Issue 705 iam admins should be able to suspend clients

iam-login-service/src/main/java/it/infn/mw/iam/api/client/management/ClientManagementAPIController.java

@@ -33,6 +33,7 @@
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PatchMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
@@ -140,6 +141,13 @@ public RegisteredClientDTO updateClient(@PathVariable String clientId,
     return managementService.updateClient(clientId, client);
   }
 
+  @PatchMapping("/{clientId}/status")
+  @PreAuthorize("#iam.hasScope('iam:admin.write') or #iam.hasDashboardRole('ROLE_ADMIN')")
+  public void updateClientStatus(@PathVariable String clientId,
+      @RequestBody boolean status) {
+    managementService.updateClientStatus(clientId, status);
+  }
+
   @PostMapping("/{clientId}/secret")
   @ResponseStatus(CREATED)
   @PreAuthorize("#iam.hasScope('iam:admin.write') or #iam.hasDashboardRole('ROLE_ADMIN')")

iam-login-service/src/main/java/it/infn/mw/iam/api/client/management/service/ClientManagementService.java

@@ -50,6 +50,8 @@ RegisteredClientDTO updateClient(@NotBlank String clientId,
 
   void deleteClientByClientId(@NotBlank String clientId);
 
+  void updateClientStatus(String clientId, boolean status);
+
   ListResponseDTO<ScimUser> getClientOwners(@NotBlank String clientId, @NotNull Pageable pageable);
 
   void assignClientOwner(@NotBlank String clientId, @IamAccountId String accountId);

iam-login-service/src/main/java/it/infn/mw/iam/api/client/management/service/DefaultClientManagementService.java

@@ -116,6 +116,7 @@ public RegisteredClientDTO saveNewClient(RegisteredClientDTO client) throws Pars
     ClientDetailsEntity entity = converter.entityFromClientManagementRequest(client);
     entity.setDynamicallyRegistered(false);
     entity.setCreatedAt(Date.from(clock.instant()));
+    entity.setActive(true);
 
     defaultsService.setupClientDefaults(entity);
     entity = clientService.saveNewClient(entity);
@@ -133,6 +134,15 @@ public void deleteClientByClientId(String clientId) {
     eventPublisher.publishEvent(new ClientRemovedEvent(this, client));
   }
 
+  @Override
+  public void updateClientStatus(String clientId, boolean status) {
+
+    ClientDetailsEntity client = clientService.findClientByClientId(clientId)
+        .orElseThrow(ClientSuppliers.clientNotFound(clientId));
+    client = clientService.updateClientStatus(client, status);
+    eventPublisher.publishEvent(new ClientUpdatedEvent(this, client));
+  }
+
   @Validated(OnClientUpdate.class)
   @Override
   public RegisteredClientDTO updateClient(String clientId, RegisteredClientDTO client)
@@ -148,6 +158,7 @@ public RegisteredClientDTO updateClient(String clientId, RegisteredClientDTO cli
     newClient.setClientId(oldClient.getClientId());
     newClient.setAuthorities(oldClient.getAuthorities());
     newClient.setDynamicallyRegistered(oldClient.isDynamicallyRegistered());
+    newClient.setActive(oldClient.isActive());
 
     if (NONE.equals(newClient.getTokenEndpointAuthMethod())) {
       newClient.setClientSecret(null);

iam-login-service/src/main/java/it/infn/mw/iam/api/client/registration/service/DefaultClientRegistrationService.java

@@ -330,6 +330,7 @@ public RegisteredClientDTO registerClient(RegisteredClientDTO request,
     ClientDetailsEntity client = converter.entityFromRegistrationRequest(request);
     defaultsService.setupClientDefaults(client);
     client.setDynamicallyRegistered(true);
+    client.setActive(true);
 
     checkAllowedGrantTypes(request, authentication);
     cleanupRequestedScopes(client, authentication);
@@ -410,6 +411,7 @@ public RegisteredClientDTO updateClient(String clientId, RegisteredClientDTO req
     newClient.setAuthorities(oldClient.getAuthorities());
     newClient.setCreatedAt(oldClient.getCreatedAt());
     newClient.setReuseRefreshToken(oldClient.isReuseRefreshToken());
+    newClient.setActive(oldClient.isActive());
 
     ClientDetailsEntity savedClient = clientService.updateClient(newClient);