Adjust the DELETE too

iam-login-service/src/main/java/it/infn/mw/iam/api/aup/AupSignatureController.java

@@ -54,6 +54,7 @@
 import it.infn.mw.iam.persistence.repository.IamAupRepository;
 import it.infn.mw.iam.persistence.repository.IamAupSignatureRepository;
 
+@SuppressWarnings("deprecation")
 @RestController
 @Transactional
 public class AupSignatureController {
@@ -168,11 +169,10 @@ public AupSignatureDTO updateSignatureForAccount(@PathVariable String accountId,
   @DeleteMapping(value = "/iam/aup/signature/{accountId}")
   @ResponseStatus(value = HttpStatus.NO_CONTENT)
   @PreAuthorize("#iam.hasScope('iam:admin.write') or #iam.hasDashboardRole('ROLE_ADMIN')")
-  public void deleteSignatureForAccount(@PathVariable String accountId)
-      throws AccountNotFoundException {
+  public void deleteSignatureForAccount(@PathVariable String accountId,
+      Authentication authentication) throws AccountNotFoundException {
 
-    IamAccount deleterAccount = accountUtils.getAuthenticatedUserAccount()
-      .orElseThrow(accountNotFoundException(ACCOUNT_NOT_FOUND_FOR_AUTHENTICATED_USER_MESSAGE));
+    Optional<IamAccount> deleterAccount = accountUtils.getAuthenticatedUserAccount();
     IamAccount signatureAccount = accountUtils.getByAccountId(accountId)
       .orElseThrow(accountNotFoundException(format(ACCOUNT_NOT_FOUND_FOR_ID_MESSAGE, accountId)));
 
@@ -183,8 +183,19 @@ public void deleteSignatureForAccount(@PathVariable String accountId)
 
     if (signature.isPresent()) {
       signatureRepo.deleteSignatureForAccount(aup, signatureAccount);
-      eventPublisher.publishEvent(
-          new AupSignatureDeletedEvent(this, deleterAccount.getUsername(), signature.get()));
+      if (deleterAccount.isPresent()) {
+        eventPublisher.publishEvent(
+            new AupSignatureDeletedEvent(this, deleterAccount.get().getUuid(), signature.get(), false));
+      } else {
+        String clientId = null;
+
+        if (authentication instanceof OAuth2Authentication) {
+          OAuth2Authentication oauth2Auth = (OAuth2Authentication) authentication;
+          clientId = oauth2Auth.getOAuth2Request().getClientId();
+        }
+        eventPublisher.publishEvent(
+            new AupSignatureDeletedEvent(this, clientId, signature.get(), true));
+      }
     }
   }
 

iam-login-service/src/main/java/it/infn/mw/iam/audit/events/aup/AupSignatureDeletedEvent.java

@@ -34,10 +34,15 @@ public class AupSignatureDeletedEvent extends IamAuditApplicationEvent {
   @JsonSerialize(using = IamAupSignatureSerializer.class)
   final IamAupSignature signature;
 
-  public AupSignatureDeletedEvent(Object source, String actor, IamAupSignature signature) {
+  public AupSignatureDeletedEvent(Object source, String actor, IamAupSignature signature,
+      boolean isClient) {
     super(IamEventCategory.AUP, source,
-        format("Administrator %s requested AUP signature to the user %s", actor,
-            signature.getAccount().getUsername()));
+        isClient
+            ? format("Client %s deleted the AUP signature of %s user", actor,
+                signature.getAccount().getUsername())
+            : format("User %s deleted the AUP signature of %s user", actor,
+                signature.getAccount().getUsername()),
+        isClient ? "client: " + actor : "user: " + actor);
     this.signature = signature;
   }