diff --git a/src/main/java/com/michelin/ns4kafka/controller/RoleBindingController.java b/src/main/java/com/michelin/ns4kafka/controller/RoleBindingController.java index de08c4a3..a96438b7 100644 --- a/src/main/java/com/michelin/ns4kafka/controller/RoleBindingController.java +++ b/src/main/java/com/michelin/ns4kafka/controller/RoleBindingController.java @@ -54,7 +54,7 @@ public List list(String namespace, @QueryValue(defaultValue = "*") * @param namespace The namespace * @param name The role binding name * @return A role binding - * @deprecated use list(String, String name) instead. + * @deprecated use {@link #list(String, String)} instead. */ @Get("/{name}") @Deprecated(since = "1.12.0") @@ -107,11 +107,13 @@ public HttpResponse apply(String namespace, @Valid @Body RoleBindin * * @param namespace The namespace * @param name The role binding - * @param dryrun Is dry run mode or not ? + * @param dryrun Is dry run mode or not? * @return An HTTP response + * @deprecated use {@link #bulkDelete(String, String, boolean)} instead. */ @Delete("/{name}{?dryrun}") @Status(HttpStatus.NO_CONTENT) + @Deprecated(since = "1.13.0") public HttpResponse delete(String namespace, String name, @QueryValue(defaultValue = "false") boolean dryrun) { Optional roleBinding = roleBindingService.findByName(namespace, name); @@ -136,4 +138,39 @@ public HttpResponse delete(String namespace, String name, roleBindingService.delete(roleBindingToDelete); return HttpResponse.noContent(); } + + /** + * Delete role bindings. + * + * @param namespace The namespace + * @param name The name parameter + * @param dryrun Is dry run mode or not? + * @return An HTTP response + */ + @Status(HttpStatus.NO_CONTENT) + @Delete + public HttpResponse bulkDelete(String namespace, @QueryValue(defaultValue = "*") String name, + @QueryValue(defaultValue = "false") boolean dryrun) { + List roleBindings = roleBindingService.findByWildcardName(namespace, name); + if (roleBindings.isEmpty()) { + return HttpResponse.notFound(); + } + + if (dryrun) { + return HttpResponse.noContent(); + } + + roleBindings.forEach(roleBinding -> { + sendEventLog( + roleBinding, + ApplyStatus.deleted, + roleBinding.getSpec(), + null, + EMPTY_STRING + ); + roleBindingService.delete(roleBinding); + }); + + return HttpResponse.noContent(); + } } diff --git a/src/test/java/com/michelin/ns4kafka/controller/RoleBindingControllerTest.java b/src/test/java/com/michelin/ns4kafka/controller/RoleBindingControllerTest.java index d74449db..94c64b54 100644 --- a/src/test/java/com/michelin/ns4kafka/controller/RoleBindingControllerTest.java +++ b/src/test/java/com/michelin/ns4kafka/controller/RoleBindingControllerTest.java @@ -16,6 +16,7 @@ import com.michelin.ns4kafka.service.NamespaceService; import com.michelin.ns4kafka.service.RoleBindingService; import io.micronaut.context.event.ApplicationEventPublisher; +import io.micronaut.http.HttpStatus; import io.micronaut.security.utils.SecurityService; import java.util.List; import java.util.Map; @@ -162,6 +163,7 @@ void shouldCreateRoleBindingInDryRunMode() { } @Test + @SuppressWarnings("deprecation") void shouldDeleteRoleBinding() { RoleBinding rolebinding = RoleBinding.builder() .metadata(Metadata.builder() @@ -183,6 +185,7 @@ void shouldDeleteRoleBinding() { } @Test + @SuppressWarnings("deprecation") void shouldDeleteRoleBindingInDryRunMode() { RoleBinding rolebinding = RoleBinding.builder() .metadata(Metadata.builder() @@ -197,6 +200,62 @@ void shouldDeleteRoleBindingInDryRunMode() { verify(roleBindingService, never()).delete(any()); } + @Test + void shouldDeleteRoleBindings() { + RoleBinding rolebinding1 = RoleBinding.builder() + .metadata(Metadata.builder() + .name("test.rolebinding1") + .build()) + .build(); + RoleBinding rolebinding2 = RoleBinding.builder() + .metadata(Metadata.builder() + .name("test.rolebinding2") + .build()) + .build(); + + when(roleBindingService.findByWildcardName(any(), any())) + .thenReturn(List.of(rolebinding1, rolebinding2)); + when(securityService.username()) + .thenReturn(Optional.of("test-user")); + when(securityService.hasRole(ResourceBasedSecurityRule.IS_ADMIN)) + .thenReturn(false); + doNothing().when(applicationEventPublisher).publishEvent(any()); + + assertDoesNotThrow( + () -> roleBindingController.bulkDelete("test", "test.rolebinding*", false) + ); + } + + @Test + void shouldDeleteRoleBindingsInDryRunMode() { + RoleBinding rolebinding1 = RoleBinding.builder() + .metadata(Metadata.builder() + .name("test.rolebinding1") + .build()) + .build(); + RoleBinding rolebinding2 = RoleBinding.builder() + .metadata(Metadata.builder() + .name("test.rolebinding2") + .build()) + .build(); + + when(roleBindingService.findByWildcardName(any(), any())) + .thenReturn(List.of(rolebinding1, rolebinding2)); + + roleBindingController.bulkDelete("test", "test.rolebinding*", true); + verify(roleBindingService, never()).delete(any()); + } + + @Test + void shouldNotDeleteRoleBindingsWhenNotFound() { + when(roleBindingService.findByWildcardName(any(), any())) + .thenReturn(List.of()); + + var response = roleBindingController.bulkDelete("test", "test.rolebinding*", false); + verify(roleBindingService, never()).delete(any()); + assertEquals(HttpStatus.NOT_FOUND, response.getStatus()); + } + @Test void shouldListRoleBindingsWithNameParameter() { RoleBinding rb1 = RoleBinding.builder()