throw exception if oauthClient or user not found

security/src/main/java/org/genesys/blocks/oauth/service/OAuthServiceImpl.java

@@ -44,6 +44,8 @@ import org.springframework.transaction.annotation.Transactional;
 
 import com.querydsl.core.types.Predicate;
 
+import javax.persistence.EntityNotFoundException;
+
 /**
  * The Class OAuthServiceImpl.
  */
@@ -219,7 +221,7 @@ public class OAuthServiceImpl implements OAuthClientDetailsService {
 	@Transactional
 	@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#oauthClient, 'ADMINISTRATION')")
 	public final String resetSecret(OAuthClient oauthClient) {
-		oauthClient = oauthClientRepository.findById(oauthClient.getId()).orElse(oauthClient);
+		oauthClient = oauthClientRepository.findById(oauthClient.getId()).orElseThrow(() -> new EntityNotFoundException("Record not found."));
 
 		String oldHash = oauthClient.getClientSecret();
 		String newHash = null;
@@ -238,7 +240,7 @@ public class OAuthServiceImpl implements OAuthClientDetailsService {
 	@Transactional
 	@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#oauthClient, 'ADMINISTRATION')")
 	public final OAuthClient removeSecret(OAuthClient oauthClient) {
-		oauthClient = oauthClientRepository.findById(oauthClient.getId()).orElse(oauthClient);
+		oauthClient = oauthClientRepository.findById(oauthClient.getId()).orElseThrow(() -> new EntityNotFoundException("Record not found."));
 		if (oauthClient.getAuthorizedGrantTypes().contains("client_credentials")) {
 			throw new RuntimeException("OAuth Client with client_credentials grant must have a secret");
 		}

security/src/main/java/org/genesys/blocks/security/service/impl/BasicUserServiceImpl.java

@@ -43,6 +43,8 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.transaction.annotation.Transactional;
 
+import javax.persistence.EntityNotFoundException;
+
 /**
  * The Class BasicUserServiceImpl.
  *
@@ -203,7 +205,7 @@ public abstract class BasicUserServiceImpl<R extends GrantedAuthority, T extends
 	@PreAuthorize("hasRole('ADMINISTRATOR') || principal.id == #user.id")
 	public T updateUser(T user, final String email, final String fullName) throws NotUniqueUserException, UserException {
 		// reload
-		user = _repository.findById(user.getId()).orElse(user);
+		user = _repository.findById(user.getId()).orElseThrow(() -> new EntityNotFoundException("Record not found."));
 
 		if (!StringUtils.equals(email, user.getEmail()) && getUserByEmail(email) != null) {
 			throw new NotUniqueUserException("Email address already registered");
@@ -237,7 +239,7 @@ public abstract class BasicUserServiceImpl<R extends GrantedAuthority, T extends
 	@Override
 	@Transactional
 	public T setRoles(T user, final Set<R> newRoles) {
-		user = _repository.findById(user.getId()).orElse(user);
+		user = _repository.findById(user.getId()).orElseThrow(() -> new EntityNotFoundException("Record not found."));
 
 		// Remove transient roles
 		newRoles.removeAll(getDefaultUserRoles());
@@ -345,7 +347,7 @@ public abstract class BasicUserServiceImpl<R extends GrantedAuthority, T extends
 	@Override
 	@Transactional
 	public T setAccountType(T user, AccountType accountType) {
-		T u = _repository.findById(user.getId()).orElse(user);
+		T u = _repository.findById(user.getId()).orElseThrow(() -> new EntityNotFoundException("Record not found."));
 		u.setAccountType(accountType);
 
 		if (accountType != AccountType.LOCAL) {