cfpb · lchen-2101 · Oct 5, 2023 · Sep 26, 2023 · Sep 26, 2023 · Sep 26, 2023
diff --git a/src/entities/models/__init__.py b/src/entities/models/__init__.py
@@ -9,6 +9,7 @@
     "FinanicialInstitutionAssociationDto",
     "DeniedDomainDao",
     "DeniedDomainDto",
+    "UserProfile",
     "AuthenticatedUser",
 ]
 
@@ -25,5 +26,6 @@
     FinancialInsitutionDomainCreate,
     FinanicialInstitutionAssociationDto,
     DeniedDomainDto,
+    UserProfile,
     AuthenticatedUser,
 )
diff --git a/src/entities/models/dto.py b/src/entities/models/dto.py
@@ -1,6 +1,6 @@
-from typing import Any, Dict, List
-
-from pydantic import BaseModel
+from typing import List, Dict, Any, Set, Optional
+from pydantic import BaseModel, Field
+from pydantic.utils import to_camel
 from starlette.authentication import BaseUser
 
 
@@ -41,6 +41,15 @@ class Config:
         orm_mode = True
 
 
+class UserProfile(BaseModel):
+    first_name: str = Field(alias="firstName")
+    last_name: str = Field(alias="lastName")
+    leis: Optional[Set[str]] = Field(alias="leis")
+
+    class Config:
+        alias_generator = to_camel
+
+
 class FinanicialInstitutionAssociationDto(FinancialInstitutionDto):
     approved: bool
 

diff --git a/src/oauth2/oauth2_admin.py b/src/oauth2/oauth2_admin.py
@@ -1,7 +1,7 @@
 from http import HTTPStatus
 import logging
 import os
-from typing import Dict, Any
+from typing import Dict, Any, Set
 
 import jose.jwt
 import requests
@@ -88,5 +88,9 @@ def associate_to_lei(self, user_id: str, lei: str) -> None:
                 detail="No institution found for given LEI",
             )
 
+    def associate_to_leis(self, user_id, leis: Set[str]):
-    def associate_to_leis(self, user_id, leis: Set[str]):
+    def associate_to_leis(self, user_id: str, leis: Set[str]):
-    def associate_to_leis(self, user_id, leis: Set[str]):
+    def associate_to_leis(self, user_id: str, leis: Set[str]):
+        for lei in leis:
+            self.associate_to_lei(user_id, lei)
+
 
 oauth2_admin = OAuth2Admin()
diff --git a/src/routers/admin.py b/src/routers/admin.py
@@ -1,9 +1,10 @@
 from http import HTTPStatus
-from typing import Dict, Any, Set
+from typing import Set
 from fastapi import Depends, Request
 from starlette.authentication import requires
 from dependencies import check_domain
 from util import Router
+from entities.models import UserProfile
 
 from entities.models import AuthenticatedUser
 from oauth2 import oauth2_admin
@@ -13,18 +14,19 @@
 
 @router.get("/me/", response_model=AuthenticatedUser)
 @requires("authenticated")
-async def get_me(request: Request):
+def get_me(request: Request):
     return request.user
 
 
 @router.put("/me/", status_code=HTTPStatus.ACCEPTED, dependencies=[Depends(check_domain)])
 @requires("manage-account")
-async def update_me(request: Request, user: Dict[str, Any]):
-    oauth2_admin.update_user(request.user.id, user)
+def update_me(request: Request, user: UserProfile):
+    oauth2_admin.update_user(request.user.id, user.dict(by_alias=True, exclude={"leis"}))
+    if user.leis:
+        oauth2_admin.associate_to_leis(request.user.id, user.leis)
 
 
 @router.put("/me/institutions/", status_code=HTTPStatus.ACCEPTED, dependencies=[Depends(check_domain)])
 @requires("manage-account")
-async def associate_lei(request: Request, leis: Set[str]):
-    for lei in leis:
-        oauth2_admin.associate_to_lei(request.user.id, lei)
+def associate_lei(request: Request, leis: Set[str]):
+    oauth2_admin.associate_to_leis(request.user.id, leis)
diff --git a/tests/api/routers/test_admin_api.py b/tests/api/routers/test_admin_api.py
@@ -1,4 +1,4 @@
-from unittest.mock import Mock, call
+from unittest.mock import Mock
 
 from fastapi import FastAPI
 from fastapi.testclient import TestClient
@@ -40,7 +40,7 @@ def test_get_me_authed_with_institutions(self, app_fixture: FastAPI, auth_mock:
 
     def test_update_me_unauthed(self, app_fixture: FastAPI, unauthed_user_mock: Mock):
         client = TestClient(app_fixture)
-        res = client.put("/v1/admin/me", json={"firstName": "testFirst", "lastName": "testLast"})
+        res = client.put("/v1/admin/me", json={"firstName": "testFirst", "lastName": "testLast", "leis": ["testLei"]})
         assert res.status_code == 403
 
     def test_update_me_no_permission(self, app_fixture: FastAPI, auth_mock: Mock):
@@ -55,10 +55,22 @@ def test_update_me_no_permission(self, app_fixture: FastAPI, auth_mock: Mock):
             AuthenticatedUser.from_claim(claims),
         )
         client = TestClient(app_fixture)
-        res = client.put("/v1/admin/me", json={"firstName": "testFirst", "lastName": "testLast"})
+        res = client.put("/v1/admin/me", json={"firstName": "testFirst", "lastName": "testLast", "leis": ["testLei"]})
         assert res.status_code == 403
 
     def test_update_me(self, mocker: MockerFixture, app_fixture: FastAPI, authed_user_mock: Mock):
+        update_user_mock = mocker.patch("oauth2.oauth2_admin.OAuth2Admin.update_user")
+        associate_lei_mock = mocker.patch("oauth2.oauth2_admin.OAuth2Admin.associate_to_leis")
+        update_user_mock.return_value = None
+        associate_lei_mock.return_value = None
+        client = TestClient(app_fixture)
+        data = {"firstName": "testFirst", "lastName": "testLast", "leis": ["testLei1", "testLei2"]}
+        res = client.put("/v1/admin/me", json=data)
+        update_user_mock.assert_called_once_with("testuser123", {"firstName": "testFirst", "lastName": "testLast"})
+        associate_lei_mock.assert_called_once_with("testuser123", {"testLei1", "testLei2"})
+        assert res.status_code == 202
+
+    def test_update_me_no_lei(self, mocker: MockerFixture, app_fixture: FastAPI, authed_user_mock: Mock):
         update_user_mock = mocker.patch("oauth2.oauth2_admin.OAuth2Admin.update_user")
         update_user_mock.return_value = None
         client = TestClient(app_fixture)
@@ -68,14 +80,9 @@ def test_update_me(self, mocker: MockerFixture, app_fixture: FastAPI, authed_use
         assert res.status_code == 202
 
     def test_associate_institutions(self, mocker: MockerFixture, app_fixture: FastAPI, authed_user_mock: Mock):
-        associate_lei_mock = mocker.patch("oauth2.oauth2_admin.OAuth2Admin.associate_to_lei")
+        associate_lei_mock = mocker.patch("oauth2.oauth2_admin.OAuth2Admin.associate_to_leis")
         associate_lei_mock.return_value = None
         client = TestClient(app_fixture)
-        data = ["testlei1", "testlei2"]
-        res = client.put("/v1/admin/me/institutions", json=data)
-        expected_calls = [
-            call("testuser123", "testlei1"),
-            call("testuser123", "testlei2"),
-        ]
-        associate_lei_mock.assert_has_calls(expected_calls, any_order=True)
+        res = client.put("/v1/admin/me/institutions", json=["testlei1", "testlei2"])
+        associate_lei_mock.assert_called_once_with("testuser123", {"testlei1", "testlei2"})
         assert res.status_code == 202