implements rbac-grants get-by-id

src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantController.java

@@ -25,11 +25,32 @@ public class RbacGrantController implements RbacgrantsApi {
     @Autowired
     private RbacGrantRepository rbacGrantRepository;
 
+    @Override
+    @Transactional(readOnly = true)
+    public ResponseEntity<RbacGrantResource> getGrantById(
+            final String currentUser,
+            final String assumedRoles,
+            final UUID grantedRoleUuid,
+            final UUID granteeUserUuid) {
+
+        context.setCurrentUser(currentUser);
+        if (assumedRoles != null && !assumedRoles.isBlank()) {
+            context.assumeRoles(assumedRoles);
+        }
+
+        final var id = new RbacGrantId(granteeUserUuid, grantedRoleUuid);
+        final var result = rbacGrantRepository.findById(id);
+        if (result == null) {
+            return ResponseEntity.notFound().build();
+        }
+        return ResponseEntity.ok(map(result, RbacGrantResource.class));
+    }
+
     @Override
     @Transactional(readOnly = true)
     public ResponseEntity<List<RbacGrantResource>> listUserGrants(
-        final String currentUser,
-        final String assumedRoles) {
+            final String currentUser,
+            final String assumedRoles) {
 
         context.setCurrentUser(currentUser);
         if (assumedRoles != null && !assumedRoles.isBlank()) {
@@ -41,9 +62,9 @@ public class RbacGrantController implements RbacgrantsApi {
     @Override
     @Transactional
     public ResponseEntity<Void> grantRoleToUser(
-        final String currentUser,
-        final String assumedRoles,
-        final RbacGrantResource body) {
+            final String currentUser,
+            final String assumedRoles,
+            final RbacGrantResource body) {
 
         context.setCurrentUser(currentUser);
         if (assumedRoles != null && !assumedRoles.isBlank()) {
@@ -53,20 +74,20 @@ public class RbacGrantController implements RbacgrantsApi {
         rbacGrantRepository.save(map(body, RbacGrantEntity.class));
 
         final var uri =
-            MvcUriComponentsBuilder.fromController(getClass())
-                .path("/api/rbac-grants/{roleUuid}")
-                .buildAndExpand(body.getGrantedRoleUuid())
-                .toUri();
+                MvcUriComponentsBuilder.fromController(getClass())
+                        .path("/api/rbac-grants/{roleUuid}")
+                        .buildAndExpand(body.getGrantedRoleUuid())
+                        .toUri();
         return ResponseEntity.created(uri).build();
     }
 
     @Override
     @Transactional
     public ResponseEntity<Void> revokeRoleFromUser(
-        final String currentUser,
-        final String assumedRoles,
-        final UUID grantedRoleUuid,
-        final UUID granteeUserUuid) {
+            final String currentUser,
+            final String assumedRoles,
+            final UUID grantedRoleUuid,
+            final UUID granteeUserUuid) {
 
         context.setCurrentUser(currentUser);
         if (assumedRoles != null && !assumedRoles.isBlank()) {

src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantEntity.java

@@ -18,6 +18,7 @@ import java.util.UUID;
 @NoArgsConstructor
 @AllArgsConstructor
 public class RbacGrantEntity {
+
     @Column(name = "grantedbyroleidname", updatable = false, insertable = false)
     private String grantedByRoleIdName;
 
@@ -59,6 +60,6 @@ public class RbacGrantEntity {
 
     public String toDisplay() {
         return "{ grant " + (assumed ? "assumed " : "") +
-            "role " + grantedRoleIdName + " to user " + granteeUserName + " by role " + grantedByRoleIdName + " }";
+                "role " + grantedRoleIdName + " to user " + granteeUserName + " by role " + grantedByRoleIdName + " }";
     }
 }

src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantRepository.java

@@ -8,15 +8,22 @@ import java.util.List;
 
 public interface RbacGrantRepository extends Repository<RbacGrantEntity, RbacGrantId> {
 
+    @Query(value = """
+             select g from RbacGrantEntity as g
+                 where g.grantedRoleUuid=:#{#rbacGrantId.grantedRoleUuid}
+                   and g.granteeUserUuid=:#{#rbacGrantId.granteeUserUuid}
+            """)
+    RbacGrantEntity findById(RbacGrantId rbacGrantId);
+
     List<RbacGrantEntity> findAll();
 
     void save(final RbacGrantEntity grant);
 
     @Modifying
     @Query(value = """
-         delete from RbacGrantEntity as g
-             where g.grantedRoleUuid=:#{#rbacGrantId.grantedRoleUuid}
-               and g.granteeUserUuid=:#{#rbacGrantId.granteeUserUuid}
-        """)
+             delete from RbacGrantEntity as g
+                 where g.grantedRoleUuid=:#{#rbacGrantId.grantedRoleUuid}
+                   and g.granteeUserUuid=:#{#rbacGrantId.granteeUserUuid}
+            """)
     void deleteByRbacGrantId(RbacGrantId rbacGrantId);
 }

src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserController.java

@@ -32,7 +32,7 @@ public class RbacUserController implements RbacusersApi {
     @Override
     @Transactional
     public ResponseEntity<RbacUserResource> createUser(
-        @RequestBody final RbacUserResource body
+            @RequestBody final RbacUserResource body
     ) {
         if (body.getUuid() == null) {
             body.setUuid(UUID.randomUUID());
@@ -40,19 +40,27 @@ public class RbacUserController implements RbacusersApi {
         final var saved = map(body, RbacUserEntity.class);
         rbacUserRepository.create(saved);
         final var uri =
-            MvcUriComponentsBuilder.fromController(getClass())
-                .path("/api/rbac-users/{id}")
-                .buildAndExpand(saved.getUuid())
-                .toUri();
+                MvcUriComponentsBuilder.fromController(getClass())
+                        .path("/api/rbac-users/{id}")
+                        .buildAndExpand(saved.getUuid())
+                        .toUri();
         return ResponseEntity.created(uri).body(map(saved, RbacUserResource.class));
     }
 
     @Override
-    @Transactional(readOnly=true)
+    public ResponseEntity<List<RbacUserPermissionResource>> getUserById(
+            final String currentUser,
+            final String assumedRoles,
+            final String userName) {
+        return null;
+    }
+
+    @Override
+    @Transactional(readOnly = true)
     public ResponseEntity<List<RbacUserResource>> listUsers(
-        @RequestHeader(name = "current-user") final String currentUserName,
-        @RequestHeader(name = "assumed-roles", required = false) final String assumedRoles,
-        @RequestParam(name = "name", required = false) final String userName
+            @RequestHeader(name = "current-user") final String currentUserName,
+            @RequestHeader(name = "assumed-roles", required = false) final String assumedRoles,
+            @RequestParam(name = "name", required = false) final String userName
     ) {
         context.setCurrentUser(currentUserName);
         if (assumedRoles != null && !assumedRoles.isBlank()) {
@@ -62,11 +70,11 @@ public class RbacUserController implements RbacusersApi {
     }
 
     @Override
-    @Transactional(readOnly=true)
+    @Transactional(readOnly = true)
     public ResponseEntity<List<RbacUserPermissionResource>> listUserPermissions(
-        @RequestHeader(name = "current-user") final String currentUserName,
-        @RequestHeader(name = "assumed-roles", required = false) final String assumedRoles,
-        @PathVariable(name = "userName") final String userName
+            @RequestHeader(name = "current-user") final String currentUserName,
+            @RequestHeader(name = "assumed-roles", required = false) final String assumedRoles,
+            @PathVariable(name = "userName") final String userName
     ) {
         context.setCurrentUser(currentUserName);
         if (assumedRoles != null && !assumedRoles.isBlank()) {

src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserRepository.java

@@ -3,7 +3,6 @@ package net.hostsharing.hsadminng.rbac.rbacuser;
 import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.Repository;
-import org.springframework.data.repository.query.Param;
 
 import java.util.List;
 import java.util.UUID;
@@ -11,14 +10,15 @@ import java.util.UUID;
 public interface RbacUserRepository extends Repository<RbacUserEntity, UUID> {
 
     @Query("""
-         select u from RbacUserEntity u
-             where :userName is null or u.name like concat(:userName, '%')
-             order by u.name
-        """)
+             select u from RbacUserEntity u
+                 where :userName is null or u.name like concat(:userName, '%')
+                 order by u.name
+            """)
     List<RbacUserEntity> findByOptionalNameLike(String userName);
 
-    @Query(value = "select uuid from rbacuser where name=:userName", nativeQuery = true)
-    UUID findUuidByName(String userName);
+    // bypasses the restricted view, to be able to grant rights to arbitrary user
+    @Query(value = "select * from rbacuser where name=:userName", nativeQuery = true)
+    RbacUserEntity findByName(String userName);
 
     RbacUserEntity findByUuid(UUID uuid);
 
@@ -32,7 +32,7 @@ public interface RbacUserRepository extends Repository<RbacUserEntity, UUID> {
      */
     @Modifying
     @Query(value = "insert into RBacUser_RV (uuid, name) values( :#{#newUser.uuid}, :#{#newUser.name})", nativeQuery = true)
-    void insert(@Param("newUser") final RbacUserEntity newUser);
+    void insert(final RbacUserEntity newUser);
 
     default RbacUserEntity create(final RbacUserEntity rbacUserEntity) {
         if (rbacUserEntity.getUuid() == null) {