.mw.iam.persistence.repository.IamAccountRepository;
-import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
-import it.infn.mw.iam.test.api.TestSupport;
-import it.infn.mw.iam.test.core.CoreControllerTestSupport;
-import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest;
-
-@RunWith(SpringRunner.class)
-@IamMockMvcIntegrationTest
-@SpringBootTest(classes = { IamLoginService.class,
-        CoreControllerTestSupport.class }, webEnvironment = WebEnvironment.MOCK)
-public class ScimUserProvisioningTest extends TestSupport {
-    @Autowired
-    private ScimUserProvisioning provider;
-    @Autowired
-    private IamAccountRepository iamAccountRepo;
-    @Autowired
-    private IamEmailNotificationRepository notificationRepo;
-
-    @Test
-    public void testEmailSentForSettingServiceAccount() {
-        IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
-                .orElseThrow(() -> new AssertionError("Expected test user not found"));
-        ScimUser user = ScimUser.builder().serviceAccount(true).build();
-
-        List<ScimPatchOperation<ScimUser>> operations = Lists.newArrayList();
-        operations.add(new ScimPatchOperation.Builder<ScimUser>().replace().value(user).build());
-        provider.update(testUser.getUuid(), operations);
-
-        List<IamEmailNotification> notifications = notificationRepo
-                .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
-
-        assertEquals(1, notifications.size());
-        assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
-    }
-
-    @Test
-    public void testEmailSentForRevokingServiceAccount() {
-        IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
-                .orElseThrow(() -> new AssertionError("Expected test user not found"));
-        testUser.setServiceAccount(true);
-        iamAccountRepo.save(testUser);
-        ScimUser user = ScimUser.builder().serviceAccount(false).build();
-
-        List<ScimPatchOperation<ScimUser>> operations = Lists.newArrayList();
-        operations.add(new ScimPatchOperation.Builder<ScimUser>().replace().value(user).build());
-        provider.update(testUser.getUuid(), operations);
-
-        List<IamEmailNotification> notifications = notificationRepo
-                .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
-
-        assertEquals(1, notifications.size());
-        assertEquals("[indigo-dc IAM] Account's service account status revoked", notifications.get(0).getSubject());
-    }
-
-}
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java
deleted file mode 100644
index 42b7087f1..000000000
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/provisioning/ScimUserProvisioningUnitTest.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/**
- * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package it.infn.mw.iam.test.api.scim.provisioning;
-
-import static org.mockito.Mockito.times;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
-import java.util.List;
-import java.util.Optional;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mitre.oauth2.service.OAuth2TokenEntityService;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
-import org.springframework.context.ApplicationEventPublisher;
-import org.springframework.security.crypto.password.PasswordEncoder;
-
-import com.google.common.collect.Lists;
-
-import it.infn.mw.iam.api.scim.converter.OidcIdConverter;
-import it.infn.mw.iam.api.scim.converter.SamlIdConverter;
-import it.infn.mw.iam.api.scim.converter.SshKeyConverter;
-import it.infn.mw.iam.api.scim.converter.UserConverter;
-import it.infn.mw.iam.api.scim.converter.X509CertificateConverter;
-import it.infn.mw.iam.api.scim.model.ScimPatchOperation;
-import it.infn.mw.iam.api.scim.model.ScimUser;
-import it.infn.mw.iam.api.scim.provisioning.ScimUserProvisioning;
-import it.infn.mw.iam.core.user.IamAccountService;
-import it.infn.mw.iam.notification.NotificationFactory;
-import it.infn.mw.iam.persistence.model.IamAccount;
-import it.infn.mw.iam.persistence.repository.IamAccountRepository;
-import it.infn.mw.iam.registration.validation.UsernameValidator;
-import it.infn.mw.iam.test.api.TestSupport;
-
-@RunWith(MockitoJUnitRunner.class)
-public class ScimUserProvisioningUnitTest extends TestSupport {
-
-    @Mock
-    IamAccountService accountService;
-    @Mock
-    OAuth2TokenEntityService tokenService;
-    @Mock
-    IamAccountRepository accountRepository;
-    @Mock
-    PasswordEncoder passwordEncoder;
-    @Mock
-    UserConverter userConverter;
-    @Mock
-    OidcIdConverter oidcIdConverter;
-    @Mock
-    SamlIdConverter samlIdConverter;
-    @Mock
-    SshKeyConverter sshKeyConverter;
-    @Mock
-    X509CertificateConverter x509CertificateConverter;
-    @Mock
-    UsernameValidator usernameValidator;
-    @Mock
-    NotificationFactory notificationFactory;
-    @Mock
-    ApplicationEventPublisher eventPublisher;
-
-    ScimUserProvisioning scimUserProvisioning;
-    IamAccount testUser;
-
-    @Before
-    public void before() {
-        testUser = new IamAccount();
-        testUser.setUuid(TEST_USER_UUID);
-        testUser.setServiceAccount(false);
-
-        when(accountRepository.findByUuid(testUser.getUuid())).thenReturn(Optional.of(testUser));
-
-        scimUserProvisioning = new ScimUserProvisioning(accountService, tokenService, accountRepository,
-                passwordEncoder, userConverter, oidcIdConverter, samlIdConverter, sshKeyConverter,
-                x509CertificateConverter, usernameValidator, notificationFactory);
-        scimUserProvisioning.setApplicationEventPublisher(eventPublisher);
-    }
-
-    @Test
-    public void testCreateSetAsServiceAccountMessageIsCalled() {
-        List<ScimPatchOperation<ScimUser>> operations = getOperations(true);
-
-        scimUserProvisioning.update(testUser.getUuid(), operations);
-
-        verify(notificationFactory, times(1)).createSetAsServiceAccountMessage(testUser);
-    }
-
-    @Test
-    public void testCreateRevokeServiceAccountMessageIsCalled() {
-        testUser.setServiceAccount(true);
-        List<ScimPatchOperation<ScimUser>> operations = getOperations(false);
-
-        scimUserProvisioning.update(testUser.getUuid(), operations);
-
-        verify(notificationFactory, times(1)).createRevokeServiceAccountMessage(testUser);
-    }
-
-    private List<ScimPatchOperation<ScimUser>> getOperations(boolean isServiceAccount) {
-        ScimUser user = ScimUser.builder().serviceAccount(isServiceAccount).build();
-        List<ScimPatchOperation<ScimUser>> operations = Lists.newArrayList();
-        operations.add(new ScimPatchOperation.Builder<ScimUser>().replace().value(user).build());
-        return operations;
-    }
-}
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
index 81009120a..f2a392f56 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
@@ -23,20 +23,16 @@
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasSize;
 import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED;
-import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.springframework.http.MediaType.APPLICATION_JSON;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication;
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.head;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
-import java.util.List;
-
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
@@ -46,7 +42,6 @@
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.http.MediaType;
-import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
@@ -57,15 +52,9 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import it.infn.mw.iam.IamLoginService;
-import it.infn.mw.iam.api.scim.model.ScimUser;
-import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
-import it.infn.mw.iam.core.IamNotificationType;
 import it.infn.mw.iam.notification.NotificationProperties;
-import it.infn.mw.iam.persistence.model.IamAccount;
 import it.infn.mw.iam.persistence.model.IamEmailNotification;
 import it.infn.mw.iam.persistence.repository.IamRegistrationRequestRepository;
-import it.infn.mw.iam.persistence.repository.IamAccountRepository;
-import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
 import it.infn.mw.iam.registration.PersistentUUIDTokenGenerator;
 import it.infn.mw.iam.registration.RegistrationRequestDto;
 import it.infn.mw.iam.test.core.CoreControllerTestSupport;
@@ -115,12 +104,6 @@ public class RegistrationFlowNotificationTests {
   @Autowired
   private IamRegistrationRequestRepository requestRepository;
 
-  @Autowired
-  private IamAccountRepository iamAccountRepo;
-
-  @Autowired
-  private IamEmailNotificationRepository notificationRepo;
-
   private MockMvc mvc;
 
   @Before
@@ -369,73 +352,4 @@ public void testRejectFlowMotivationNotifications() throws Exception {
 
   }
 
-  @Test
-    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
-    public void testEmailSentForSettingServiceAccount() throws Exception {
-        IamAccount testUser = iamAccountRepo.findByUsername("test")
-                .orElseThrow(() -> new AssertionError("Expected test user not found"));
-        ScimUser user = ScimUser.builder().serviceAccount(true).build();
-
-        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
-
-        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
-                .content(mapper.writeValueAsString(patchRequest))
-                .contentType("application/scim+json;charset=UTF-8"))
-                .andExpect(status().isNoContent());
-        List<IamEmailNotification> notifications = notificationRepo
-                .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
-
-        assertEquals(1, notifications.size());
-        assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
-
-        notificationDelivery.sendPendingNotifications();
-
-        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
-        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
-
-        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account set as service account"));
-
-        assertThat(message.getReceivers(), hasSize(1));
-        assertThat(message.getReceivers().get(0).getEmailAddress(),
-                equalTo(testUser.getUserInfo().getEmail()));
-
-        notificationDelivery.clearDeliveredNotifications();
-    }
-
-    @Test
-    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
-    public void testEmailSentForRevokingServiceAccount() throws Exception {
-        IamAccount testUser = iamAccountRepo.findByUsername("test")
-                .orElseThrow(() -> new AssertionError("Expected test user not found"));
-        testUser.setServiceAccount(true);
-        iamAccountRepo.save(testUser);
-
-        ScimUser user = ScimUser.builder().serviceAccount(false).build();
-
-        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
-
-        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
-                .content(mapper.writeValueAsString(patchRequest))
-                .contentType("application/scim+json;charset=UTF-8"))
-                .andExpect(status().isNoContent());
-        List<IamEmailNotification> notifications = notificationRepo
-                .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
-
-        assertEquals(1, notifications.size());
-        assertEquals("[indigo-dc IAM] Account's service account status revoked", notifications.get(0).getSubject());
-
-        notificationDelivery.sendPendingNotifications();
-
-        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
-        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
-
-        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account's service account status revoked"));
-
-        assertThat(message.getReceivers(), hasSize(1));
-        assertThat(message.getReceivers().get(0).getEmailAddress(),
-                equalTo(testUser.getUserInfo().getEmail()));
-
-        notificationDelivery.clearDeliveredNotifications();
-    }
-
 }
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTest.java
similarity index 89%
rename from iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
rename to iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTest.java
index 94a937c89..39714a998 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/scim/controller/ScimUserControllerTest.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTest.java
@@ -13,19 +13,18 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+package it.infn.mw.iam.test.notification;
 
-package it.infn.mw.iam.test.api.scim.controller;
-
+import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasSize;
 import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.MatcherAssert.assertThat;
-
-import java.util.List;
-
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
-import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import java.util.List;
 
 import org.junit.After;
 import org.junit.Before;
@@ -43,22 +42,19 @@
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 
-import it.infn.mw.iam.test.util.WithAnonymousUser;
-import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest;
-import it.infn.mw.iam.test.util.notification.MockNotificationDelivery;
-import it.infn.mw.iam.test.util.oauth.MockOAuth2Filter;
+import it.infn.mw.iam.IamLoginService;
 import it.infn.mw.iam.api.scim.model.ScimUser;
 import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
 import it.infn.mw.iam.core.IamNotificationType;
-import it.infn.mw.iam.IamLoginService;
-import it.infn.mw.iam.api.scim.model.ScimConstants;
 import it.infn.mw.iam.persistence.model.IamAccount;
 import it.infn.mw.iam.persistence.model.IamEmailNotification;
 import it.infn.mw.iam.persistence.repository.IamAccountRepository;
 import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
-import it.infn.mw.iam.test.api.TestSupport;
 import it.infn.mw.iam.test.core.CoreControllerTestSupport;
-import it.infn.mw.iam.test.notification.NotificationTestConfig;
+import it.infn.mw.iam.test.util.WithAnonymousUser;
+import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest;
+import it.infn.mw.iam.test.util.notification.MockNotificationDelivery;
+import it.infn.mw.iam.test.util.oauth.MockOAuth2Filter;
 
 @RunWith(SpringRunner.class)
 @IamMockMvcIntegrationTest
@@ -66,38 +62,43 @@
         NotificationTestConfig.class }, webEnvironment = WebEnvironment.MOCK)
 @WithAnonymousUser
 @TestPropertySource(properties = { "notification.disable=false" })
-public class ScimUserControllerTest extends TestSupport implements ScimConstants {
-    
+public class ServiceAccountNotificationTest {
+
     @Autowired
-    private WebApplicationContext context;
+    private MockNotificationDelivery notificationDelivery;
+
     @Autowired
     private MockOAuth2Filter mockOAuth2Filter;
+
     @Autowired
-    private IamAccountRepository iamAccountRepo;
+    private WebApplicationContext context;
+
     @Autowired
     private ObjectMapper mapper;
+
     @Autowired
-    private IamEmailNotificationRepository notificationRepo;
+    private IamAccountRepository iamAccountRepo;
+
     @Autowired
-    private MockNotificationDelivery notificationDelivery;
+    private IamEmailNotificationRepository notificationRepo;
 
     private MockMvc mvc;
 
     @Before
-    public void setup() {
+    public void setUp() throws InterruptedException {
         mvc = MockMvcBuilders.webAppContextSetup(context).alwaysDo(log()).apply(springSecurity()).build();
-        mockOAuth2Filter.cleanupSecurityContext();
     }
 
     @After
-    public void cleanupOAuthUser() {
+    public void tearDown() throws InterruptedException {
         mockOAuth2Filter.cleanupSecurityContext();
+        notificationDelivery.clearDeliveredNotifications();
     }
 
     @Test
     @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
     public void testEmailSentForSettingServiceAccount() throws Exception {
-        IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
+        IamAccount testUser = iamAccountRepo.findByUsername("test")
                 .orElseThrow(() -> new AssertionError("Expected test user not found"));
         ScimUser user = ScimUser.builder().serviceAccount(true).build();
 
@@ -105,8 +106,8 @@ public void testEmailSentForSettingServiceAccount() throws Exception {
 
         mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
                 .content(mapper.writeValueAsString(patchRequest))
-                .contentType(SCIM_CONTENT_TYPE))
-                .andExpect(NO_CONTENT);
+                .contentType("application/scim+json;charset=UTF-8"))
+                .andExpect(status().isNoContent());
         List<IamEmailNotification> notifications = notificationRepo
                 .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
 
@@ -130,7 +131,7 @@ public void testEmailSentForSettingServiceAccount() throws Exception {
     @Test
     @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
     public void testEmailSentForRevokingServiceAccount() throws Exception {
-        IamAccount testUser = iamAccountRepo.findByUsername(TEST_USER)
+        IamAccount testUser = iamAccountRepo.findByUsername("test")
                 .orElseThrow(() -> new AssertionError("Expected test user not found"));
         testUser.setServiceAccount(true);
         iamAccountRepo.save(testUser);
@@ -141,8 +142,8 @@ public void testEmailSentForRevokingServiceAccount() throws Exception {
 
         mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
                 .content(mapper.writeValueAsString(patchRequest))
-                .contentType(SCIM_CONTENT_TYPE))
-                .andExpect(NO_CONTENT);
+                .contentType("application/scim+json;charset=UTF-8"))
+                .andExpect(status().isNoContent());
         List<IamEmailNotification> notifications = notificationRepo
                 .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
 
@@ -162,4 +163,5 @@ public void testEmailSentForRevokingServiceAccount() throws Exception {
 
         notificationDelivery.clearDeliveredNotifications();
     }
+
 }
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/TransientNotificationFactoryTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/TransientNotificationFactoryTest.java
deleted file mode 100644
index 35603e3ea..000000000
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/TransientNotificationFactoryTest.java
+++ /dev/null
@@ -1,88 +0,0 @@
-/**
- * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package it.infn.mw.iam.test.notification;
-
-import static org.junit.Assert.assertTrue;
-import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.Mockito.when;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.InjectMocks;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
-import org.springframework.beans.factory.annotation.Value;
-
-import freemarker.template.Configuration;
-import freemarker.template.Template;
-import it.infn.mw.iam.core.IamNotificationType;
-import it.infn.mw.iam.notification.NotificationProperties;
-import it.infn.mw.iam.notification.TransientNotificationFactory;
-import it.infn.mw.iam.notification.service.resolver.AdminNotificationDeliveryStrategy;
-import it.infn.mw.iam.notification.service.resolver.GroupManagerNotificationDeliveryStrategy;
-import it.infn.mw.iam.persistence.model.IamAccount;
-import it.infn.mw.iam.persistence.model.IamEmailNotification;
-import it.infn.mw.iam.persistence.model.IamUserInfo;
-
-@RunWith(MockitoJUnitRunner.class)
-public class TransientNotificationFactoryTest {
-    @Mock
-    Configuration fm;
-    @Mock
-    NotificationProperties np;
-    @Mock
-    AdminNotificationDeliveryStrategy ands;
-    @Mock
-    GroupManagerNotificationDeliveryStrategy gmds;
-    @Mock
-    Template template;
-    @Mock
-    IamAccount testUser;
-    @Mock
-    IamUserInfo testUserInfo;
-
-    @Value("${iam.organisation.name}")
-    private String organisationName;
-
-    @InjectMocks
-    TransientNotificationFactory transientNotificationFactory;
-
-    @Before
-    public void before() throws Exception {
-        when(testUser.getUserInfo()).thenReturn(testUserInfo);
-        when(testUserInfo.getName()).thenReturn("Test User");
-        when(fm.getTemplate(anyString())).thenReturn(template);
-    }
-
-    @Test
-    public void testCreateSetAsServiceAccountMessage() {
-        IamEmailNotification iamEmailNotification = transientNotificationFactory
-                .createSetAsServiceAccountMessage(testUser);
-
-        assertTrue(iamEmailNotification.getSubject().contains("Account set as service account"));
-        assertTrue(iamEmailNotification.getType().equals(IamNotificationType.SET_SERVICE_ACCOUNT));
-    }
-
-    @Test
-    public void testCreateRevokeServiceAccountMessage() {
-        IamEmailNotification iamEmailNotification = transientNotificationFactory
-                .createRevokeServiceAccountMessage(testUser);
-                
-        assertTrue(iamEmailNotification.getSubject().contains("Account's service account status revoked"));
-        assertTrue(iamEmailNotification.getType().equals(IamNotificationType.REVOKE_SERVICE_ACCOUNT));
-    }
-}

From fb3905ba2c8e2099b87964d18eda9871c4679da7 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Fri, 16 Aug 2024 12:35:13 +0000
Subject: [PATCH 18/30] Move tests to registration flow test file to pass sonar
 cloud

---
 .../RegistrationFlowNotificationTests.java    | 86 +++++++++++++++++++
 1 file changed, 86 insertions(+)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
index f2a392f56..81009120a 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
@@ -23,16 +23,20 @@
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasSize;
 import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.springframework.http.MediaType.APPLICATION_JSON;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication;
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.head;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
+import java.util.List;
+
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
@@ -42,6 +46,7 @@
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.http.MediaType;
+import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
@@ -52,9 +57,15 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import it.infn.mw.iam.IamLoginService;
+import it.infn.mw.iam.api.scim.model.ScimUser;
+import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
+import it.infn.mw.iam.core.IamNotificationType;
 import it.infn.mw.iam.notification.NotificationProperties;
+import it.infn.mw.iam.persistence.model.IamAccount;
 import it.infn.mw.iam.persistence.model.IamEmailNotification;
 import it.infn.mw.iam.persistence.repository.IamRegistrationRequestRepository;
+import it.infn.mw.iam.persistence.repository.IamAccountRepository;
+import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
 import it.infn.mw.iam.registration.PersistentUUIDTokenGenerator;
 import it.infn.mw.iam.registration.RegistrationRequestDto;
 import it.infn.mw.iam.test.core.CoreControllerTestSupport;
@@ -104,6 +115,12 @@ public class RegistrationFlowNotificationTests {
   @Autowired
   private IamRegistrationRequestRepository requestRepository;
 
+  @Autowired
+  private IamAccountRepository iamAccountRepo;
+
+  @Autowired
+  private IamEmailNotificationRepository notificationRepo;
+
   private MockMvc mvc;
 
   @Before
@@ -352,4 +369,73 @@ public void testRejectFlowMotivationNotifications() throws Exception {
 
   }
 
+  @Test
+    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
+    public void testEmailSentForSettingServiceAccount() throws Exception {
+        IamAccount testUser = iamAccountRepo.findByUsername("test")
+                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+        ScimUser user = ScimUser.builder().serviceAccount(true).build();
+
+        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
+
+        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
+                .content(mapper.writeValueAsString(patchRequest))
+                .contentType("application/scim+json;charset=UTF-8"))
+                .andExpect(status().isNoContent());
+        List<IamEmailNotification> notifications = notificationRepo
+                .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
+
+        assertEquals(1, notifications.size());
+        assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
+
+        notificationDelivery.sendPendingNotifications();
+
+        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
+        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
+
+        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account set as service account"));
+
+        assertThat(message.getReceivers(), hasSize(1));
+        assertThat(message.getReceivers().get(0).getEmailAddress(),
+                equalTo(testUser.getUserInfo().getEmail()));
+
+        notificationDelivery.clearDeliveredNotifications();
+    }
+
+    @Test
+    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
+    public void testEmailSentForRevokingServiceAccount() throws Exception {
+        IamAccount testUser = iamAccountRepo.findByUsername("test")
+                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+        testUser.setServiceAccount(true);
+        iamAccountRepo.save(testUser);
+
+        ScimUser user = ScimUser.builder().serviceAccount(false).build();
+
+        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
+
+        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
+                .content(mapper.writeValueAsString(patchRequest))
+                .contentType("application/scim+json;charset=UTF-8"))
+                .andExpect(status().isNoContent());
+        List<IamEmailNotification> notifications = notificationRepo
+                .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
+
+        assertEquals(1, notifications.size());
+        assertEquals("[indigo-dc IAM] Account's service account status revoked", notifications.get(0).getSubject());
+
+        notificationDelivery.sendPendingNotifications();
+
+        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
+        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
+
+        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account's service account status revoked"));
+
+        assertThat(message.getReceivers(), hasSize(1));
+        assertThat(message.getReceivers().get(0).getEmailAddress(),
+                equalTo(testUser.getUserInfo().getEmail()));
+
+        notificationDelivery.clearDeliveredNotifications();
+    }
+
 }

From 011e3ee3498a7f05e299b62625b8f5e023634d6e Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Mon, 19 Aug 2024 13:48:16 +0000
Subject: [PATCH 19/30] Address review comments

---
 .../aup/DefaultAupSignatureCheckService.java  |   8 +-
 .../RegistrationFlowNotificationTests.java    |  86 ---------
 .../ServiceAccountNotificationTest.java       | 167 -----------------
 .../ServiceAccountNotificationTests.java      | 168 ++++++++++++++++++
 .../IamAupSignatureRepositoryImpl.java        |   4 +-
 .../IamAupSignatureUpdateError.java           |   4 +-
 .../h2/V106__add_service_account.sql          |   2 -
 .../mysql/V106__add_service_account.sql       |   2 -
 8 files changed, 179 insertions(+), 262 deletions(-)
 delete mode 100644 iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTest.java
 create mode 100644 iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTests.java

diff --git a/iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java b/iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java
index 67c31f090..effc37924 100644
--- a/iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java
+++ b/iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java
@@ -53,12 +53,18 @@ public boolean needsAupSignature(IamAccount account) {
 
     Date now = new Date(timeProvider.currentTimeMillis());
 
-    if (!aup.isPresent() || account.isServiceAccount()) {
+    if (!aup.isPresent()) {
       LOG.debug("AUP signature not needed for account '{}': AUP is not defined",
           account.getUsername());
       return false;
     }
 
+    if (account.isServiceAccount()) {
+      LOG.debug("AUP signature not needed for account '{}': Account is a service account",
+          account.getUsername());
+      return false;
+    }
+
     if (isNull(account.getAupSignature())) {
       LOG.debug("AUP signature needed for account '{}': no signature record found for user",
           account.getUsername());
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
index 81009120a..f2a392f56 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/RegistrationFlowNotificationTests.java
@@ -23,20 +23,16 @@
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasSize;
 import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED;
-import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.springframework.http.MediaType.APPLICATION_JSON;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication;
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.head;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
-import java.util.List;
-
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
@@ -46,7 +42,6 @@
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.http.MediaType;
-import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
@@ -57,15 +52,9 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import it.infn.mw.iam.IamLoginService;
-import it.infn.mw.iam.api.scim.model.ScimUser;
-import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
-import it.infn.mw.iam.core.IamNotificationType;
 import it.infn.mw.iam.notification.NotificationProperties;
-import it.infn.mw.iam.persistence.model.IamAccount;
 import it.infn.mw.iam.persistence.model.IamEmailNotification;
 import it.infn.mw.iam.persistence.repository.IamRegistrationRequestRepository;
-import it.infn.mw.iam.persistence.repository.IamAccountRepository;
-import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
 import it.infn.mw.iam.registration.PersistentUUIDTokenGenerator;
 import it.infn.mw.iam.registration.RegistrationRequestDto;
 import it.infn.mw.iam.test.core.CoreControllerTestSupport;
@@ -115,12 +104,6 @@ public class RegistrationFlowNotificationTests {
   @Autowired
   private IamRegistrationRequestRepository requestRepository;
 
-  @Autowired
-  private IamAccountRepository iamAccountRepo;
-
-  @Autowired
-  private IamEmailNotificationRepository notificationRepo;
-
   private MockMvc mvc;
 
   @Before
@@ -369,73 +352,4 @@ public void testRejectFlowMotivationNotifications() throws Exception {
 
   }
 
-  @Test
-    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
-    public void testEmailSentForSettingServiceAccount() throws Exception {
-        IamAccount testUser = iamAccountRepo.findByUsername("test")
-                .orElseThrow(() -> new AssertionError("Expected test user not found"));
-        ScimUser user = ScimUser.builder().serviceAccount(true).build();
-
-        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
-
-        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
-                .content(mapper.writeValueAsString(patchRequest))
-                .contentType("application/scim+json;charset=UTF-8"))
-                .andExpect(status().isNoContent());
-        List<IamEmailNotification> notifications = notificationRepo
-                .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
-
-        assertEquals(1, notifications.size());
-        assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
-
-        notificationDelivery.sendPendingNotifications();
-
-        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
-        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
-
-        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account set as service account"));
-
-        assertThat(message.getReceivers(), hasSize(1));
-        assertThat(message.getReceivers().get(0).getEmailAddress(),
-                equalTo(testUser.getUserInfo().getEmail()));
-
-        notificationDelivery.clearDeliveredNotifications();
-    }
-
-    @Test
-    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
-    public void testEmailSentForRevokingServiceAccount() throws Exception {
-        IamAccount testUser = iamAccountRepo.findByUsername("test")
-                .orElseThrow(() -> new AssertionError("Expected test user not found"));
-        testUser.setServiceAccount(true);
-        iamAccountRepo.save(testUser);
-
-        ScimUser user = ScimUser.builder().serviceAccount(false).build();
-
-        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
-
-        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
-                .content(mapper.writeValueAsString(patchRequest))
-                .contentType("application/scim+json;charset=UTF-8"))
-                .andExpect(status().isNoContent());
-        List<IamEmailNotification> notifications = notificationRepo
-                .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
-
-        assertEquals(1, notifications.size());
-        assertEquals("[indigo-dc IAM] Account's service account status revoked", notifications.get(0).getSubject());
-
-        notificationDelivery.sendPendingNotifications();
-
-        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
-        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
-
-        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account's service account status revoked"));
-
-        assertThat(message.getReceivers(), hasSize(1));
-        assertThat(message.getReceivers().get(0).getEmailAddress(),
-                equalTo(testUser.getUserInfo().getEmail()));
-
-        notificationDelivery.clearDeliveredNotifications();
-    }
-
 }
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTest.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTest.java
deleted file mode 100644
index 39714a998..000000000
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTest.java
+++ /dev/null
@@ -1,167 +0,0 @@
-/**
- * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package it.infn.mw.iam.test.notification;
-
-import static org.hamcrest.Matchers.equalTo;
-import static org.hamcrest.Matchers.hasSize;
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
-import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-
-import java.util.List;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
-import org.springframework.security.test.context.support.WithMockUser;
-import org.springframework.test.context.TestPropertySource;
-import org.springframework.test.context.junit4.SpringRunner;
-import org.springframework.test.web.servlet.MockMvc;
-import org.springframework.test.web.servlet.setup.MockMvcBuilders;
-import org.springframework.web.context.WebApplicationContext;
-
-import com.fasterxml.jackson.databind.ObjectMapper;
-
-import it.infn.mw.iam.IamLoginService;
-import it.infn.mw.iam.api.scim.model.ScimUser;
-import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
-import it.infn.mw.iam.core.IamNotificationType;
-import it.infn.mw.iam.persistence.model.IamAccount;
-import it.infn.mw.iam.persistence.model.IamEmailNotification;
-import it.infn.mw.iam.persistence.repository.IamAccountRepository;
-import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
-import it.infn.mw.iam.test.core.CoreControllerTestSupport;
-import it.infn.mw.iam.test.util.WithAnonymousUser;
-import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest;
-import it.infn.mw.iam.test.util.notification.MockNotificationDelivery;
-import it.infn.mw.iam.test.util.oauth.MockOAuth2Filter;
-
-@RunWith(SpringRunner.class)
-@IamMockMvcIntegrationTest
-@SpringBootTest(classes = { IamLoginService.class, CoreControllerTestSupport.class,
-        NotificationTestConfig.class }, webEnvironment = WebEnvironment.MOCK)
-@WithAnonymousUser
-@TestPropertySource(properties = { "notification.disable=false" })
-public class ServiceAccountNotificationTest {
-
-    @Autowired
-    private MockNotificationDelivery notificationDelivery;
-
-    @Autowired
-    private MockOAuth2Filter mockOAuth2Filter;
-
-    @Autowired
-    private WebApplicationContext context;
-
-    @Autowired
-    private ObjectMapper mapper;
-
-    @Autowired
-    private IamAccountRepository iamAccountRepo;
-
-    @Autowired
-    private IamEmailNotificationRepository notificationRepo;
-
-    private MockMvc mvc;
-
-    @Before
-    public void setUp() throws InterruptedException {
-        mvc = MockMvcBuilders.webAppContextSetup(context).alwaysDo(log()).apply(springSecurity()).build();
-    }
-
-    @After
-    public void tearDown() throws InterruptedException {
-        mockOAuth2Filter.cleanupSecurityContext();
-        notificationDelivery.clearDeliveredNotifications();
-    }
-
-    @Test
-    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
-    public void testEmailSentForSettingServiceAccount() throws Exception {
-        IamAccount testUser = iamAccountRepo.findByUsername("test")
-                .orElseThrow(() -> new AssertionError("Expected test user not found"));
-        ScimUser user = ScimUser.builder().serviceAccount(true).build();
-
-        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
-
-        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
-                .content(mapper.writeValueAsString(patchRequest))
-                .contentType("application/scim+json;charset=UTF-8"))
-                .andExpect(status().isNoContent());
-        List<IamEmailNotification> notifications = notificationRepo
-                .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
-
-        assertEquals(1, notifications.size());
-        assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
-
-        notificationDelivery.sendPendingNotifications();
-
-        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
-        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
-
-        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account set as service account"));
-
-        assertThat(message.getReceivers(), hasSize(1));
-        assertThat(message.getReceivers().get(0).getEmailAddress(),
-                equalTo(testUser.getUserInfo().getEmail()));
-
-        notificationDelivery.clearDeliveredNotifications();
-    }
-
-    @Test
-    @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
-    public void testEmailSentForRevokingServiceAccount() throws Exception {
-        IamAccount testUser = iamAccountRepo.findByUsername("test")
-                .orElseThrow(() -> new AssertionError("Expected test user not found"));
-        testUser.setServiceAccount(true);
-        iamAccountRepo.save(testUser);
-
-        ScimUser user = ScimUser.builder().serviceAccount(false).build();
-
-        ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
-
-        mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
-                .content(mapper.writeValueAsString(patchRequest))
-                .contentType("application/scim+json;charset=UTF-8"))
-                .andExpect(status().isNoContent());
-        List<IamEmailNotification> notifications = notificationRepo
-                .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
-
-        assertEquals(1, notifications.size());
-        assertEquals("[indigo-dc IAM] Account's service account status revoked", notifications.get(0).getSubject());
-
-        notificationDelivery.sendPendingNotifications();
-
-        assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
-        IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
-
-        assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account's service account status revoked"));
-
-        assertThat(message.getReceivers(), hasSize(1));
-        assertThat(message.getReceivers().get(0).getEmailAddress(),
-                equalTo(testUser.getUserInfo().getEmail()));
-
-        notificationDelivery.clearDeliveredNotifications();
-    }
-
-}
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTests.java
new file mode 100644
index 000000000..041bbf044
--- /dev/null
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/notification/ServiceAccountNotificationTests.java
@@ -0,0 +1,168 @@
+/**
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package it.infn.mw.iam.test.notification;
+
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.hasSize;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.log;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import java.util.List;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.web.context.WebApplicationContext;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import it.infn.mw.iam.IamLoginService;
+import it.infn.mw.iam.api.scim.model.ScimUser;
+import it.infn.mw.iam.api.scim.model.ScimUserPatchRequest;
+import it.infn.mw.iam.core.IamNotificationType;
+import it.infn.mw.iam.persistence.model.IamAccount;
+import it.infn.mw.iam.persistence.model.IamEmailNotification;
+import it.infn.mw.iam.persistence.repository.IamAccountRepository;
+import it.infn.mw.iam.persistence.repository.IamEmailNotificationRepository;
+import it.infn.mw.iam.test.core.CoreControllerTestSupport;
+import it.infn.mw.iam.test.util.WithAnonymousUser;
+import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest;
+import it.infn.mw.iam.test.util.notification.MockNotificationDelivery;
+import it.infn.mw.iam.test.util.oauth.MockOAuth2Filter;
+
+@RunWith(SpringRunner.class)
+@IamMockMvcIntegrationTest
+@SpringBootTest(classes = { IamLoginService.class, CoreControllerTestSupport.class,
+                NotificationTestConfig.class }, webEnvironment = WebEnvironment.MOCK)
+@WithAnonymousUser
+@TestPropertySource(properties = { "notification.disable=false" })
+public class ServiceAccountNotificationTests {
+
+        @Autowired
+        private MockNotificationDelivery notificationDelivery;
+
+        @Autowired
+        private MockOAuth2Filter mockOAuth2Filter;
+
+        @Autowired
+        private WebApplicationContext context;
+
+        @Autowired
+        private ObjectMapper mapper;
+
+        @Autowired
+        private IamAccountRepository iamAccountRepo;
+
+        @Autowired
+        private IamEmailNotificationRepository notificationRepo;
+
+        private MockMvc mvc;
+
+        @Before
+        public void setUp() {
+                mvc = MockMvcBuilders.webAppContextSetup(context).alwaysDo(log()).apply(springSecurity()).build();
+        }
+
+        @After
+        public void tearDown() {
+                mockOAuth2Filter.cleanupSecurityContext();
+                notificationDelivery.clearDeliveredNotifications();
+        }
+
+        @Test
+        @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
+        public void testEmailSentForSettingServiceAccount() throws Exception {
+                IamAccount testUser = iamAccountRepo.findByUsername("test")
+                                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+                ScimUser user = ScimUser.builder().serviceAccount(true).build();
+
+                ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
+
+                mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
+                                .content(mapper.writeValueAsString(patchRequest))
+                                .contentType("application/scim+json;charset=UTF-8"))
+                                .andExpect(status().isNoContent());
+                List<IamEmailNotification> notifications = notificationRepo
+                                .findByNotificationType(IamNotificationType.SET_SERVICE_ACCOUNT);
+
+                assertEquals(1, notifications.size());
+                assertEquals("[indigo-dc IAM] Account set as service account", notifications.get(0).getSubject());
+
+                notificationDelivery.sendPendingNotifications();
+
+                assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
+                IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
+
+                assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account set as service account"));
+
+                assertThat(message.getReceivers(), hasSize(1));
+                assertThat(message.getReceivers().get(0).getEmailAddress(),
+                                equalTo(testUser.getUserInfo().getEmail()));
+
+                notificationDelivery.clearDeliveredNotifications();
+        }
+
+        @Test
+        @WithMockUser(username = "admin", roles = { "ADMIN", "USER" })
+        public void testEmailSentForRevokingServiceAccount() throws Exception {
+                IamAccount testUser = iamAccountRepo.findByUsername("test")
+                                .orElseThrow(() -> new AssertionError("Expected test user not found"));
+                testUser.setServiceAccount(true);
+                iamAccountRepo.save(testUser);
+
+                ScimUser user = ScimUser.builder().serviceAccount(false).build();
+
+                ScimUserPatchRequest patchRequest = ScimUserPatchRequest.builder().replace(user).build();
+
+                mvc.perform(patch("/scim/Users/{id}", testUser.getUuid())
+                                .content(mapper.writeValueAsString(patchRequest))
+                                .contentType("application/scim+json;charset=UTF-8"))
+                                .andExpect(status().isNoContent());
+                List<IamEmailNotification> notifications = notificationRepo
+                                .findByNotificationType(IamNotificationType.REVOKE_SERVICE_ACCOUNT);
+
+                assertEquals(1, notifications.size());
+                assertEquals("[indigo-dc IAM] Account's service account status revoked",
+                                notifications.get(0).getSubject());
+
+                notificationDelivery.sendPendingNotifications();
+
+                assertThat(notificationDelivery.getDeliveredNotifications(), hasSize(1));
+                IamEmailNotification message = notificationDelivery.getDeliveredNotifications().get(0);
+
+                assertThat(message.getSubject(), equalTo("[indigo-dc IAM] Account's service account status revoked"));
+
+                assertThat(message.getReceivers(), hasSize(1));
+                assertThat(message.getReceivers().get(0).getEmailAddress(),
+                                equalTo(testUser.getUserInfo().getEmail()));
+
+                notificationDelivery.clearDeliveredNotifications();
+        }
+
+}
diff --git a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureRepositoryImpl.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureRepositoryImpl.java
index b59269103..5cfb6c22a 100644
--- a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureRepositoryImpl.java
+++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureRepositoryImpl.java
@@ -69,7 +69,7 @@ private void deleteSignature(IamAccount account) {
   public IamAupSignature createSignatureForAccount(IamAup aup, IamAccount account,
       Date currentTime) {
     if (account.isServiceAccount()) {
-      throw new IamAupSignatureUpdateError(account, "As user '%s' is a service account, AUP signature operation not allowed");
+      throw new IamAupSignatureUpdateError(account);
     }
     Optional<IamAupSignature> signature = signatureRepo.findByAupAndAccount(aup, account);
 
@@ -82,7 +82,7 @@ public IamAupSignature createSignatureForAccount(IamAup aup, IamAccount account,
   @Override
   public void deleteSignatureForAccount(IamAup aup, IamAccount account) {
     if (account.isServiceAccount()) {
-      throw new IamAupSignatureUpdateError(account, "As user '%s' is a service account, AUP signature operation not allowed");
+      throw new IamAupSignatureUpdateError(account);
     }
     
     if (signatureRepo.findByAupAndAccount(aup, account).isPresent()) {
diff --git a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java
index ea954e91e..b8ac21595 100644
--- a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java
+++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java
@@ -24,7 +24,7 @@ public class IamAupSignatureUpdateError extends RuntimeException {
    */
   private static final long serialVersionUID = 1L;
 
-  public IamAupSignatureUpdateError(IamAccount account, String message) {
-    super(String.format(message, account.getUsername()));
+  public IamAupSignatureUpdateError(IamAccount account) {
+    super(String.format("As user '%s' is a service account, AUP signature operation not allowed", account.getUsername()));
   }
 }
diff --git a/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql b/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql
index b768ab033..ceb52b96e 100644
--- a/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql
+++ b/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql
@@ -1,3 +1 @@
 ALTER TABLE iam_account ADD COLUMN service_account BOOLEAN DEFAULT false;
-
-UPDATE iam_account SET service_account = false;
\ No newline at end of file
diff --git a/iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql b/iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql
index b768ab033..ceb52b96e 100644
--- a/iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql
+++ b/iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql
@@ -1,3 +1 @@
 ALTER TABLE iam_account ADD COLUMN service_account BOOLEAN DEFAULT false;
-
-UPDATE iam_account SET service_account = false;
\ No newline at end of file

From 04ac5bc22c9b05acc9cb475fc2c6b9fe62b306f1 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Tue, 20 Aug 2024 14:22:13 +0000
Subject: [PATCH 20/30] Add an ExceptionHandler for IamAupSignatureUpdateError

---
 .../it/infn/mw/iam/api/aup/AupSignatureController.java | 10 +++++++++-
 .../iam/apps/dashboard-app/services/aup.service.js     |  4 ++--
 .../repository/IamAupSignatureUpdateError.java         |  3 ---
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java
index 89b7c2412..f3faa2e5b 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java
@@ -179,7 +179,7 @@ public AupSignatureDTO updateSignatureForAccount(@PathVariable String accountId,
   @ResponseStatus(value = HttpStatus.NO_CONTENT)
   @PreAuthorize("#iam.hasScope('iam:admin.write') or #iam.hasDashboardRole('ROLE_ADMIN')")
   public void deleteSignatureForAccount(@PathVariable String accountId,
-      Authentication authentication) throws AccountNotFoundException {
+      Authentication authentication) throws AccountNotFoundException, IamAupSignatureUpdateError {
 
     Optional<IamAccount> deleterAccount = accountUtils.getAuthenticatedUserAccount();
     IamAccount signatureAccount = accountUtils.getByAccountId(accountId)
@@ -206,6 +206,8 @@ public void deleteSignatureForAccount(@PathVariable String accountId,
           .publishEvent(AupSignatureDeletedEvent.deletedByClient(this, principal, signature.get()));
       }
       notificationFactory.createAupSignatureRequestMessage(signatureAccount);
+    } else {
+      throw new AupSignatureNotFoundError(signatureAccount);
     }
   }
 
@@ -226,4 +228,10 @@ public ErrorDTO accountNotFoundError(Exception ex) {
   public ErrorDTO aupNotFoundError(Exception ex) {
     return ErrorDTO.fromString(ex.getMessage());
   }
+
+  @ResponseStatus(value = HttpStatus.METHOD_NOT_ALLOWED)
+  @ExceptionHandler(IamAupSignatureUpdateError.class)
+  public ErrorDTO aupSignatureUpdateError(Exception ex) {
+    return ErrorDTO.fromString(ex.getMessage());
+  }
 }
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/aup.service.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/aup.service.js
index 8b667ec77..8cbbb1fcb 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/aup.service.js
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/aup.service.js
@@ -101,7 +101,7 @@
                     return null;
                 }
                 if (res.status == 405) {
-                    console.info("AUP operation not allowed for service account");
+                    console.info(res.data.error);                    
                     return null;
                 }
                 return $q.reject(res);
@@ -115,7 +115,7 @@
                     return null;
                 }
                 if (res.status == 405) {
-                    console.info("AUP operation not allowed for service account");
+                    console.info(res.data.error);
                     return null;
                 }
                 return $q.reject(res);
diff --git a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java
index b8ac21595..6ecd35dd1 100644
--- a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java
+++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAupSignatureUpdateError.java
@@ -19,9 +19,6 @@
 
 public class IamAupSignatureUpdateError extends RuntimeException {
 
-  /**
-   * 
-   */
   private static final long serialVersionUID = 1L;
 
   public IamAupSignatureUpdateError(IamAccount account) {

From ec22e8c21a2ce7c55857f649888121b0d635df0d Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Tue, 20 Aug 2024 14:47:26 +0000
Subject: [PATCH 21/30] Fix test

---
 .../infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java
index 3b24ebf01..b2fb3bdf2 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java
@@ -303,7 +303,7 @@ public void aupRemovalForSingleUser() throws Exception {
     mvc.perform(delete("/iam/aup/signature/" + account.getUuid()))
       .andExpect(status().isNoContent());
     mvc.perform(delete("/iam/aup/signature/" + account.getUuid()))
-      .andExpect(status().isNoContent());
+      .andExpect(status().isNotFound());
     mvc.perform(get("/iam/aup/signature/" + account.getUuid()))
       .andExpect(status().isNotFound())
       .andExpect(jsonPath("$.error", equalTo("AUP signature not found for user 'admin'")));

From 8a18dd793c3121504b5fb976a4bdcdc26fac460d Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Wed, 21 Aug 2024 10:36:21 +0000
Subject: [PATCH 22/30] Add exception handler in AupSignaturePageController

---
 .../mw/iam/api/aup/AupSignatureController.java   |  2 --
 .../iam/api/aup/AupSignaturePageController.java  | 13 ++++++++++++-
 .../api/aup/AupSignatureIntegrationTests.java    | 16 +++++++++++++++-
 3 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java
index f3faa2e5b..706198510 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java
@@ -206,8 +206,6 @@ public void deleteSignatureForAccount(@PathVariable String accountId,
           .publishEvent(AupSignatureDeletedEvent.deletedByClient(this, principal, signature.get()));
       }
       notificationFactory.createAupSignatureRequestMessage(signatureAccount);
-    } else {
-      throw new AupSignatureNotFoundError(signatureAccount);
     }
   }
 
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignaturePageController.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignaturePageController.java
index 26152e51c..ac39685b0 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignaturePageController.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignaturePageController.java
@@ -28,14 +28,18 @@
 import javax.servlet.http.HttpSession;
 
 import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.web.savedrequest.SavedRequest;
 import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.servlet.ModelAndView;
 
 import it.infn.mw.iam.api.account.AccountUtils;
+import it.infn.mw.iam.api.common.ErrorDTO;
 import it.infn.mw.iam.audit.events.aup.AupSignedEvent;
 import it.infn.mw.iam.core.time.TimeProvider;
 import it.infn.mw.iam.persistence.model.IamAccount;
@@ -43,6 +47,7 @@
 import it.infn.mw.iam.persistence.model.IamAupSignature;
 import it.infn.mw.iam.persistence.repository.IamAupRepository;
 import it.infn.mw.iam.persistence.repository.IamAupSignatureRepository;
+import it.infn.mw.iam.persistence.repository.IamAupSignatureUpdateError;
 
 @Controller
 public class AupSignaturePageController {
@@ -97,7 +102,7 @@ private Optional<SavedRequest> checkForSavedSpringSecurityRequest(HttpSession se
   @PreAuthorize("hasRole('USER')")
   @PostMapping(value = "/iam/aup/sign")
   public ModelAndView signAup(HttpServletRequest request, HttpServletResponse response,
-      HttpSession session) {
+      HttpSession session) throws IamAupSignatureUpdateError {
 
     Optional<IamAup> aup = repo.findDefaultAup();
 
@@ -126,6 +131,12 @@ public ModelAndView signAup(HttpServletRequest request, HttpServletResponse resp
 
     return new ModelAndView("redirect:/dashboard");
   }
+
+  @ResponseStatus(value = HttpStatus.METHOD_NOT_ALLOWED)
+  @ExceptionHandler(IamAupSignatureUpdateError.class)
+  public ErrorDTO aupSignatureUpdateError(Exception ex) {
+    return ErrorDTO.fromString(ex.getMessage());
+  }
 }
 
 
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java
index b2fb3bdf2..bac4a5c35 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java
@@ -303,7 +303,7 @@ public void aupRemovalForSingleUser() throws Exception {
     mvc.perform(delete("/iam/aup/signature/" + account.getUuid()))
       .andExpect(status().isNoContent());
     mvc.perform(delete("/iam/aup/signature/" + account.getUuid()))
-      .andExpect(status().isNotFound());
+      .andExpect(status().isNoContent());
     mvc.perform(get("/iam/aup/signature/" + account.getUuid()))
       .andExpect(status().isNotFound())
       .andExpect(jsonPath("$.error", equalTo("AUP signature not found for user 'admin'")));
@@ -438,4 +438,18 @@ public void signAupOnBehalfOfUserThatHasNoSignature() throws Exception {
 
   }
 
+  @Test
+  @WithMockUser(username = "test", roles = {"USER"})
+  public void testSignAupThrowExceptionForServiceAccount() throws Exception {
+    IamAup aup = buildDefaultAup();
+    aupRepo.save(aup);
+    
+    IamAccount testAccount = accountRepo.findByUsername("test").orElseThrow();
+    testAccount.setServiceAccount(true);
+    accountRepo.save(testAccount);
+
+    mvc.perform(post("/iam/aup/sign"))
+    .andExpect(status().isMethodNotAllowed());
+  }
+
 }

From 956330a140a655bdeae721f12e2d8bb8edd01dbe Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Thu, 22 Aug 2024 14:56:56 +0000
Subject: [PATCH 23/30] Block AUP reminder and expiration email for service
 account

---
 .../mw/iam/core/web/aup/AupReminderTask.java  |  4 +-
 .../test/api/aup/AupReminderTaskTests.java    | 74 +++++++++++++++++++
 2 files changed, 76 insertions(+), 2 deletions(-)

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/core/web/aup/AupReminderTask.java b/iam-login-service/src/main/java/it/infn/mw/iam/core/web/aup/AupReminderTask.java
index 5bcff6068..3d12c9b19 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/core/web/aup/AupReminderTask.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/core/web/aup/AupReminderTask.java
@@ -68,7 +68,7 @@ public void sendAupReminders() {
 
         // check if an email of type AUP_EXPIRATION does not already exist, because it is never deleted
         expiredSignatures.forEach(s -> {
-          if (isExpiredSignatureEmailNotAlreadySentFor(s.getAccount())) {
+          if (isExpiredSignatureEmailNotAlreadySentFor(s.getAccount()) && !s.getAccount().isServiceAccount()) {
             notification.createAupSignatureExpMessage(s.getAccount());
           }
         });
@@ -88,7 +88,7 @@ private void processRemindersForInterval(IamAup aup, LocalDate currentDate, Inte
 
     // check if an email of type AUP_REMINDER does not already exist, because it is never deleted
     signatures.forEach(s -> {
-      if (isAupReminderEmailNotAlreadySentFor(s.getAccount(), tomorrowAsDate)) {
+      if (isAupReminderEmailNotAlreadySentFor(s.getAccount(), tomorrowAsDate) && !s.getAccount().isServiceAccount()) {
         notification.createAupReminderMessage(s.getAccount(), aup);
       }
     });
diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupReminderTaskTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupReminderTaskTests.java
index 367caa594..cc27ef86d 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupReminderTaskTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupReminderTaskTests.java
@@ -224,4 +224,78 @@ public void aupExpirationEmailNotSentIfAupSignatureValidityIsZero() {
         equalTo(0));
 
   }
+
+  @Test
+  @WithMockUser(username = "admin", roles = {"ADMIN", "USER"})
+  public void aupExpirationEmailNotSentForServiceAccount() {
+    IamAup aup = buildDefaultAup();
+    aup.setSignatureValidityInDays(2L);
+
+    LocalDate today = LocalDate.now();
+    LocalDate twoDaysAgo = today.minusDays(2);
+
+    Date date = Date.from(twoDaysAgo.atStartOfDay(ZoneId.systemDefault()).toInstant());
+    aup.setCreationTime(date);
+    aup.setLastUpdateTime(date);
+    aupRepo.save(aup);
+
+    IamAccount testAccount = accountRepo.findByUsername("test")
+      .orElseThrow(() -> new AssertionError("Expected test account not found"));
+
+    signatureRepo.createSignatureForAccount(aup, testAccount, date);
+
+    testAccount.setServiceAccount(true);  
+    accountRepo.save(testAccount);
+
+    assertThat(
+        notificationRepo.countAupExpirationMessPerAccount(testAccount.getUserInfo().getEmail()),
+        equalTo(0));
+
+    aupReminderTask.sendAupReminders();
+    notificationDelivery.sendPendingNotifications();
+    assertThat(
+        notificationRepo.countAupExpirationMessPerAccount(testAccount.getUserInfo().getEmail()),
+        equalTo(0));
+
+  }
+
+  @Test
+  @WithMockUser(username = "admin", roles = {"ADMIN", "USER"})
+  public void aupReminderEmailNotSentForServiceAccount() {
+    IamAup aup = buildDefaultAup();
+    aup.setSignatureValidityInDays(30L);
+    aupRepo.save(aup);
+
+    Date now = new Date();
+    mockTimeProvider.setTime(now.getTime());
+    LocalDate today = LocalDate.now();
+    LocalDate tomorrow = today.plusDays(1);
+    Date tomorrowDate = Date.from(tomorrow.atStartOfDay(ZoneId.systemDefault()).toInstant());
+
+    IamAccount testAccount = accountRepo.findByUsername("test")
+      .orElseThrow(() -> new AssertionError("Expected test account not found"));
+
+    mockTimeProvider.setTime(now.getTime() + TimeUnit.MINUTES.toMillis(5));
+
+    assertThat(service.needsAupSignature(testAccount), is(true));
+
+    signatureRepo.createSignatureForAccount(aup, testAccount,
+        new Date(mockTimeProvider.currentTimeMillis()));
+
+    assertThat(service.needsAupSignature(testAccount), is(false));
+
+    testAccount.setServiceAccount(true);  
+    accountRepo.save(testAccount);
+
+    mockTimeProvider.setTime(now.getTime() + TimeUnit.MINUTES.toMillis(10));
+
+    assertThat(notificationRepo.countAupRemindersPerAccount(testAccount.getUserInfo().getEmail(),
+        tomorrowDate), equalTo(0));
+
+    aupReminderTask.sendAupReminders();
+    notificationDelivery.sendPendingNotifications();
+    assertThat(notificationRepo.countAupRemindersPerAccount(testAccount.getUserInfo().getEmail(),
+        tomorrowDate), equalTo(0));
+
+  }
 }

From 5107bf0bbabd31ed37bb7a4832c1dd37b3e42958 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Tue, 3 Sep 2024 09:53:17 +0000
Subject: [PATCH 24/30] Return error message as a JSON response

---
 .../infn/mw/iam/api/aup/AupSignaturePageController.java   | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignaturePageController.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignaturePageController.java
index ac39685b0..a40fd9c89 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignaturePageController.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignaturePageController.java
@@ -29,13 +29,13 @@
 
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.web.savedrequest.SavedRequest;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.servlet.ModelAndView;
 
 import it.infn.mw.iam.api.account.AccountUtils;
@@ -132,10 +132,10 @@ public ModelAndView signAup(HttpServletRequest request, HttpServletResponse resp
     return new ModelAndView("redirect:/dashboard");
   }
 
-  @ResponseStatus(value = HttpStatus.METHOD_NOT_ALLOWED)
   @ExceptionHandler(IamAupSignatureUpdateError.class)
-  public ErrorDTO aupSignatureUpdateError(Exception ex) {
-    return ErrorDTO.fromString(ex.getMessage());
+  public ResponseEntity<ErrorDTO> aupSignatureUpdateError(Exception ex) {
+    ErrorDTO errorResponse = ErrorDTO.fromString(ex.getMessage());
+    return new ResponseEntity<>(errorResponse, HttpStatus.METHOD_NOT_ALLOWED);
   }
 }
 

From 9a1f87f9214cba072a28694ec4204fcf14fef4b6 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Wed, 18 Sep 2024 15:51:49 +0000
Subject: [PATCH 25/30] Add serviceAccount field inside ScimIndigoUser
 extension object

---
 .../mw/iam/api/scim/model/ScimIndigoUser.java | 16 +++++++++++++++-
 .../infn/mw/iam/api/scim/model/ScimUser.java  | 19 +++++++------------
 .../services/scim-factory.service.js          |  4 +++-
 3 files changed, 25 insertions(+), 14 deletions(-)

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimIndigoUser.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimIndigoUser.java
index daac57df2..f744f151a 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimIndigoUser.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimIndigoUser.java
@@ -83,13 +83,15 @@ public String toString() {
   @Valid
   private final List<ScimGroupRef> managedGroups;
 
+  private Boolean serviceAccount;
+
   @JsonCreator
   private ScimIndigoUser(@JsonProperty("oidcIds") List<ScimOidcId> oidcIds,
       @JsonProperty("sshKeys") List<ScimSshKey> sshKeys,
       @JsonProperty("samlIds") List<ScimSamlId> samlIds,
       @JsonProperty("x509Certificates") List<ScimX509Certificate> certs,
       @JsonProperty("aupSignatureTime") Date aupSignatureTime,
-      @JsonProperty("endTime") Date endTime) {
+      @JsonProperty("endTime") Date endTime, @JsonProperty("serviceAccount") Boolean serviceAccount) {
 
     this.oidcIds = oidcIds != null ? oidcIds : new LinkedList<>();
     this.sshKeys = sshKeys != null ? sshKeys : new LinkedList<>();
@@ -97,6 +99,7 @@ private ScimIndigoUser(@JsonProperty("oidcIds") List<ScimOidcId> oidcIds,
     this.certificates = certs != null ? certs : new LinkedList<>();
     this.aupSignatureTime = aupSignatureTime;
     this.endTime = endTime;
+    this.serviceAccount = serviceAccount;
     this.labels = null;
     this.authorities = null;
     this.attributes = null;
@@ -110,6 +113,7 @@ private ScimIndigoUser(Builder b) {
     this.certificates = b.certificates;
     this.aupSignatureTime = b.aupSignatureTime;
     this.endTime = b.endTime;
+    this.serviceAccount = b.serviceAccount;
     this.labels = b.labels;
     this.attributes = b.attributes;
     this.managedGroups = b.managedGroups;
@@ -159,6 +163,10 @@ public Date getEndTime() {
     return endTime;
   }
 
+  public Boolean getServiceAccount() {
+    return serviceAccount;
+  }
+
   public static Builder builder() {
 
     return new Builder();
@@ -174,6 +182,7 @@ public static class Builder {
 
     private Date aupSignatureTime;
     private Date endTime;
+    private Boolean serviceAccount;
 
     private List<String> authorities = Lists.newLinkedList();
     private List<ScimAttribute> attributes = Lists.newLinkedList();
@@ -212,6 +221,11 @@ public Builder endTime(Date endTime) {
       return this;
     }
 
+    public Builder serviceAccount(Boolean serviceAccount) {
+      this.serviceAccount = serviceAccount;
+      return this;
+    }
+
     public Builder labels(List<ScimLabel> labels) {
       this.labels = labels;
       return this;
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
index 19ec98509..e31cd9d69 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
@@ -68,7 +68,6 @@ public interface UpdateUserValidation extends Default {
   private final String locale;
   private final String timezone;
   private final Boolean active;
-  private final Boolean serviceAccount;
 
   @NotEmpty(groups = {NewUserValidation.class})
   @Valid
@@ -94,7 +93,7 @@ private ScimUser(@JsonProperty("id") String id, @JsonProperty("externalId") Stri
       @JsonProperty("userType") String userType,
       @JsonProperty("preferredLanguage") String preferredLanguage,
       @JsonProperty("locale") String locale, @JsonProperty("timezone") String timezone,
-      @JsonProperty("active") Boolean active, @JsonProperty("serviceAccount") Boolean serviceAccount,
+      @JsonProperty("active") Boolean active,
       @JsonProperty("emails") List<ScimEmail> emails,
       @JsonProperty("addresses") List<ScimAddress> addresses,
       @JsonProperty("photos") List<ScimPhoto> photos,
@@ -118,7 +117,6 @@ private ScimUser(@JsonProperty("id") String id, @JsonProperty("externalId") Stri
     this.timezone = timezone;
     this.emails = emails;
     this.active = active;
-    this.serviceAccount = serviceAccount;
     this.groups = groups;
     this.addresses = addresses;
     this.indigoUser = indigoUser;
@@ -138,7 +136,6 @@ private ScimUser(Builder b) {
     this.locale = b.locale;
     this.timezone = b.timezone;
     this.active = b.active;
-    this.serviceAccount = b.serviceAccount;
     this.emails = b.emails;
     this.addresses = b.addresses;
     /* build indigoUserBuilder only if it has been touched */
@@ -222,7 +219,7 @@ public Boolean getActive() {
 
   public Boolean getServiceAccount() {
 
-    return serviceAccount;
+    return indigoUser != null && indigoUser.getServiceAccount();
   }
 
   public List<ScimEmail> getEmails() {
@@ -309,7 +306,6 @@ public static class Builder extends ScimResource.Builder<ScimUser> {
     private String locale;
     private String timezone;
     private Boolean active;
-    private Boolean serviceAccount;
 
     private List<ScimEmail> emails = new ArrayList<>();
     private Set<ScimGroupRef> groups = new LinkedHashSet<>();
@@ -411,12 +407,6 @@ public Builder active(Boolean active) {
       return this;
     }
 
-    public Builder serviceAccount(Boolean serviceAccount) {
-
-      this.serviceAccount = serviceAccount;
-      return this;
-    }
-
     public Builder addGroupRef(ScimGroupRef scimGroupRef) {
 
       Preconditions.checkNotNull(scimGroupRef, "Null group ref");
@@ -481,6 +471,11 @@ public Builder endTime(Date endTime) {
       return this;
     }
 
+    public Builder serviceAccount(Boolean serviceAccount) {
+      indigoUserBuilder.serviceAccount(serviceAccount);
+      return this;
+    }
+
     public Builder addAuthority(String authority) {
 
       Preconditions.checkNotNull(authority, "Null authority");
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/scim-factory.service.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/scim-factory.service.js
index 2f6b45a7f..4e47c05f6 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/scim-factory.service.js
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/services/scim-factory.service.js
@@ -596,7 +596,9 @@ angular.module('dashboardApp').factory("scimFactory", ['$q', '$http', '$httpPara
 			operations: [{
 				op: "replace",
 				value: {
-					serviceAccount: status
+					"urn:indigo-dc:scim:schemas:IndigoUser": {
+						serviceAccount: status
+					}					
 				}
 			}]
 		};

From b7809712bbee2ece9e4085e43423cf2467db072b Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Thu, 19 Sep 2024 08:53:23 +0000
Subject: [PATCH 26/30] Fix failing tests

---
 .../src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
index e31cd9d69..c283ecaaf 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
@@ -219,7 +219,7 @@ public Boolean getActive() {
 
   public Boolean getServiceAccount() {
 
-    return indigoUser != null && indigoUser.getServiceAccount();
+    return indigoUser != null && indigoUser.getServiceAccount() != null && indigoUser.getServiceAccount();
   }
 
   public List<ScimEmail> getEmails() {

From 0e8d5543be49f96e38f13db35cadba236eb1e188 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Thu, 19 Sep 2024 12:52:18 +0000
Subject: [PATCH 27/30] Fix failing tests

---
 .../java/it/infn/mw/iam/api/scim/model/ScimIndigoUser.java   | 3 ++-
 .../main/java/it/infn/mw/iam/api/scim/model/ScimUser.java    | 5 +++++
 .../scim/updater/factory/DefaultAccountUpdaterFactory.java   | 5 ++++-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimIndigoUser.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimIndigoUser.java
index f744f151a..e9ae57de1 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimIndigoUser.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimIndigoUser.java
@@ -91,7 +91,8 @@ private ScimIndigoUser(@JsonProperty("oidcIds") List<ScimOidcId> oidcIds,
       @JsonProperty("samlIds") List<ScimSamlId> samlIds,
       @JsonProperty("x509Certificates") List<ScimX509Certificate> certs,
       @JsonProperty("aupSignatureTime") Date aupSignatureTime,
-      @JsonProperty("endTime") Date endTime, @JsonProperty("serviceAccount") Boolean serviceAccount) {
+      @JsonProperty("endTime") Date endTime, 
+      @JsonProperty("serviceAccount") Boolean serviceAccount) {
 
     this.oidcIds = oidcIds != null ? oidcIds : new LinkedList<>();
     this.sshKeys = sshKeys != null ? sshKeys : new LinkedList<>();
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
index c283ecaaf..fad8fb5b8 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
@@ -282,6 +282,11 @@ public boolean hasName() {
     return name != null;
   }
 
+  public boolean hasServiceAccountStatus() {
+
+    return indigoUser != null && indigoUser.getServiceAccount() != null;
+  }
+
   public static Builder builder(String username) {
 
     return new Builder(username);
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
index 41c6fedaa..52343b070 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
@@ -207,7 +207,10 @@ private void prepareReplacers(List<AccountUpdater> updaters, ScimUser user, IamA
     addUpdater(updaters, Objects::nonNull, user::getUserName, replace::username);
     addUpdater(updaters, Objects::nonNull, user::getPassword, replace::password);
     addUpdater(updaters, Objects::nonNull, user::getActive, replace::active);
-    addUpdater(updaters, Objects::nonNull, user::getServiceAccount, replace::serviceAccount);
+
+    if (user.hasServiceAccountStatus()) {
+      addUpdater(updaters, Objects::nonNull, user::getServiceAccount, replace::serviceAccount); 
+    }
 
     if (user.hasEmails()) {
       addUpdater(updaters, Objects::nonNull, user.getEmails().get(0)::getValue, replace::email);

From fe9cfbabc95e13c39ff41071fb0a82569a3bb389 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Fri, 20 Sep 2024 15:31:10 +0000
Subject: [PATCH 28/30] Remove getServiceAccount from ScimUser

---
 .../it/infn/mw/iam/api/scim/converter/UserConverter.java   | 4 ++--
 .../main/java/it/infn/mw/iam/api/scim/model/ScimUser.java  | 7 +------
 .../scim/updater/factory/DefaultAccountUpdaterFactory.java | 2 +-
 .../user.request-aup-signature.component.html              | 2 +-
 .../user.request-aup-signature.component.js                | 3 +++
 .../service-account/user.service.account.component.html    | 4 ++--
 .../user/service-account/user.service.account.component.js | 5 +++--
 .../user/sign-on-behalf/user.sign-on-behalf.component.html | 2 +-
 .../user/sign-on-behalf/user.sign-on-behalf.component.js   | 3 +++
 .../apps/dashboard-app/components/user/user.component.js   | 4 ++++
 10 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/converter/UserConverter.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/converter/UserConverter.java
index 258f7b65e..ced01867b 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/converter/UserConverter.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/converter/UserConverter.java
@@ -91,8 +91,8 @@ public IamAccount entityFromDto(ScimUser scimUser) {
       account.setActive(scimUser.getActive());
     }
 
-    if (scimUser.getServiceAccount() != null) {
-      account.setServiceAccount(scimUser.getServiceAccount());
+    if (scimUser.hasServiceAccountStatus()) {
+      account.setServiceAccount(scimUser.getIndigoUser().getServiceAccount());
     }
 
     if (scimUser.getPassword() != null) {
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
index fad8fb5b8..fb6110521 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/model/ScimUser.java
@@ -216,12 +216,7 @@ public Boolean getActive() {
 
     return active;
   }
-
-  public Boolean getServiceAccount() {
-
-    return indigoUser != null && indigoUser.getServiceAccount() != null && indigoUser.getServiceAccount();
-  }
-
+  
   public List<ScimEmail> getEmails() {
 
     return emails;
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
index 52343b070..8ed36a5b5 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/scim/updater/factory/DefaultAccountUpdaterFactory.java
@@ -209,7 +209,7 @@ private void prepareReplacers(List<AccountUpdater> updaters, ScimUser user, IamA
     addUpdater(updaters, Objects::nonNull, user::getActive, replace::active);
 
     if (user.hasServiceAccountStatus()) {
-      addUpdater(updaters, Objects::nonNull, user::getServiceAccount, replace::serviceAccount); 
+      addUpdater(updaters, Objects::nonNull, user.getIndigoUser()::getServiceAccount, replace::serviceAccount); 
     }
 
     if (user.hasEmails()) {
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.html b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.html
index cb3f1bfca..66ce73801 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.html
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.html
@@ -15,7 +15,7 @@
     limitations under the License.
 
 -->
-<button ng-if="$ctrl.aupIsEnabled() && !$ctrl.user.serviceAccount && !$ctrl.isMe()"
+<button ng-if="$ctrl.aupIsEnabled() && !$ctrl.indigoUser().serviceAccount && !$ctrl.isMe()"
     class="btn btn-warning btn-block"
     style="margin-top: 5px" 
     ng-click="$ctrl.openRequestAupSignatureModal()" 
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.js
index 8865062b1..965dbc78a 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.js
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/request-aup-signature/user.request-aup-signature.component.js
@@ -29,6 +29,9 @@
     self.aupIsEnabled = function () {
       return self.aup !== null;
     };
+    self.indigoUser = function () {
+      return self.user['urn:indigo-dc:scim:schemas:IndigoUser'];
+    };
 
     self.openRequestAupSignatureModal = function() {
       self.enabled = false;
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.html b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.html
index f501c0fa0..72c48353e 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.html
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.html
@@ -18,7 +18,7 @@
 <!-- Set user as service account button -->
 <button class="btn btn-primary btn-block"
     style="margin-top: 5px"
-    ng-if="!$ctrl.user.serviceAccount && !$ctrl.isMe()" 
+    ng-if="!$ctrl.indigoUser().serviceAccount && !$ctrl.isMe()" 
     ng-click="$ctrl.openDialog()" 
     ng-enabled="$ctrl.enabled"
     name="disable-user-btn">
@@ -28,7 +28,7 @@
 
 <!-- Revoke user as service account button -->
 <button class="btn btn-primary btn-block" 
-    ng-if="$ctrl.user.serviceAccount && !$ctrl.isMe()"
+    ng-if="$ctrl.indigoUser().serviceAccount && !$ctrl.isMe()"
     style="margin-top: 5px" 
     ng-click="$ctrl.openDialog()" 
     ng-enabled="$ctrl.enabled"
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js
index 614fae139..3d7bc8efe 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/service-account/user.service.account.component.js
@@ -31,7 +31,7 @@
     self.handleSuccess = function() {
       self.enabled = true;
       self.userCtrl.loadUser().then(function(user) {
-        if (user.serviceAccount) {
+        if (self.indigoUser().serviceAccount) {
           toaster.pop({
             type: 'success',
             body:
@@ -64,7 +64,7 @@
       var modalOptions = null;
       var updateServiceAccountStatusFunc = null;
 
-      if (self.user.serviceAccount) {
+      if (self.indigoUser().serviceAccount) {
         modalOptions = {
           closeButtonText: 'Cancel',
           actionButtonText: 'Revoke service account status',
@@ -94,6 +94,7 @@
 
 
     self.isMe = function() { return Utils.isMe(self.user.id); };
+    self.indigoUser = function() { return self.userCtrl.indigoUser(); };
   }
 
   angular.module('dashboardApp').component('userServiceAccount', {
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.html b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.html
index 05b95dc1d..bee252b39 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.html
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.html
@@ -15,7 +15,7 @@
     limitations under the License.
 
 -->
-<button ng-if="$ctrl.aupIsEnabled() && !$ctrl.user.serviceAccount && !$ctrl.isMe()"
+<button ng-if="$ctrl.aupIsEnabled() && !$ctrl.indigoUser().serviceAccount && !$ctrl.isMe()"
     class="btn btn-success btn-block"
     style="margin-top: 5px" 
     ng-click="$ctrl.openSignAupOnBehalfModal()" 
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.js
index 5948b3c59..b49bcccc7 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.js
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/sign-on-behalf/user.sign-on-behalf.component.js
@@ -29,6 +29,9 @@
     self.aupIsEnabled = function () {
       return self.aup !== null;
     };
+    self.indigoUser = function () {
+      return self.user['urn:indigo-dc:scim:schemas:IndigoUser'];
+    };
 
         
     self.openSignAupOnBehalfModal = function() {
diff --git a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/user.component.js b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/user.component.js
index 6aa8ea1fd..fb9d9d537 100644
--- a/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/user.component.js
+++ b/iam-login-service/src/main/webapp/resources/iam/apps/dashboard-app/components/user/user.component.js
@@ -46,6 +46,10 @@
             return Utils.isMe(self.user.id);
         };
 
+        self.indigoUser = function () {
+            return self.user['urn:indigo-dc:scim:schemas:IndigoUser'];
+        };
+
         self.canManageLinkedAccounts = function () {
             if (!self.accountLinkingEnabled) {
                 return self.isVoAdmin();

From e094baa933dd8697e7da37a4c59ea4e089ac3963 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Fri, 18 Oct 2024 13:59:27 +0000
Subject: [PATCH 29/30] Move V106 migrations to V108

---
 ...106__add_service_account.sql => V108__add_service_account.sql} | 0
 ...106__add_service_account.sql => V108__add_service_account.sql} | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename iam-persistence/src/main/resources/db/migration/h2/{V106__add_service_account.sql => V108__add_service_account.sql} (100%)
 rename iam-persistence/src/main/resources/db/migration/mysql/{V106__add_service_account.sql => V108__add_service_account.sql} (100%)

diff --git a/iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql b/iam-persistence/src/main/resources/db/migration/h2/V108__add_service_account.sql
similarity index 100%
rename from iam-persistence/src/main/resources/db/migration/h2/V106__add_service_account.sql
rename to iam-persistence/src/main/resources/db/migration/h2/V108__add_service_account.sql
diff --git a/iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql b/iam-persistence/src/main/resources/db/migration/mysql/V108__add_service_account.sql
similarity index 100%
rename from iam-persistence/src/main/resources/db/migration/mysql/V106__add_service_account.sql
rename to iam-persistence/src/main/resources/db/migration/mysql/V108__add_service_account.sql

From a48620eca429ab0e363bf8eb391b8fa7fed3a3e0 Mon Sep 17 00:00:00 2001
From: garaimanoj <manoj.garai@stfc.ac.uk>
Date: Fri, 18 Oct 2024 15:25:20 +0000
Subject: [PATCH 30/30] Fix test

---
 .../mw/iam/test/api/aup/AupSignatureIntegrationTests.java     | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java
index bac4a5c35..a6bd1e6ba 100644
--- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java
+++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/aup/AupSignatureIntegrationTests.java
@@ -441,9 +441,7 @@ public void signAupOnBehalfOfUserThatHasNoSignature() throws Exception {
   @Test
   @WithMockUser(username = "test", roles = {"USER"})
   public void testSignAupThrowExceptionForServiceAccount() throws Exception {
-    IamAup aup = buildDefaultAup();
-    aupRepo.save(aup);
-    
+       
     IamAccount testAccount = accountRepo.findByUsername("test").orElseThrow();
     testAccount.setServiceAccount(true);
     accountRepo.save(testAccount);