introduces generateRbacRestrictedView to generate restricted view + triggers
This commit is contained in:
Michael Hoennig
@ -422,11 +422,6 @@ class HsOfficePartnerControllerAcceptanceTest {
|
||||
}
|
||||
}
|
||||
|
||||
private UUID toCleanup(final UUID tempPartnerUuid) {
|
||||
tempPartnerUuids.add(tempPartnerUuid);
|
||||
return tempPartnerUuid;
|
||||
}
|
||||
|
||||
private HsOfficePartnerEntity givenSomeTemporaryPartnerBessler() {
|
||||
return jpaAttempt.transacted(() -> {
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
@ -444,6 +439,11 @@ class HsOfficePartnerControllerAcceptanceTest {
|
||||
}).assertSuccessful().returnedValue();
|
||||
}
|
||||
|
||||
private UUID toCleanup(final UUID tempPartnerUuid) {
|
||||
tempPartnerUuids.add(tempPartnerUuid);
|
||||
return tempPartnerUuid;
|
||||
}
|
||||
|
||||
@AfterEach
|
||||
void cleanup() {
|
||||
tempPartnerUuids.forEach(uuid -> {
|
||||
|
||||
@ -243,7 +243,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
|
||||
|
||||
// then
|
||||
result.assertExceptionWithRootCauseMessage(JpaSystemException.class,
|
||||
"[403] Subject ", " is not allowed to update partner uuid");
|
||||
"[403] Subject ", " is not allowed to update hs_office_partner uuid");
|
||||
}
|
||||
|
||||
@Test
|
||||
@ -265,7 +265,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
|
||||
|
||||
// then
|
||||
result.assertExceptionWithRootCauseMessage(JpaSystemException.class,
|
||||
"[403] Subject ", " is not allowed to update partner uuid");
|
||||
"[403] Subject ", " is not allowed to update hs_office_partner uuid");
|
||||
}
|
||||
|
||||
private void assertThatPartnerActuallyInDatabase(final HsOfficePartnerEntity saved) {
|
||||
@ -333,7 +333,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
|
||||
// then
|
||||
result.assertExceptionWithRootCauseMessage(
|
||||
JpaSystemException.class,
|
||||
"[403] Subject ", " not allowed to delete partner");
|
||||
"[403] Subject ", " not allowed to delete hs_office_partner");
|
||||
assertThat(jpaAttempt.transacted(() -> {
|
||||
context("superuser-alex@hostsharing.net");
|
||||
return partnerRepo.findByUuid(givenPartner.getUuid());
|
||||
|
||||
@ -4,6 +4,8 @@ import io.restassured.RestAssured;
|
||||
import io.restassured.http.ContentType;
|
||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.test.JpaAttempt;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@ -11,6 +13,8 @@ import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
import java.util.UUID;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
@ -19,7 +23,7 @@ import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = HsadminNgApplication.class
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
)
|
||||
@Transactional
|
||||
class TestCustomerControllerAcceptanceTest {
|
||||
@ -32,9 +36,15 @@ class TestCustomerControllerAcceptanceTest {
|
||||
|
||||
@Autowired
|
||||
Context contextMock;
|
||||
|
||||
@Autowired
|
||||
TestCustomerRepository testCustomerRepository;
|
||||
|
||||
@Autowired
|
||||
JpaAttempt jpaAttempt;
|
||||
|
||||
Set<UUID> tempPartnerUuids = new HashSet<>();
|
||||
|
||||
@Nested
|
||||
class ListCustomers {
|
||||
|
||||
@ -46,7 +56,7 @@ class TestCustomerControllerAcceptanceTest {
|
||||
.port(port)
|
||||
.when()
|
||||
.get("http://localhost/api/test/customers")
|
||||
.then().assertThat()
|
||||
.then().log().all().assertThat()
|
||||
.statusCode(200)
|
||||
.contentType("application/json")
|
||||
.body("[0].prefix", is("xxx"))
|
||||
@ -119,8 +129,8 @@ class TestCustomerControllerAcceptanceTest {
|
||||
.body("""
|
||||
{
|
||||
"reference": 90020,
|
||||
"prefix": "ttt",
|
||||
"adminUserName": "customer-admin@ttt.example.com"
|
||||
"prefix": "uuu",
|
||||
"adminUserName": "customer-admin@uuu.example.com"
|
||||
}
|
||||
""")
|
||||
.port(port)
|
||||
@ -129,22 +139,22 @@ class TestCustomerControllerAcceptanceTest {
|
||||
.then().assertThat()
|
||||
.statusCode(201)
|
||||
.contentType(ContentType.JSON)
|
||||
.body("prefix", is("ttt"))
|
||||
.body("prefix", is("uuu"))
|
||||
.header("Location", startsWith("http://localhost"))
|
||||
.extract().header("Location"); // @formatter:on
|
||||
|
||||
// finally, the new customer can be viewed by its own admin
|
||||
final var newUserUuid = UUID.fromString(
|
||||
location.substring(location.lastIndexOf('/') + 1));
|
||||
context.define("customer-admin@ttt.example.com");
|
||||
final var newUserUuid = toCleanup(UUID.fromString(
|
||||
location.substring(location.lastIndexOf('/') + 1)));
|
||||
context.define("customer-admin@uuu.example.com");
|
||||
assertThat(testCustomerRepository.findByUuid(newUserUuid))
|
||||
.hasValueSatisfying(c -> assertThat(c.getPrefix()).isEqualTo("ttt"));
|
||||
.hasValueSatisfying(c -> assertThat(c.getPrefix()).isEqualTo("uuu"));
|
||||
}
|
||||
|
||||
@Test
|
||||
void globalAdmin_withoutAssumedRole_canAddCustomerWithGivenUuid() {
|
||||
|
||||
final var givenUuid = UUID.randomUUID();
|
||||
final var givenUuid = toCleanup(UUID.randomUUID());
|
||||
|
||||
final var location = RestAssured // @formatter:off
|
||||
.given()
|
||||
@ -238,4 +248,22 @@ class TestCustomerControllerAcceptanceTest {
|
||||
assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0);
|
||||
}
|
||||
}
|
||||
|
||||
private UUID toCleanup(final UUID tempPartnerUuid) {
|
||||
tempPartnerUuids.add(tempPartnerUuid);
|
||||
return tempPartnerUuid;
|
||||
}
|
||||
|
||||
@AfterEach
|
||||
void cleanup() {
|
||||
tempPartnerUuids.forEach(uuid -> {
|
||||
jpaAttempt.transacted(() -> {
|
||||
context.define("superuser-alex@hostsharing.net", null);
|
||||
System.out.println("DELETING temporary partner: " + uuid);
|
||||
final var entity = testCustomerRepository.findByUuid(uuid);
|
||||
final var count = testCustomerRepository.deleteByUuid(uuid);
|
||||
System.out.println("DELETED temporary partner: " + uuid + (count > 0 ? " successful" : " failed") + " (" + entity.map(TestCustomerEntity::getPrefix).orElse("???") + ")");
|
||||
}).assertSuccessful();
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -86,7 +86,7 @@ class TestPackageControllerAcceptanceTest {
|
||||
void withDescriptionUpdatesDescription() {
|
||||
|
||||
assumeThat(getDescriptionOfPackage("xxx00"))
|
||||
.isEqualTo("Here can add your own description of package xxx00.");
|
||||
.isEqualTo("Here you can add your own description of package xxx00.");
|
||||
|
||||
final var randomDescription = RandomStringUtils.randomAlphanumeric(80);
|
||||
|
||||
@ -104,7 +104,7 @@ class TestPackageControllerAcceptanceTest {
|
||||
.port(port)
|
||||
.when()
|
||||
.patch("http://localhost/api/test/packages/{uuidOfPackage}", getUuidOfPackage("xxx00"))
|
||||
.then()
|
||||
.then().log().all()
|
||||
.assertThat()
|
||||
.statusCode(200)
|
||||
.contentType("application/json")
|
||||
@ -118,7 +118,7 @@ class TestPackageControllerAcceptanceTest {
|
||||
void withNullDescriptionUpdatesDescriptionToNull() {
|
||||
|
||||
assumeThat(getDescriptionOfPackage("xxx01"))
|
||||
.isEqualTo("Here can add your own description of package xxx01.");
|
||||
.isEqualTo("Here you can add your own description of package xxx01.");
|
||||
|
||||
// @formatter:off
|
||||
RestAssured
|
||||
@ -147,7 +147,7 @@ class TestPackageControllerAcceptanceTest {
|
||||
void withoutDescriptionDoesNothing() {
|
||||
|
||||
assumeThat(getDescriptionOfPackage("xxx02"))
|
||||
.isEqualTo("Here can add your own description of package xxx02.");
|
||||
.isEqualTo("Here you can add your own description of package xxx02.");
|
||||
|
||||
// @formatter:off
|
||||
RestAssured
|
||||
@ -163,7 +163,7 @@ class TestPackageControllerAcceptanceTest {
|
||||
.statusCode(200)
|
||||
.contentType("application/json")
|
||||
.body("name", is("xxx02"))
|
||||
.body("description", is("Here can add your own description of package xxx02.")); // unchanged
|
||||
.body("description", is("Here you can add your own description of package xxx02.")); // unchanged
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
@ -98,22 +98,22 @@ class TestPackageRepositoryIntegrationTest {
|
||||
|
||||
// when
|
||||
final var result1 = jpaAttempt.transacted(() -> {
|
||||
globalAdminWithAssumedRole("test_package#xxx00.admin");
|
||||
globalAdminWithAssumedRole("test_package#xxx00.owner");
|
||||
pac.setDescription("description set by thread 1");
|
||||
testPackageRepository.save(pac);
|
||||
});
|
||||
final var result2 = jpaAttempt.transacted(() -> {
|
||||
globalAdminWithAssumedRole("test_package#xxx00.admin");
|
||||
globalAdminWithAssumedRole("test_package#xxx00.owner");
|
||||
pac.setDescription("description set by thread 2");
|
||||
testPackageRepository.save(pac);
|
||||
sleep(1500);
|
||||
});
|
||||
|
||||
// then
|
||||
em.refresh(pac);
|
||||
assertThat(pac.getDescription()).isEqualTo("description set by thread 1");
|
||||
assertThat(result1.caughtException()).isNull();
|
||||
assertThat(result2.caughtException()).isInstanceOf(ObjectOptimisticLockingFailureException.class);
|
||||
em.refresh(pac);
|
||||
assertThat(pac.getDescription()).isEqualTo("description set by thread 1");
|
||||
}
|
||||
|
||||
private void sleep(final int millis) {
|
||||
|
||||
Reference in New Issue
Block a user