improve test code coverage and introduce context.register
This commit is contained in:
@ -7,10 +7,8 @@ import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* A nicer API for ModelMapper.
|
||||
*
|
||||
* MOst
|
||||
*/
|
||||
public class Mapper {
|
||||
public abstract class Mapper {
|
||||
private final static ModelMapper modelMapper = new ModelMapper();
|
||||
|
||||
|
||||
|
@ -1,12 +1,16 @@
|
||||
package net.hostsharing.hsadminng.context;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.PersistenceContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.Optional;
|
||||
|
||||
import static org.springframework.transaction.annotation.Propagation.*;
|
||||
import static org.springframework.transaction.annotation.Propagation.MANDATORY;
|
||||
|
||||
@Service
|
||||
public class Context {
|
||||
@ -14,23 +18,55 @@ public class Context {
|
||||
@PersistenceContext
|
||||
private EntityManager em;
|
||||
|
||||
@Autowired(required = false)
|
||||
private HttpServletRequest request;
|
||||
|
||||
@Transactional(propagation = MANDATORY)
|
||||
public void register(final String currentUser, final String assumedRoles) {
|
||||
if (request != null) {
|
||||
setCurrentTask(request.getMethod() + " " + request.getRequestURI());
|
||||
} else {
|
||||
|
||||
final Optional<StackWalker.StackFrame> caller =
|
||||
StackWalker.getInstance(StackWalker.Option.RETAIN_CLASS_REFERENCE)
|
||||
.walk(frames ->
|
||||
frames.skip(1)
|
||||
.filter(c -> c.getDeclaringClass()
|
||||
.getPackageName()
|
||||
.startsWith("net.hostsharing.hsadminng"))
|
||||
.filter(c -> !c.getDeclaringClass().getName().contains("BySpringCGLIB$$"))
|
||||
.findFirst());
|
||||
final var callerName = caller.map(
|
||||
c -> c.getDeclaringClass().getSimpleName() + "." + c.getMethodName())
|
||||
.orElse("unknown");
|
||||
setCurrentTask(callerName);
|
||||
}
|
||||
setCurrentUser(currentUser);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
assumeRoles(assumedRoles);
|
||||
}
|
||||
}
|
||||
|
||||
@Transactional(propagation = MANDATORY)
|
||||
public void setCurrentTask(final String task) {
|
||||
em.createNativeQuery(
|
||||
String.format(
|
||||
"set local hsadminng.currentTask = '%s';",
|
||||
task
|
||||
)
|
||||
).executeUpdate();
|
||||
final var sql = String.format(
|
||||
"set local hsadminng.currentTask = '%s';",
|
||||
shortenToMaxLength(task, 95)
|
||||
);
|
||||
em.createNativeQuery(sql).executeUpdate();
|
||||
}
|
||||
|
||||
public String getCurrentTask() {
|
||||
return (String) em.createNativeQuery("select current_setting('hsadminng.currentTask');").getSingleResult();
|
||||
}
|
||||
|
||||
@Transactional(propagation = MANDATORY)
|
||||
public void setCurrentUser(final String userName) {
|
||||
em.createNativeQuery(
|
||||
String.format(
|
||||
"set local hsadminng.currentUser = '%s';",
|
||||
userName
|
||||
)
|
||||
String.format(
|
||||
"set local hsadminng.currentUser = '%s';",
|
||||
userName
|
||||
)
|
||||
).executeUpdate();
|
||||
assumeNoSpecialRole();
|
||||
}
|
||||
@ -42,17 +78,17 @@ public class Context {
|
||||
@Transactional(propagation = MANDATORY)
|
||||
public void assumeRoles(final String roles) {
|
||||
em.createNativeQuery(
|
||||
String.format(
|
||||
"set local hsadminng.assumedRoles = '%s';",
|
||||
roles
|
||||
)
|
||||
String.format(
|
||||
"set local hsadminng.assumedRoles = '%s';",
|
||||
roles
|
||||
)
|
||||
).executeUpdate();
|
||||
}
|
||||
|
||||
@Transactional(propagation = MANDATORY)
|
||||
public void assumeNoSpecialRole() {
|
||||
em.createNativeQuery(
|
||||
"set local hsadminng.assumedRoles = '';"
|
||||
"set local hsadminng.assumedRoles = '';"
|
||||
).executeUpdate();
|
||||
}
|
||||
|
||||
@ -60,4 +96,7 @@ public class Context {
|
||||
return (String[]) em.createNativeQuery("select assumedRoles()").getSingleResult();
|
||||
}
|
||||
|
||||
private static String shortenToMaxLength(final String task, final int maxLength) {
|
||||
return task.substring(0, Math.min(task.length(), maxLength));
|
||||
}
|
||||
}
|
||||
|
@ -29,14 +29,11 @@ public class CustomerController implements CustomersApi {
|
||||
@Override
|
||||
@Transactional(readOnly = true)
|
||||
public ResponseEntity<List<CustomerResource>> listCustomers(
|
||||
String userName,
|
||||
String currentUser,
|
||||
String assumedRoles,
|
||||
String prefix
|
||||
) {
|
||||
context.setCurrentUser(userName);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
final var result = customerRepository.findCustomerByOptionalPrefixLike(prefix);
|
||||
|
||||
@ -50,11 +47,8 @@ public class CustomerController implements CustomersApi {
|
||||
final String assumedRoles,
|
||||
final CustomerResource customer) {
|
||||
|
||||
context.setCurrentTask("create new customer: #" + customer.getReference() + " / " + customer.getPrefix());
|
||||
context.setCurrentUser(currentUser);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
if (customer.getUuid() == null) {
|
||||
customer.setUuid(UUID.randomUUID());
|
||||
}
|
||||
|
@ -29,14 +29,12 @@ public class PackageController implements PackagesApi {
|
||||
@Override
|
||||
@Transactional(readOnly = true)
|
||||
public ResponseEntity<List<PackageResource>> listPackages(
|
||||
String userName,
|
||||
String currentUser,
|
||||
String assumedRoles,
|
||||
String name
|
||||
) {
|
||||
context.setCurrentUser(userName);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
final var result = packageRepository.findAllByOptionalNameLike(name);
|
||||
return ResponseEntity.ok(mapList(result, PackageResource.class));
|
||||
}
|
||||
@ -49,10 +47,8 @@ public class PackageController implements PackagesApi {
|
||||
final UUID packageUuid,
|
||||
final PackageUpdateResource body) {
|
||||
|
||||
context.setCurrentUser(currentUser);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
final var current = packageRepository.findByUuid(packageUuid);
|
||||
OptionalFromJson.of(body.getDescription()).ifPresent(current::setDescription);
|
||||
final var saved = packageRepository.save(current);
|
||||
|
@ -38,10 +38,7 @@ public class RbacGrantController implements RbacgrantsApi {
|
||||
final UUID grantedRoleUuid,
|
||||
final UUID granteeUserUuid) {
|
||||
|
||||
context.setCurrentUser(currentUser);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
final var id = new RbacGrantId(granteeUserUuid, grantedRoleUuid);
|
||||
final var result = rbacGrantRepository.findById(id);
|
||||
@ -57,10 +54,8 @@ public class RbacGrantController implements RbacgrantsApi {
|
||||
final String currentUser,
|
||||
final String assumedRoles) {
|
||||
|
||||
context.setCurrentUser(currentUser);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
return ResponseEntity.ok(mapList(rbacGrantRepository.findAll(), RbacGrantResource.class));
|
||||
}
|
||||
|
||||
@ -71,11 +66,7 @@ public class RbacGrantController implements RbacgrantsApi {
|
||||
final String assumedRoles,
|
||||
final RbacGrantResource body) {
|
||||
|
||||
context.setCurrentTask("granting role to user");
|
||||
context.setCurrentUser(currentUser);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
final var granted = rbacGrantRepository.save(map(body, RbacGrantEntity.class));
|
||||
em.flush();
|
||||
@ -97,11 +88,7 @@ public class RbacGrantController implements RbacgrantsApi {
|
||||
final UUID grantedRoleUuid,
|
||||
final UUID granteeUserUuid) {
|
||||
|
||||
context.setCurrentTask("revoking role from user");
|
||||
context.setCurrentUser(currentUser);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
rbacGrantRepository.deleteByRbacGrantId(new RbacGrantId(granteeUserUuid, grantedRoleUuid));
|
||||
|
||||
|
@ -22,34 +22,34 @@ public class RbacGrantEntity {
|
||||
@Column(name = "grantedbyroleidname", updatable = false, insertable = false)
|
||||
private String grantedByRoleIdName;
|
||||
|
||||
@Column(name = "grantedroleidname", updatable = false, insertable = false)
|
||||
private String grantedRoleIdName;
|
||||
|
||||
@Column(name = "username", updatable = false, insertable = false)
|
||||
private String granteeUserName;
|
||||
|
||||
private boolean assumed;
|
||||
|
||||
@Column(name = "grantedbyroleuuid", updatable = false, insertable = false)
|
||||
private UUID grantedByRoleUuid;
|
||||
|
||||
@Column(name = "grantedroleidname", updatable = false, insertable = false)
|
||||
private String grantedRoleIdName;
|
||||
|
||||
@Id
|
||||
@Column(name = "grantedroleuuid")
|
||||
private UUID grantedRoleUuid;
|
||||
|
||||
@Column(name = "username", updatable = false, insertable = false)
|
||||
private String granteeUserName;
|
||||
|
||||
@Id
|
||||
@Column(name = "useruuid")
|
||||
private UUID granteeUserUuid;
|
||||
|
||||
private boolean assumed;
|
||||
|
||||
@Column(name = "objecttable", updatable = false, insertable = false)
|
||||
private String objectTable;
|
||||
|
||||
@Column(name = "objectuuid", updatable = false, insertable = false)
|
||||
private UUID objectUuid;
|
||||
|
||||
@Column(name = "objectidname", updatable = false, insertable = false)
|
||||
private String objectIdName;
|
||||
|
||||
@Column(name = "objectuuid", updatable = false, insertable = false)
|
||||
private UUID objectUuid;
|
||||
|
||||
@Column(name = "grantedroletype", updatable = false, insertable = false)
|
||||
@Enumerated(EnumType.STRING)
|
||||
private RbacRoleType grantedRoleType;
|
||||
|
@ -3,7 +3,6 @@ package net.hostsharing.hsadminng.rbac.rbacrole;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.generated.api.v1.api.RbacrolesApi;
|
||||
import net.hostsharing.hsadminng.generated.api.v1.model.RbacRoleResource;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
@ -26,13 +25,11 @@ public class RbacRoleController implements RbacrolesApi {
|
||||
@Override
|
||||
@Transactional(readOnly = true)
|
||||
public ResponseEntity<List<RbacRoleResource>> listRoles(
|
||||
final String currentUser,
|
||||
final String assumedRoles) {
|
||||
final String currentUser,
|
||||
final String assumedRoles) {
|
||||
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
context.setCurrentUser(currentUser);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
return ResponseEntity.ok(mapList(rbacRoleRepository.findAll(), RbacRoleResource.class));
|
||||
}
|
||||
|
||||
|
@ -33,8 +33,7 @@ public class RbacUserController implements RbacusersApi {
|
||||
public ResponseEntity<RbacUserResource> createUser(
|
||||
final RbacUserResource body
|
||||
) {
|
||||
context.setCurrentTask("creating new user: " + body.getName());
|
||||
context.setCurrentUser(body.getName());
|
||||
context.register(body.getName(), null);
|
||||
|
||||
if (body.getUuid() == null) {
|
||||
body.setUuid(UUID.randomUUID());
|
||||
@ -56,10 +55,7 @@ public class RbacUserController implements RbacusersApi {
|
||||
final String assumedRoles,
|
||||
final UUID userUuid) {
|
||||
|
||||
context.setCurrentUser(currentUser);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
final var result = rbacUserRepository.findByUuid(userUuid);
|
||||
if (result == null) {
|
||||
@ -71,28 +67,24 @@ public class RbacUserController implements RbacusersApi {
|
||||
@Override
|
||||
@Transactional(readOnly = true)
|
||||
public ResponseEntity<List<RbacUserResource>> listUsers(
|
||||
final String currentUserName,
|
||||
final String currentUser,
|
||||
final String assumedRoles,
|
||||
final String userName
|
||||
) {
|
||||
context.setCurrentUser(currentUserName);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
return ResponseEntity.ok(mapList(rbacUserRepository.findByOptionalNameLike(userName), RbacUserResource.class));
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(readOnly = true)
|
||||
public ResponseEntity<List<RbacUserPermissionResource>> listUserPermissions(
|
||||
final String currentUserName,
|
||||
final String currentUser,
|
||||
final String assumedRoles,
|
||||
final UUID userUuid
|
||||
) {
|
||||
context.setCurrentUser(currentUserName);
|
||||
if (!StringUtils.isBlank(assumedRoles)) {
|
||||
context.assumeRoles(assumedRoles);
|
||||
}
|
||||
context.register(currentUser, assumedRoles);
|
||||
|
||||
return ResponseEntity.ok(mapList(rbacUserRepository.findPermissionsOfUserByUuid(userUuid), RbacUserPermissionResource.class));
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user