hostsharing/hs.hsadmin.ng
1
0
Fork 0
Code Activity

#145 [Rights-Module] documented the role system and some renaming

Browse Source
This commit is contained in:
Michael Hoennig
2019-05-25 19:43:29 +02:00
parent 57b6399950
commit 7983aa7e52
23 changed files with 280 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java
View File

@@ -65,23 +65,23 @@ public class UserRoleAssignmentServiceUnitTest {
Arrays.asList(
new UserRoleAssignment().entityTypeId("test.SomethingElse")
.entityObjectId(givenEntityObjectId)
.assignedRole(Role.CONTRACTUAL_CONTACT),
.assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT),
new UserRoleAssignment().entityTypeId(givenEntityTypeId)
.entityObjectId(givenEntityObjectId)
.assignedRole(Role.FINANCIAL_CONTACT),
.assignedRole(Role.CUSTOMER_FINANCIAL_CONTACT),
new UserRoleAssignment().entityTypeId(givenEntityTypeId)
.entityObjectId(givenEntityObjectId)
.assignedRole(Role.TECHNICAL_CONTACT),
.assignedRole(Role.CUSTOMER_TECHNICAL_CONTACT),
new UserRoleAssignment().entityTypeId(givenEntityTypeId)
.entityObjectId(3L)
.assignedRole(Role.CONTRACTUAL_CONTACT)));
.assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT)));
// when
final Set<Role> actual = userRoleAssignmentService
.getEffectiveRoleOfCurrentUser(givenEntityTypeId, givenEntityObjectId);
// then
assertThat(actual).containsExactlyInAnyOrder(Role.FINANCIAL_CONTACT, Role.TECHNICAL_CONTACT);
assertThat(actual).containsExactlyInAnyOrder(Role.CUSTOMER_FINANCIAL_CONTACT, Role.CUSTOMER_TECHNICAL_CONTACT);
}
@Test

30
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilterTestFixture.java
View File

@@ -56,13 +56,13 @@ public class JSonAccessFilterTestFixture {
Long id;
@ParentId(resolver = GivenCustomerService.class)
@AccessFor(init = ACTUAL_CUSTOMER_USER, update = ACTUAL_CUSTOMER_USER, read = ACTUAL_CUSTOMER_USER)
@AccessFor(init = ANY_CUSTOMER_USER, update = ANY_CUSTOMER_USER, read = ANY_CUSTOMER_USER)
Long customerId;
@AccessFor(
init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT },
update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT },
read = { TECHNICAL_CONTACT, FINANCIAL_CONTACT })
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
update = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
read = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT })
String restrictedField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@@ -133,11 +133,18 @@ public class JSonAccessFilterTestFixture {
@AccessFor(read = Role.ANY_CUSTOMER_USER)
Long id;
@AccessFor(init = Role.CONTRACTUAL_CONTACT, update = Role.CONTRACTUAL_CONTACT, read = ACTUAL_CUSTOMER_USER)
@AccessFor(
init = Role.CUSTOMER_CONTRACTUAL_CONTACT,
update = Role.CUSTOMER_CONTRACTUAL_CONTACT,
read = ANY_CUSTOMER_USER)
@ParentId(resolver = GivenService.class)
Long parentId;
@AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT })
@AccessFor(
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
update = {
CUSTOMER_TECHNICAL_CONTACT,
CUSTOMER_FINANCIAL_CONTACT })
String restrictedField;
@Override
@@ -204,11 +211,18 @@ public class JSonAccessFilterTestFixture {
@AccessFor(read = Role.ANY_CUSTOMER_USER)
Long id;
@AccessFor(init = Role.CONTRACTUAL_CONTACT, update = Role.CONTRACTUAL_CONTACT, read = ACTUAL_CUSTOMER_USER)
@AccessFor(
init = Role.CUSTOMER_CONTRACTUAL_CONTACT,
update = Role.CUSTOMER_CONTRACTUAL_CONTACT,
read = ANY_CUSTOMER_USER)
@ParentId(resolver = GivenParentService.class)
GivenParent parent;
@AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT })
@AccessFor(
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
update = {
CUSTOMER_TECHNICAL_CONTACT,
CUSTOMER_FINANCIAL_CONTACT })
String restrictedField;
@Override

12
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java
View File

@@ -83,7 +83,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void init() {
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withRole(GivenDto.class, 1234L, Role.ACTUAL_CUSTOMER_USER);
.withRole(GivenDto.class, 1234L, Role.ANY_CUSTOMER_USER);
given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory);
given(autowireCapableBeanFactory.createBean(GivenService.class)).willReturn(givenService);
@@ -244,7 +244,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldDeserializeStringFieldIfRequiredRoleIsCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT);
.withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
givenJSonTree(
asJSon(
ImmutablePair.of("id", 1234L),
@@ -262,7 +262,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldDeserializeUnchangedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT);
.withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
givenJSonTree(
asJSon(
ImmutablePair.of("id", 1234L),
@@ -320,7 +320,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldNotCreateIfRoleRequiredByParentEntityIsNotCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 9999L, Role.CONTRACTUAL_CONTACT);
.withRole(GivenCustomerDto.class, 9999L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
givenJSonTree(
asJSon(
ImmutablePair.of("parentId", 1234L)));
@@ -340,7 +340,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldCreateIfRoleRequiredByReferencedEntityIsCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.CONTRACTUAL_CONTACT);
.withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
givenJSonTree(
asJSon(
ImmutablePair.of("parentId", 1234L)));
@@ -357,7 +357,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldResolveParentIdFromIdOfSerializedSubEntity() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenParent.class, 1234L, Role.CONTRACTUAL_CONTACT);
.withRole(GivenParent.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
givenJSonTree(
asJSon(
ImmutablePair.of(

2
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java
View File

@@ -157,7 +157,7 @@ public class JSonSerializationWithAccessFilterUnitTest {
public void shouldSerializeRestrictedFieldIfRequiredRoleIsCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT);
securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
// when
serialize(givenDTO);

64
src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java
View File

@@ -20,9 +20,9 @@ public class RoleUnitTest {
assertThat(Role.ADMIN.covers(Role.ADMIN)).isTrue();
assertThat(Role.SUPPORTER.covers(Role.SUPPORTER)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isTrue();
assertThat(Role.FINANCIAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isTrue();
assertThat(Role.TECHNICAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isTrue();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue();
@@ -35,22 +35,22 @@ public class RoleUnitTest {
assertThat(Role.SUPPORTER.covers(Role.ADMIN)).isFalse();
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.SUPPORTER)).isFalse();
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.FINANCIAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.FINANCIAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isFalse();
assertThat(Role.TECHNICAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.TECHNICAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isFalse();
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isFalse();
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CONTRACTUAL_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.TECHNICAL_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.FINANCIAL_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CONTRACTUAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.TECHNICAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.FINANCIAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse();
assertThat(Role.ANYBODY.covers((Role.ANY_CUSTOMER_USER))).isFalse();
}
@@ -62,18 +62,20 @@ public class RoleUnitTest {
assertThat(Role.SUPPORTER.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isTrue();
assertThat(Role.TECHNICAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isTrue();
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isTrue();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANYBODY))).isTrue();
}
@Test
public void financialContactShouldNotCoverAnyCustomersUsersRoleRequirement() {
assertThat(Role.FINANCIAL_CONTACT.covers(Role.ACTUAL_CUSTOMER_USER)).isFalse();
public void financialContactShouldNotCoverAnyOtherRealRoleRequirement() {
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ACTUAL_CUSTOMER_USER)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse();
}
@Test
@@ -87,11 +89,16 @@ public class RoleUnitTest {
@Test
public void coversAny() {
assertThat(Role.HOSTMASTER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue();
assertThat(Role.FINANCIAL_CONTACT.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue();
assertThat(Role.HOSTMASTER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
assertThat(
Role.CUSTOMER_CONTRACTUAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
.isTrue();
assertThat(
Role.CUSTOMER_FINANCIAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
.isTrue();
assertThat(Role.ANY_CUSTOMER_USER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
.isFalse();
assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny())).isInstanceOf(VerifyException.class);
assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny((Role[]) null))).isInstanceOf(VerifyException.class);
@@ -122,15 +129,16 @@ public class RoleUnitTest {
assertThat(Role.HOSTMASTER.getAuthority()).hasValue(AuthoritiesConstants.HOSTMASTER);
assertThat(Role.ADMIN.getAuthority()).hasValue(AuthoritiesConstants.ADMIN);
assertThat(Role.SUPPORTER.getAuthority()).hasValue(AuthoritiesConstants.SUPPORTER);
assertThat(Role.CONTRACTUAL_CONTACT.getAuthority()).isEmpty();
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.getAuthority()).isEmpty();
assertThat(Role.ANYBODY.getAuthority()).hasValue(AuthoritiesConstants.ANONYMOUS);
}
@Test
public void isBroadest() {
assertThat(Role.broadest(Role.HOSTMASTER, Role.CONTRACTUAL_CONTACT)).isEqualTo(Role.HOSTMASTER);
assertThat(Role.broadest(Role.CONTRACTUAL_CONTACT, Role.HOSTMASTER)).isEqualTo(Role.HOSTMASTER);
assertThat(Role.broadest(Role.CONTRACTUAL_CONTACT, Role.ANY_CUSTOMER_USER)).isEqualTo(Role.CONTRACTUAL_CONTACT);
assertThat(Role.broadest(Role.HOSTMASTER, Role.CUSTOMER_CONTRACTUAL_CONTACT)).isEqualTo(Role.HOSTMASTER);
assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.HOSTMASTER)).isEqualTo(Role.HOSTMASTER);
assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.ANY_CUSTOMER_USER))
.isEqualTo(Role.CUSTOMER_CONTRACTUAL_CONTACT);
}
@Test

7
src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java
View File

@@ -129,7 +129,7 @@ public class AssetDTOIntTest {
// given
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID);
@@ -158,7 +158,8 @@ public class AssetDTOIntTest {
@Test
public void shouldNotDeserializeForContractualCustomerContact() {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_ASSET_ID)
.withFieldValue("remark", "Updated Remark")
@@ -172,7 +173,7 @@ public class AssetDTOIntTest {
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage())
.isEqualTo(
"Update of field AssetDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
"Update of field AssetDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
}
@Test

12
src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOUnitTest.java
View File

@@ -33,9 +33,9 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase<AssetDTO> {
@Test
public void shouldHaveProperAccessForContractualContact() {
initAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
initAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"id",
"membershipId",
"documentDate",
@@ -47,9 +47,9 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase<AssetDTO> {
@Test
public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
initAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
}
@Test

6
src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java
View File

@@ -76,7 +76,7 @@ public class CustomerDTOUnitTest {
public void testSerializationAsContractualCustomerContact() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
CustomerDTO given = createSomeCustomerDTO(1234L);
// when
@@ -91,7 +91,7 @@ public class CustomerDTOUnitTest {
public void testSerializationAsTechnicalCustomerUser() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.TECHNICAL_CONTACT);
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_TECHNICAL_CONTACT);
CustomerDTO given = createSomeCustomerDTO(1234L);
// when
@@ -125,7 +125,7 @@ public class CustomerDTOUnitTest {
@Test
public void testDeserializeAsContractualCustomerContact() throws IOException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
given(customerRepository.findById(1234L)).willReturn(Optional.of(new Customer().id(1234L)));
String json = "{\"id\":1234,\"contractualSalutation\":\"Hallo Updated\",\"billingSalutation\":\"Moin Updated\"}";

8
src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOIntTest.java
View File

@@ -111,7 +111,8 @@ public class MembershipDTOIntTest {
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
final MembershipDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID);
// when
@@ -139,7 +140,8 @@ public class MembershipDTOIntTest {
@Test
public void shouldNotDeserializeForContractualCustomerContact() {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_SEPA_MANDATE_ID)
.withFieldValue("remark", "Updated Remark")
@@ -152,7 +154,7 @@ public class MembershipDTOIntTest {
assertThat(actual).isInstanceOfSatisfying(
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage()).isEqualTo(
"Update of field MembershipDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
"Update of field MembershipDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
}
@Test

12
src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java
View File

@@ -40,9 +40,9 @@ public class MembershipDTOUnitTest extends AccessMappingsUnitTestBase<Membership
@Test
public void shouldHaveProperAccessForContractualContact() {
initAccessFor(MembershipDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
initAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"id",
"admissionDocumentDate",
"cancellationDocumentDate",
@@ -56,9 +56,9 @@ public class MembershipDTOUnitTest extends AccessMappingsUnitTestBase<Membership
@Test
public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(MembershipDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
initAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
}
@Test

8
src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOIntTest.java
View File

@@ -116,7 +116,8 @@ public class SepaMandateDTOIntTest {
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
final SepaMandateDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID);
// when
@@ -144,7 +145,8 @@ public class SepaMandateDTOIntTest {
@Test
public void shouldNotDeserializeForContractualCustomerContact() {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_SEPA_MANDATE_ID)
.withFieldValue("remark", "Updated Remark")
@@ -157,7 +159,7 @@ public class SepaMandateDTOIntTest {
assertThat(actual).isInstanceOfSatisfying(
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage()).isEqualTo(
"Update of field SepaMandateDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
"Update of field SepaMandateDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
}
@Test

12
src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOUnitTest.java
View File

@@ -55,7 +55,7 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
@Test
public void shouldHaveProperAccessForContractualContact() {
initAccessFor(SepaMandateDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
initAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"grantingDocumentDate",
"bic",
"validUntilDate",
@@ -63,10 +63,10 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
"validFromDate",
"iban",
"reference");
updateAccessFor(SepaMandateDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
updateAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"validUntilDate",
"revokationDocumentDate");
readAccessFor(SepaMandateDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
readAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"grantingDocumentDate",
"bic",
"id",
@@ -82,9 +82,9 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
@Test
public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(SepaMandateDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(SepaMandateDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(SepaMandateDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
initAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
}
@Test

8
src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOIntTest.java
View File

@@ -128,7 +128,8 @@ public class ShareDTOIntTest {
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
final ShareDTO given = createSomeShareDTO(SOME_SHARE_ID);
// when
@@ -156,7 +157,8 @@ public class ShareDTOIntTest {
@Test
public void shouldNotDeserializeForContractualCustomerContact() {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_SHARE_ID)
.withFieldValue("remark", "Updated Remark")
@@ -170,7 +172,7 @@ public class ShareDTOIntTest {
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage())
.isEqualTo(
"Update of field ShareDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
"Update of field ShareDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
}
@Test

12
src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOUnitTest.java
View File

@@ -32,9 +32,9 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase<ShareDTO> {
@Test
public void shouldHaveProperAccessForContractualContact() {
initAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
initAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"id",
"membershipId",
"documentDate",
@@ -46,9 +46,9 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase<ShareDTO> {
@Test
public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
initAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
}
@Test

8
src/test/java/org/hostsharing/hsadminng/service/dto/UserRoleAssignmentUnitTest.java
View File

@@ -75,7 +75,7 @@ public class UserRoleAssignmentUnitTest {
public void testSerializationAsContractualCustomerContact() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
UserRoleAssignment given = createSomeUserRoleAssignment(USER_ROLE_ASSIGNMENT_ID);
// when
@@ -115,7 +115,7 @@ public class UserRoleAssignmentUnitTest {
"user",
JSonBuilder.asJSon(
of("id", USER_ID))),
of("assignedRole", Role.TECHNICAL_CONTACT.name()));
of("assignedRole", Role.CUSTOMER_TECHNICAL_CONTACT.name()));
// when
UserRoleAssignment actual = objectMapper.readValue(json, UserRoleAssignment.class);
@@ -125,7 +125,7 @@ public class UserRoleAssignmentUnitTest {
expected.setId(USER_ROLE_ASSIGNMENT_ID);
expected.setEntityTypeId(Customer.ENTITY_TYPE_ID);
expected.setEntityObjectId(CUSTOMER_ID);
expected.setAssignedRole(Role.TECHNICAL_CONTACT);
expected.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT);
expected.setUser(expectedUser);
assertThat(actual).isEqualToComparingFieldByField(expected);
}
@@ -148,7 +148,7 @@ public class UserRoleAssignmentUnitTest {
given.setEntityTypeId(Customer.ENTITY_TYPE_ID);
given.setEntityObjectId(CUSTOMER_ID);
given.setUser(new User().id(USER_ID));
given.setAssignedRole(Role.TECHNICAL_CONTACT);
given.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT);
return given;
}
}