From 1afb8ddc6c7028b6899326fd77a05bc5d8cbce47 Mon Sep 17 00:00:00 2001 From: Katy Ekey Date: Mon, 16 Dec 2024 12:21:05 -0500 Subject: [PATCH] feat!: Remove "includeDisabled" request param from GET user endpoints Breaking Change [#OCD-4734] --- .../CertificationBodyController.java | 15 ++------- .../web/controller/DeveloperController.java | 17 ++-------- .../controller/UserManagementController.java | 24 ++++---------- .../manager/CertificationBodyManager.java | 9 ++--- .../chpl/manager/DeveloperManager.java | 8 ++--- .../chpl/manager/auth/UserManager.java | 14 +------- .../permissions/ChplResourcePermissions.java | 33 +------------------ .../CognitoResourcePermissions.java | 26 ++------------- .../chpl/permissions/ResourcePermissions.java | 8 ----- .../job/MassRequirePasswordChangeJob.java | 2 +- ...nChangeRequestDeveloperEmailGenerator.java | 2 +- .../messaging/MessageDevelopersJob.java | 4 ++- .../chpl/user/cognito/CognitoUserManager.java | 8 ++--- 13 files changed, 28 insertions(+), 142 deletions(-) diff --git a/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/CertificationBodyController.java b/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/CertificationBodyController.java index 3596c32c8e..51b0d54f28 100644 --- a/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/CertificationBodyController.java +++ b/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/CertificationBodyController.java @@ -2,9 +2,7 @@ import java.util.List; -import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.ObjectUtils; -import org.apache.commons.lang3.StringUtils; import org.quartz.SchedulerException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.MediaType; @@ -35,8 +33,6 @@ import gov.healthit.chpl.util.SwaggerSecurityRequirement; import gov.healthit.chpl.web.controller.results.CertificationBodyResults; import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.Parameter; -import io.swagger.v3.oas.annotations.enums.ParameterIn; import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.responses.ApiResponse; @@ -245,15 +241,8 @@ public String deleteUserFromAcb(@PathVariable final Long acbId, @PathVariable fi }) @RequestMapping(value = "/{acbId}/users", method = RequestMethod.GET, produces = "application/json; charset=utf-8") - public @ResponseBody UsersResponse getUsers(@PathVariable("acbId") Long acbId, - @Parameter(description = "Whether to include users whose accounts have been marked as disabled. " - + "Any string that can be evaluated as a boolean may be passed in (ex: true, false, off, on, yes, no). " - + "The parameter only affects the response when called by an authenticated ADMIN or ONC user.", - allowEmptyValue = true, in = ParameterIn.QUERY, name = "includeDisabled") - @RequestParam(value = "includeDisabled", required = false, defaultValue = "false") String includeDisabled) - throws InvalidArgumentsException, EntityRetrievalException { - List users = acbManager.getUsers(acbId, - StringUtils.isEmpty(includeDisabled) ? false : BooleanUtils.toBoolean(includeDisabled)); + public @ResponseBody UsersResponse getUsers(@PathVariable("acbId") Long acbId) throws InvalidArgumentsException, EntityRetrievalException { + List users = acbManager.getUsers(acbId); UsersResponse results = new UsersResponse(); results.setUsers(users); diff --git a/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/DeveloperController.java b/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/DeveloperController.java index b4a900f71b..ae10044ac8 100644 --- a/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/DeveloperController.java +++ b/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/DeveloperController.java @@ -4,9 +4,7 @@ import java.util.List; import org.apache.commons.collections.CollectionUtils; -import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.NotImplementedException; -import org.apache.commons.lang3.StringUtils; import org.ff4j.FF4j; import org.quartz.SchedulerException; import org.springframework.beans.factory.annotation.Autowired; @@ -18,7 +16,6 @@ import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @@ -60,8 +57,6 @@ import gov.healthit.chpl.web.controller.results.DeveloperAttestationSubmissionResults; import gov.healthit.chpl.web.controller.results.DeveloperResults; import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.Parameter; -import io.swagger.v3.oas.annotations.enums.ParameterIn; import io.swagger.v3.oas.annotations.security.SecurityRequirement; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.log4j.Log4j2; @@ -309,15 +304,9 @@ public PermissionDeletedResponse deleteUserFromDeveloper(@PathVariable Long deve }) @RequestMapping(value = "/{developerId}/users", method = RequestMethod.GET, produces = "application/json; charset=utf-8") - public @ResponseBody UsersResponse getUsers(@PathVariable("developerId") Long developerId, - @Parameter(description = "Whether to include users whose accounts have been marked as disabled. " - + "Any string that can be evaluated as a boolean may be passed in (ex: true, false, off, on, yes, no). " - + "The parameter only affects the response when called by an authenticated ADMIN or ONC user.", - allowEmptyValue = true, in = ParameterIn.QUERY, name = "includeDisabled") - @RequestParam(value = "includeDisabled", required = false, defaultValue = "false") String includeDisabled) - throws InvalidArgumentsException, EntityRetrievalException { - List domainUsers = developerManager.getAllUsersOnDeveloper(developerId, - StringUtils.isEmpty(includeDisabled) ? false : BooleanUtils.toBoolean(includeDisabled)); + public @ResponseBody UsersResponse getUsers(@PathVariable("developerId") Long developerId) + throws InvalidArgumentsException, EntityRetrievalException { + List domainUsers = developerManager.getAllUsersOnDeveloper(developerId); UsersResponse results = new UsersResponse(); results.setUsers(domainUsers); return results; diff --git a/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/UserManagementController.java b/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/UserManagementController.java index 229f2613b6..2ef5ad67cd 100644 --- a/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/UserManagementController.java +++ b/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/UserManagementController.java @@ -7,7 +7,6 @@ import java.util.Set; import java.util.UUID; -import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.NotImplementedException; import org.apache.commons.lang3.StringUtils; import org.ff4j.FF4j; @@ -22,7 +21,6 @@ import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @@ -64,8 +62,6 @@ import gov.healthit.chpl.web.controller.annotation.DeprecatedApi; import gov.healthit.chpl.web.controller.annotation.DeprecatedApiResponseFields; import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.Parameter; -import io.swagger.v3.oas.annotations.enums.ParameterIn; import io.swagger.v3.oas.annotations.security.SecurityRequirement; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.Getter; @@ -525,18 +521,12 @@ public DeletedUser deleteUser(@PathVariable("userId") Long userId) throws UserRe }) @RequestMapping(value = "", method = RequestMethod.GET, produces = "application/json; charset=utf-8") @PreAuthorize("isAuthenticated()") - public @ResponseBody UsersResponse getUsers( - @Parameter(description = "Whether to include users whose accounts have been marked as disabled. " - + "Any string that can be evaluated as a boolean may be passed in (ex: true, false, off, on, yes, no). " - + "The parameter only affects the response when called by an authenticated ADMIN or ONC user.", - allowEmptyValue = true, in = ParameterIn.QUERY, name = "includeDisabled") - @RequestParam(value = "includeDisabled", required = false, defaultValue = "false") String includeDisabledStr) { - boolean includeDisabled = StringUtils.isEmpty(includeDisabledStr) ? false : BooleanUtils.toBoolean(includeDisabledStr); + public @ResponseBody UsersResponse getUsers() { List users = null; if (ff4j.check(FeatureList.SSO)) { - users = getAllCognitoUsers(includeDisabled); + users = getAllCognitoUsers(); } else { - users = getAllChplUsers(includeDisabled); + users = getAllChplUsers(); } UsersResponse response = new UsersResponse(); @@ -564,8 +554,8 @@ public DeletedUser deleteUser(@PathVariable("userId") Long userId) throws UserRe return userManager.getUserInfo(id); } - private List getAllChplUsers(Boolean includeDisabled) { - List userList = userManager.getAll(includeDisabled); + private List getAllChplUsers() { + List userList = userManager.getAll(); List users = new ArrayList(userList.size()); for (UserDTO userDto : userList) { @@ -575,8 +565,8 @@ private List getAllChplUsers(Boolean includeDisabled) { return users; } - private List getAllCognitoUsers(Boolean includeDisabled) { - return cognitoUserManager.getAll(includeDisabled); + private List getAllCognitoUsers() { + return cognitoUserManager.getAll(); } private class DeletedUser { diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/CertificationBodyManager.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/CertificationBodyManager.java index 04f57ae83f..e5d4c3e8e3 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/CertificationBodyManager.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/CertificationBodyManager.java @@ -210,18 +210,13 @@ public CertificationBody getById(Long id) throws EntityRetrievalException { @Transactional(readOnly = true) @PreAuthorize("@permissions.hasAccess(T(gov.healthit.chpl.permissions.Permissions).CERTIFICATION_BODY, " + "T(gov.healthit.chpl.permissions.domains.CertificationBodyDomainPermissions).GET_USERS, #acbId)") - public List getUsers(Long acbId, boolean includeDisabled) - throws InvalidArgumentsException, EntityRetrievalException { + public List getUsers(Long acbId) throws InvalidArgumentsException, EntityRetrievalException { CertificationBody acb = resourcePermissionsFactory.get().getAcbIfPermissionById(acbId); if (acb == null) { throw new InvalidArgumentsException("Could not find the ACB specified."); } - if (!resourcePermissionsFactory.get().isUserRoleAdmin() - && !resourcePermissionsFactory.get().isUserRoleOnc()) { - includeDisabled = false; - } - List users = resourcePermissionsFactory.get().getAllUsersOnAcb(acb, includeDisabled); + List users = resourcePermissionsFactory.get().getAllUsersOnAcb(acb); return users; } diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/DeveloperManager.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/DeveloperManager.java index fe1b92635a..2663faface 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/DeveloperManager.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/DeveloperManager.java @@ -245,13 +245,9 @@ private SimpleListing convertToSimpleListing(CertifiedProductDetailsDTO listingD @Transactional(readOnly = true) @PreAuthorize("@permissions.hasAccess(T(gov.healthit.chpl.permissions.Permissions).DEVELOPER, " + "T(gov.healthit.chpl.permissions.domains.DeveloperDomainPermissions).GET_ALL_USERS, #devId)") - public List getAllUsersOnDeveloper(Long devId, boolean includeDisabled) throws EntityRetrievalException { + public List getAllUsersOnDeveloper(Long devId) throws EntityRetrievalException { Developer dev = getById(devId); - if (!resourcePermissionsFactory.get().isUserRoleAdmin() - && !resourcePermissionsFactory.get().isUserRoleOnc()) { - includeDisabled = false; - } - List users = resourcePermissionsFactory.get().getAllUsersOnDeveloper(dev, includeDisabled); + List users = resourcePermissionsFactory.get().getAllUsersOnDeveloper(dev); return users; } diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/auth/UserManager.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/auth/UserManager.java index 2b6985c300..552401d37d 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/auth/UserManager.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/manager/auth/UserManager.java @@ -9,9 +9,7 @@ import java.util.Optional; import java.util.Set; import java.util.UUID; -import java.util.stream.Collectors; -import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.ObjectUtils; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -170,18 +168,8 @@ public void delete(UserDTO user) throws UserRetrievalException, ActivityExceptio @Transactional @PostFilter("@permissions.hasAccess(T(gov.healthit.chpl.permissions.Permissions).SECURED_USER, " + "T(gov.healthit.chpl.permissions.domains.SecuredUserDomainPermissions).GET_ALL, filterObject)") - public List getAll(Boolean includeDisabled) { - if (includeDisabled == null - || (!resourcePermissionsFactory.get().isUserRoleAdmin() - && !resourcePermissionsFactory.get().isUserRoleOnc())) { - includeDisabled = false; - } + public List getAll() { List allUsers = userDAO.findAll(); - if (includeDisabled == null || BooleanUtils.isFalse(includeDisabled)) { - return allUsers.stream() - .filter(user -> user.isAccountEnabled()) - .collect(Collectors.toList()); - } return allUsers; } diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/ChplResourcePermissions.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/ChplResourcePermissions.java index f47a82c009..ea09c17972 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/ChplResourcePermissions.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/ChplResourcePermissions.java @@ -68,34 +68,20 @@ public boolean isDeveloperNotBannedOrSuspended(Long developerId) { @Override @Transactional(readOnly = true) public List getAllUsersOnAcb(CertificationBody acb) { - return getAllUsersOnAcb(acb, false); - } - - @Override - @Transactional(readOnly = true) - public List getAllUsersOnAcb(CertificationBody acb, boolean includeDisabled) { List dtos = userCertificationBodyMapDAO.getByAcbId(acb.getId()); return dtos.stream() .map(dto -> dto.getUser().toDomain()) - .filter(user -> includeDisabled ? true : user.getAccountEnabled()) .toList(); } @Override @Transactional(readOnly = true) public List getAllUsersOnDeveloper(Developer dev) { - return getAllUsersOnDeveloper(dev, false); - } - - @Override - @Transactional(readOnly = true) - public List getAllUsersOnDeveloper(Developer dev, boolean includeDisabled) { List dtos = userDeveloperMapDAO.getByDeveloperId(dev.getId()); return dtos.stream() .map(udm -> udm.getUser().toDomain()) - .filter(user -> includeDisabled ? true : user.getAccountEnabled()) .toList(); } @@ -104,30 +90,15 @@ public List getAllUsersOnDeveloper(Developer dev, boolean includeDisabled) @PreAuthorize("@permissions.hasAccess(T(gov.healthit.chpl.permissions.Permissions).DEVELOPER, " + "T(gov.healthit.chpl.permissions.domains.DeveloperDomainPermissions).GET_ALL_USERS)") public List getAllDeveloperUsers() { - return getAllDeveloperUsers(false); - } - - @Override - @Transactional(readOnly = true) - @PreAuthorize("@permissions.hasAccess(T(gov.healthit.chpl.permissions.Permissions).DEVELOPER, " - + "T(gov.healthit.chpl.permissions.domains.DeveloperDomainPermissions).GET_ALL_USERS)") - public List getAllDeveloperUsers(boolean includeDisabled) { List dtos = userDeveloperMapDAO.getAllDeveloperUsers(); return dtos.stream() .map(udm -> udm.getUser().toDomain()) - .filter(user -> includeDisabled ? true : user.getAccountEnabled()) .toList(); } @Override @Transactional(readOnly = true) public List getAllUsersForCurrentUser() { - return getAllUsersForCurrentUser(false); - } - - @Override - @Transactional(readOnly = true) - public List getAllUsersForCurrentUser(boolean includeDisabled) { JWTAuthenticatedUser user = AuthUtil.getCurrentUser(); List users = new ArrayList(); @@ -155,9 +126,7 @@ public List getAllUsersForCurrentUser(boolean includeDisabled) { } catch (UserRetrievalException ex) { } } } - return users.stream() - .filter(currUser -> includeDisabled ? true : currUser.getAccountEnabled()) - .collect(Collectors.toList()); + return users; } @Override diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/CognitoResourcePermissions.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/CognitoResourcePermissions.java index 4e75dc524c..e116506917 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/CognitoResourcePermissions.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/CognitoResourcePermissions.java @@ -54,12 +54,7 @@ public boolean isDeveloperNotBannedOrSuspended(Long developerId) { @Override public List getAllUsersOnAcb(CertificationBody acb) { - return getAllUsersOnAcb(acb, false); - } - - @Override - public List getAllUsersOnAcb(CertificationBody acb, boolean includeDisabled) { - List allUsersOnAcb = cognitoApiWrapper.getAllUsers(includeDisabled).stream() + List allUsersOnAcb = cognitoApiWrapper.getAllUsers().stream() .filter(user -> user.getRole() != null && user.getRole().equals(CognitoGroups.CHPL_ACB) && user.getOrganizations().stream() @@ -73,12 +68,7 @@ public List getAllUsersOnAcb(CertificationBody acb, boolean includeDisable @Override public List getAllUsersOnDeveloper(Developer dev) { - return getAllUsersOnDeveloper(dev, false); - } - - @Override - public List getAllUsersOnDeveloper(Developer dev, boolean includeDisabled) { - List allUsersOnDeveloper = cognitoApiWrapper.getAllUsers(includeDisabled).stream() + List allUsersOnDeveloper = cognitoApiWrapper.getAllUsers().stream() .filter(user -> user.getRole() != null && user.getRole().equals(CognitoGroups.CHPL_DEVELOPER) && user.getOrganizations().stream() @@ -92,12 +82,7 @@ public List getAllUsersOnDeveloper(Developer dev, boolean includeDisabled) @Override public List getAllDeveloperUsers() { - return getAllDeveloperUsers(false); - } - - @Override - public List getAllDeveloperUsers(boolean includeDisabled) { - List allDeveloperUsers = cognitoApiWrapper.getAllUsers(includeDisabled).stream() + List allDeveloperUsers = cognitoApiWrapper.getAllUsers().stream() .filter(user -> user.getRole() != null && user.getRole().equals(CognitoGroups.CHPL_DEVELOPER)) .collect(Collectors.toList()); @@ -107,11 +92,6 @@ public List getAllDeveloperUsers(boolean includeDisabled) { @Override public List getAllUsersForCurrentUser() { - return getAllUsersForCurrentUser(false); - } - - @Override - public List getAllUsersForCurrentUser(boolean includeDisabled) { LOGGER.error("Not implemented: getAllUsersForCurrentUser"); throw new NotImplementedException("Not implemented: getAllUsersForCurrentUser"); } diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/ResourcePermissions.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/ResourcePermissions.java index 1e288f76e2..ff0050edc0 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/ResourcePermissions.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/permissions/ResourcePermissions.java @@ -14,20 +14,12 @@ public interface ResourcePermissions { List getAllUsersOnAcb(CertificationBody acb); - List getAllUsersOnAcb(CertificationBody acb, boolean includeDisabled); - List getAllUsersOnDeveloper(Developer dev); - List getAllUsersOnDeveloper(Developer dev, boolean includeDisabled); - List getAllDeveloperUsers(); - List getAllDeveloperUsers(boolean includeDisabled); - List getAllUsersForCurrentUser(); - List getAllUsersForCurrentUser(boolean includeDisabled); - List getAllAcbsForCurrentUser(); List getAllAcbsForUser(User user); diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/MassRequirePasswordChangeJob.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/MassRequirePasswordChangeJob.java index cb03254132..b761ef4afe 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/MassRequirePasswordChangeJob.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/MassRequirePasswordChangeJob.java @@ -57,7 +57,7 @@ public void execute(JobExecutionContext jobContext) throws JobExecutionException String jwt = authenticationManager.getJWT(actor); JWTAuthenticatedUser authenticatedUser = userConverterFacade.getAuthenticatedUser(jwt); SecurityContextHolder.getContext().setAuthentication(authenticatedUser); - List allUsers = userManager.getAll(false); + List allUsers = userManager.getAll(); for (UserDTO user : allUsers) { if (interrupted) { LOGGER.info("Interrupted while marking users as password change required"); diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/developer/attestation/email/missingchangerequest/MissingAttestationChangeRequestDeveloperEmailGenerator.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/developer/attestation/email/missingchangerequest/MissingAttestationChangeRequestDeveloperEmailGenerator.java index 298c8a1b3a..d60a85d906 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/developer/attestation/email/missingchangerequest/MissingAttestationChangeRequestDeveloperEmailGenerator.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/developer/attestation/email/missingchangerequest/MissingAttestationChangeRequestDeveloperEmailGenerator.java @@ -48,7 +48,7 @@ public MissingAttestationChangeRequestDeveloperEmailGenerator(DeveloperManager d public DeveloperEmail getDeveloperEmail(DeveloperSearchResult developer, User submittedUser) { try { - List developerUsers = developerManager.getAllUsersOnDeveloper(developer.getId(), false); + List developerUsers = developerManager.getAllUsersOnDeveloper(developer.getId()); return DeveloperEmail.builder() .developer(developer) .recipients(getRecipients(developerUsers)) diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/developer/messaging/MessageDevelopersJob.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/developer/messaging/MessageDevelopersJob.java index 9f64ad2924..132cd947fa 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/developer/messaging/MessageDevelopersJob.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/scheduler/job/developer/messaging/MessageDevelopersJob.java @@ -85,7 +85,9 @@ public void execute(JobExecutionContext context) throws JobExecutionException { LOGGER); LOGGER.info("Messaging " + developersToMessage.size() + " developers."); - List enabledDeveloperUsers = resourcePermissionsFactory.get().getAllDeveloperUsers(); + List enabledDeveloperUsers = resourcePermissionsFactory.get().getAllDeveloperUsers().stream() + .filter(devUser -> devUser.getAccountEnabled() != null && devUser.getAccountEnabled()) + .collect(Collectors.toList()); List developersWithoutUsers = getDevelopersWithoutUsers(developersToMessage, enabledDeveloperUsers); List developerEmails = developersToMessage.stream() .map(developer -> messageGenerator.getDeveloperEmail(developer, developerMessageRequest, enabledDeveloperUsers)) diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/user/cognito/CognitoUserManager.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/user/cognito/CognitoUserManager.java index 6a197f91bf..dfc592bf08 100644 --- a/chpl/chpl-service/src/main/java/gov/healthit/chpl/user/cognito/CognitoUserManager.java +++ b/chpl/chpl-service/src/main/java/gov/healthit/chpl/user/cognito/CognitoUserManager.java @@ -252,12 +252,8 @@ private CognitoCredentials createNewUser(CreateUserFromInvitationRequest userInf @Transactional @PostFilter("@permissions.hasAccess(T(gov.healthit.chpl.permissions.Permissions).SECURED_USER, " + "T(gov.healthit.chpl.permissions.domains.SecuredUserDomainPermissions).GET_ALL, filterObject)") - public List getAll(boolean includeDisabled) { - if (!resourcePermissionsFactory.get().isUserRoleAdmin() - && !resourcePermissionsFactory.get().isUserRoleOnc()) { - includeDisabled = false; - } - return cognitoApiWrapper.getAllUsers(includeDisabled); + public List getAll() { + return cognitoApiWrapper.getAllUsers(); } private void addUserToAppropriateEnvironments(String userEmail, String userRole) {