bugfix/only-one-partner-per-person (#143)

Co-authored-by: Michael Hoennig <michael@hoennig.de>
Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/143
Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net>

src/main/java/net/hostsharing/hsadminng/config/CasAuthenticator.java

@@ -45,13 +45,13 @@ public class CasAuthenticator implements Authenticator {
     private String casValidation(final HttpServletRequest httpRequest)
             throws SAXException, IOException, ParserConfigurationException {
 
-        System.err.println("CasAuthenticator.casValidation using CAS-server: " + casServerUrl);
-
         final var ticket = httpRequest.getHeader("Authorization");
         final var url = casServerUrl + "/p3/serviceValidate" +
                 "?service=" + serviceUrl +
                 "&ticket=" + ticket;
 
+        System.err.println("CasAuthenticator.casValidation using URL: " + url);
+
         final var response = restTemplate.getForObject(url, String.class);
 
         final var doc = DocumentBuilderFactory.newInstance().newDocumentBuilder()

src/main/java/net/hostsharing/hsadminng/hs/office/debitor/HsOfficeDebitorEntity.java

@@ -88,9 +88,9 @@ public class HsOfficeDebitorEntity implements BaseEntity<HsOfficeDebitorEntity>,
             (
                 SELECT DISTINCT partner.uuid
                 FROM hs_office.partner_rv partner
-                JOIN hs_office.relation_rv dRel
+                JOIN hs_office.relation dRel
                     ON dRel.uuid = debitorreluuid AND dRel.type = 'DEBITOR'
-                JOIN hs_office.relation_rv pRel
+                JOIN hs_office.relation pRel
                     ON pRel.uuid = partner.partnerRelUuid AND pRel.type = 'PARTNER'
                 WHERE pRel.holderUuid = dRel.anchorUuid
             )

src/main/java/net/hostsharing/hsadminng/hs/office/person/HsOfficePerson.java

@@ -9,6 +9,7 @@ import lombok.experimental.FieldNameConstants;
 import lombok.experimental.SuperBuilder;
 import net.hostsharing.hsadminng.errors.DisplayAs;
 import net.hostsharing.hsadminng.persistence.BaseEntity;
+import net.hostsharing.hsadminng.rbac.role.WithRoleId;
 import net.hostsharing.hsadminng.repr.Stringify;
 import net.hostsharing.hsadminng.repr.Stringifyable;
 import org.apache.commons.lang3.StringUtils;
@@ -30,7 +31,7 @@ import static net.hostsharing.hsadminng.repr.Stringify.stringify;
 @SuperBuilder(toBuilder = true)
 @FieldNameConstants
 @DisplayAs("Person")
-public class HsOfficePerson<T extends HsOfficePerson<?> & BaseEntity<?>> implements BaseEntity<T>, Stringifyable {
+public class HsOfficePerson<T extends HsOfficePerson<?> & BaseEntity<?>> implements BaseEntity<T>, Stringifyable, WithRoleId {
 
     private static Stringify<HsOfficePerson> toString = stringify(HsOfficePerson.class, "person")
             .withProp(Fields.personType, HsOfficePerson::getPersonType)

src/main/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelation.java

@@ -6,6 +6,7 @@ import lombok.experimental.SuperBuilder;
 import net.hostsharing.hsadminng.hs.office.contact.HsOfficeContactRealEntity;
 import net.hostsharing.hsadminng.hs.office.person.HsOfficePersonRealEntity;
 import net.hostsharing.hsadminng.persistence.BaseEntity;
+import net.hostsharing.hsadminng.rbac.role.WithRoleId;
 import net.hostsharing.hsadminng.repr.Stringify;
 import net.hostsharing.hsadminng.repr.Stringifyable;
 
@@ -22,7 +23,7 @@ import static net.hostsharing.hsadminng.repr.Stringify.stringify;
 @Setter
 @SuperBuilder(toBuilder = true)
 @FieldNameConstants
-public class HsOfficeRelation implements BaseEntity<HsOfficeRelation>, Stringifyable {
+public class HsOfficeRelation implements BaseEntity<HsOfficeRelation>, Stringifyable, WithRoleId {
 
     private static Stringify<HsOfficeRelation> toString = stringify(HsOfficeRelation.class, "rel")
             .withProp(Fields.anchor, HsOfficeRelation::getAnchor)

src/main/java/net/hostsharing/hsadminng/rbac/role/WithRoleId.java

@@ -0,0 +1,20 @@
+package net.hostsharing.hsadminng.rbac.role;
+
+import jakarta.persistence.Table;
+import java.util.UUID;
+
+public interface WithRoleId  {
+    UUID getUuid();
+
+    /**
+     * @return the RBAC-Role-Id of the given `rbacRoleType` for this entity instance.
+     */
+    default String roleId(final RbacRoleType rbacRoleType) {
+        if ( getUuid() == null ) {
+            throw new IllegalStateException("UUID missing => role can't be determined");
+        }
+        final Table tableAnnot = getClass().getAnnotation(Table.class);
+        final var qualifiedTableName = tableAnnot.schema() + "." + tableAnnot.name();
+        return qualifiedTableName + "#" + getUuid() + ":" + rbacRoleType.name();
+    }
+}

src/main/resources/db/changelog/1-rbac/1050-rbac-base.sql

@@ -251,7 +251,7 @@ begin
         execute sql into uuid;
     exception
         when others then
-            raise exception 'function %_uuid_by_id_name(''%'') failed: %, SQLSTATE: %. If it could not be found, add identity view support to %\nSQL:%',
+            raise exception 'function %_uuid_by_id_name(''%'') failed: %, SQLSTATE: %. If the function itself could not be found, add identity view support to %\nSQL:%',
                 objectTable, objectIdName, SQLERRM, SQLSTATE, objectTable, sql;
     end;
     if uuid is null then
@@ -275,7 +275,7 @@ begin
         execute sql into idName;
     exception
         when others then
-            raise exception 'function %_id_name_by_uuid(''%'') failed: %, SQLSTATE: %. If it could not be found, add identity view support to %',
+            raise exception 'function %_id_name_by_uuid(''%'') failed: %, SQLSTATE: %. If the function itself could not be found, add identity view support to %',
                 objectTable, objectUuid, SQLERRM, SQLSTATE, objectTable;
     end;
     return idName;

src/main/resources/db/changelog/5-hs-office/503-relation/5030-hs-office-relation.sql

@@ -29,8 +29,24 @@ create table if not exists hs_office.relation
 );
 --//
 
--- TODO.impl: unique constraint, to prevent using the same person multiple times as a partner, or better:
---          ( anchorUuid,  holderUuid, type)
+
+-- ============================================================================
+--changeset michael.hoennig:hs-office-relation-unique-constraints endDelimiter:--//
+-- ----------------------------------------------------------------------------
+
+CREATE UNIQUE INDEX unique_relation_with_mark
+    ON hs_office.relation (type, anchorUuid, holderUuid, contactUuid, mark)
+    WHERE mark IS NOT NULL;
+
+CREATE UNIQUE INDEX unique_relation_without_mark
+    ON hs_office.relation (type, anchorUuid, holderUuid, contactUuid)
+    WHERE mark IS NULL;
+
+CREATE UNIQUE INDEX unique_partner_relation
+    ON hs_office.relation (type, anchorUuid, holderUuid)
+    WHERE mark IS NULL AND type = 'PARTNER';
+
+--//
 
 
 -- ============================================================================

src/main/resources/db/changelog/5-hs-office/503-relation/5038-hs-office-relation-test-data.sql

@@ -100,8 +100,8 @@ do language plpgsql $$
         call hs_office.relation_create_test_data('Third OHG', 'DEBITOR', 'Third OHG', 'third contact');
 
         call hs_office.relation_create_test_data('Fourth eG', 'PARTNER', 'Hostsharing eG', 'fourth contact');
-        call hs_office.relation_create_test_data('Fouler', 'REPRESENTATIVE', 'Third OHG', 'third contact');
-        call hs_office.relation_create_test_data('Third OHG', 'DEBITOR', 'Third OHG', 'third contact');
+        call hs_office.relation_create_test_data('Fouler', 'REPRESENTATIVE', 'Fourth eG', 'fourth contact');
+        call hs_office.relation_create_test_data('Fourth eG', 'DEBITOR', 'Fourth eG', 'fourth contact');
 
         call hs_office.relation_create_test_data('Smith', 'PARTNER', 'Hostsharing eG', 'sixth contact');
         call hs_office.relation_create_test_data('Smith', 'DEBITOR', 'Smith', 'third contact');