fix: no api key renewal for closed subscription

Author: mukul-tyagi08

gravitee-apim-rest-api/gravitee-apim-rest-api-management-v2/gravitee-apim-rest-api-management-v2-rest/src/test/java/io/gravitee/rest/api/management/v2/rest/resource/api/ApiSubscriptionsResource_RenewApiKeysTest.java

@@ -33,6 +33,7 @@
 import io.gravitee.rest.api.model.ApiKeyEntity;
 import io.gravitee.rest.api.model.ApiKeyMode;
 import io.gravitee.rest.api.model.SubscriptionEntity;
+import io.gravitee.rest.api.model.SubscriptionStatus;
 import io.gravitee.rest.api.model.parameters.Key;
 import io.gravitee.rest.api.model.parameters.ParameterReferenceType;
 import io.gravitee.rest.api.model.permissions.RolePermission;
@@ -156,6 +157,28 @@ public void should_return_400_if_application_is_in_shared_api_key_mode() {
         assertEquals("Invalid operation for API Key mode [SHARED] of application [my-application].", error.getMessage());
     }
 
+    @Test
+    public void should_return_400_if_subscription_is_closed() {
+        final SubscriptionEntity subscriptionEntity = SubscriptionFixtures
+            .aSubscriptionEntity()
+            .toBuilder()
+            .id(SUBSCRIPTION)
+            .api("ANOTHER-API")
+            .status(SubscriptionStatus.CLOSED)
+            .build();
+
+        when(subscriptionService.findById(SUBSCRIPTION)).thenReturn(subscriptionEntity);
+
+        final Response response = rootTarget().request().post(Entity.json(SubscriptionFixtures.aRenewApiKey()));
+        assertEquals(BAD_REQUEST_400, response.getStatus());
+
+        var error = response.readEntity(Error.class);
+        assertEquals(BAD_REQUEST_400, (int) error.getHttpStatus());
+        assertEquals("Subscription [my-subscription] should be paused or accepted. Currently it is CLOSED", error.getMessage());
+
+        verify(subscriptionService, never()).pause(any(), any());
+    }
+
     @Test
     public void should_renew_api_keys() {
         final SubscriptionEntity subscriptionEntity = SubscriptionFixtures

gravitee-apim-rest-api/gravitee-apim-rest-api-service/src/main/java/io/gravitee/rest/api/service/impl/ApiKeyServiceImpl.java

@@ -137,6 +137,9 @@ public ApiKeyEntity renew(ExecutionContext executionContext, SubscriptionEntity
 
     @Override
     public ApiKeyEntity renew(ExecutionContext executionContext, SubscriptionEntity subscription, String customApiKey) {
+        if (subscription.getStatus().equals(io.gravitee.rest.api.model.SubscriptionStatus.CLOSED)) {
+            throw new SubscriptionNotActiveException(subscription);
+        }
         final GenericPlanEntity genericPlanEntity = planSearchService.findById(executionContext, subscription.getPlan());
         io.gravitee.rest.api.model.v4.plan.PlanSecurityType planSecurityType = null;
         if (genericPlanEntity.getPlanSecurity() != null) {

gravitee-apim-rest-api/gravitee-apim-rest-api-service/src/test/java/io/gravitee/rest/api/service/impl/ApiKeyServiceTest.java

@@ -447,6 +447,7 @@ public void shouldRenew() throws TechnicalException {
         subscription.setPlan(PLAN_ID);
         subscription.setApplication(APPLICATION_ID);
         subscription.setApi(api.getId());
+        subscription.setStatus(SubscriptionStatus.PENDING);
 
         ApplicationEntity application = new ApplicationEntity();
         application.setId(APPLICATION_ID);
@@ -516,6 +517,7 @@ public void shouldRenewAndKeepSharedSubscriptions() throws TechnicalException {
         subscription.setPlan(PLAN_ID);
         subscription.setApplication(APPLICATION_ID);
         subscription.setApi(api.getId());
+        subscription.setStatus(SubscriptionStatus.PENDING);
 
         ApplicationEntity application = new ApplicationEntity();
         application.setId(APPLICATION_ID);
@@ -563,6 +565,7 @@ public void shouldRenewWithoutRenewingExpiredKeys() throws TechnicalException {
         subscription.setPlan(PLAN_ID);
         subscription.setApplication(APPLICATION_ID);
         subscription.setApi(api.getId());
+        subscription.setStatus(SubscriptionStatus.PENDING);
 
         ApplicationEntity application = new ApplicationEntity();
         application.setId(APPLICATION_ID);
@@ -608,6 +611,7 @@ public void shouldNotRenewBecauseApiKeyAlreadyExistsForAnotherApp() throws Techn
         subscription.setApi(API_ID);
         subscription.setApplication(APPLICATION_ID);
         subscription.setPlan(PLAN_ID);
+        subscription.setStatus(SubscriptionStatus.PENDING);
 
         SubscriptionEntity conflictingSubscription = new SubscriptionEntity();
         conflictingSubscription.setId("conflicting-subscription-id");
@@ -635,6 +639,7 @@ public void shouldNotRenewBecauseApiKeyAlreadyExistsForAnotherApp() throws Techn
     public void shouldNotRenewSubscriptionWithJwtPlan() {
         SubscriptionEntity subscriptionEntity = new SubscriptionEntity();
         subscriptionEntity.setPlan(PLAN_ID);
+        subscriptionEntity.setStatus(SubscriptionStatus.PENDING);
 
         PlanEntity plan = new PlanEntity();
         plan.setSecurity(PlanSecurityType.JWT);
@@ -647,6 +652,7 @@ public void shouldNotRenewSubscriptionWithJwtPlan() {
     public void shouldNotRenewSubscriptionWithoutSecurity() {
         SubscriptionEntity subscriptionEntity = new SubscriptionEntity();
         subscriptionEntity.setPlan(PLAN_ID);
+        subscriptionEntity.setStatus(SubscriptionStatus.PENDING);
 
         when(planSearchService.findById(GraviteeContext.getExecutionContext(), PLAN_ID)).thenReturn(new PlanEntity());
 
@@ -684,6 +690,7 @@ public void shouldRenewForCustomApiKeyAssociatedToClosedSubscription() throws Te
         SubscriptionEntity subscriptionEntity = new SubscriptionEntity();
         subscriptionEntity.setPlan(PLAN_ID);
         subscriptionEntity.setId(SUBSCRIPTION_ID);
+        subscriptionEntity.setStatus(SubscriptionStatus.PENDING);
 
         apiKeyService.renew(GraviteeContext.getExecutionContext(), subscriptionEntity, CUSTOM_API_KEY);