hostsharing/hs.hsadmin.ng
1
0
Fork 0
Code Activity

#145 [Rights-Module] preparation for module specific roles

Browse Source
This commit is contained in:
Michael Hoennig
2019-06-27 23:48:16 +02:00
parent 7983aa7e52
commit 7db2c23de1
36 changed files with 945 additions and 734 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java
View File

@@ -1,17 +1,14 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.mockito.BDDMockito.given;
import com.google.common.base.VerifyException;
import org.hostsharing.hsadminng.domain.UserRoleAssignment;
import org.hostsharing.hsadminng.repository.UserRoleAssignmentRepository;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerFinancialContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerTechnicalContact;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextFake;
import com.google.common.base.VerifyException;
import org.junit.Rule;
import org.junit.Test;
import org.mockito.InjectMocks;
@@ -22,6 +19,10 @@ import org.mockito.junit.MockitoRule;
import java.util.Arrays;
import java.util.Set;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.mockito.BDDMockito.given;
public class UserRoleAssignmentServiceUnitTest {
@Rule
@@ -65,23 +66,24 @@ public class UserRoleAssignmentServiceUnitTest {
Arrays.asList(
new UserRoleAssignment().entityTypeId("test.SomethingElse")
.entityObjectId(givenEntityObjectId)
.assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT),
.assignedRole(CustomerContractualContact.ROLE),
new UserRoleAssignment().entityTypeId(givenEntityTypeId)
.entityObjectId(givenEntityObjectId)
.assignedRole(Role.CUSTOMER_FINANCIAL_CONTACT),
.assignedRole(CustomerFinancialContact.ROLE),
new UserRoleAssignment().entityTypeId(givenEntityTypeId)
.entityObjectId(givenEntityObjectId)
.assignedRole(Role.CUSTOMER_TECHNICAL_CONTACT),
.assignedRole(CustomerTechnicalContact.ROLE),
new UserRoleAssignment().entityTypeId(givenEntityTypeId)
.entityObjectId(3L)
.assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT)));
.assignedRole(CustomerContractualContact.ROLE)));
// when
final Set<Role> actual = userRoleAssignmentService
.getEffectiveRoleOfCurrentUser(givenEntityTypeId, givenEntityObjectId);
// then
assertThat(actual).containsExactlyInAnyOrder(Role.CUSTOMER_FINANCIAL_CONTACT, Role.CUSTOMER_TECHNICAL_CONTACT);
assertThat(actual)
.containsExactlyInAnyOrder(Role.of(CustomerFinancialContact.class), Role.of(CustomerTechnicalContact.class));
}
@Test

33
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilterTest.java Normal file
View File

@@ -0,0 +1,33 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.accessfilter;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.junit.Test;
import org.mockito.Mock;
import static org.assertj.core.api.Assertions.assertThat;
public class JSonAccessFilterTest {
@Mock
private UserRoleAssignmentService userRoleAssignmentService;
@Test
public void getLoginUserRoles() {
SecurityContextFake.havingUnauthenticatedUser();
new JSonAccessFilter<TestEntity>(null, userRoleAssignmentService, new TestEntity()) {
{
assertThat(this.getLoginUserRoles()).hasSize(0);
}
};
}
private static class TestEntity implements AccessMappings {
@Override
public Long getId() {
return null;
}
}
}

91
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilterTestFixture.java
View File

@@ -1,17 +1,16 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.accessfilter;
import static org.hostsharing.hsadminng.service.accessfilter.Role.*;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.service.IdToDtoResolver;
import org.hostsharing.hsadminng.service.dto.FluentBuilder;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.RandomUtils;
import java.math.BigDecimal;
import java.time.LocalDate;
import static org.hostsharing.hsadminng.service.accessfilter.Role.*;
public class JSonAccessFilterTestFixture {
static GivenDto createSampleDto() {
@@ -37,10 +36,10 @@ public class JSonAccessFilterTestFixture {
static class GivenCustomerDto implements FluentBuilder<GivenCustomerDto> {
@SelfId(resolver = GivenService.class)
@AccessFor(read = ANYBODY)
@AccessFor(read = Anybody.class)
Long id;
@AccessFor(update = IGNORED, read = ANYBODY)
@AccessFor(update = Ignored.class, read = Anybody.class)
String displayLabel;
}
@@ -52,62 +51,62 @@ public class JSonAccessFilterTestFixture {
static class GivenDto implements AccessMappings, FluentBuilder<GivenDto> {
@SelfId(resolver = GivenService.class)
@AccessFor(read = ANYBODY)
@AccessFor(read = Anybody.class)
Long id;
@ParentId(resolver = GivenCustomerService.class)
@AccessFor(init = ANY_CUSTOMER_USER, update = ANY_CUSTOMER_USER, read = ANY_CUSTOMER_USER)
@AccessFor(init = AnyCustomerUser.class, update = AnyCustomerUser.class, read = AnyCustomerUser.class)
Long customerId;
@AccessFor(
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
update = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
read = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT })
init = { CustomerTechnicalContact.class, CustomerFinancialContact.class },
update = { CustomerTechnicalContact.class, CustomerFinancialContact.class },
read = { CustomerTechnicalContact.class, CustomerFinancialContact.class })
String restrictedField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
String openStringField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
Integer openIntegerField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
int openPrimitiveIntField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
Long openLongField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
long openPrimitiveLongField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
Boolean openBooleanField;
@AccessFor(read = ANYBODY)
@AccessFor(read = Anybody.class)
boolean openPrimitiveBooleanField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
LocalDate openLocalDateField;
transient String openLocalDateFieldAsString;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
LocalDate openLocalDateField2;
transient String openLocalDateField2AsString;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
TestEnum openEnumField;
transient String openEnumFieldAsString;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
BigDecimal openBigDecimalField;
@AccessFor(init = SUPPORTER, update = SUPPORTER, read = SUPPORTER)
@AccessFor(init = Supporter.class, update = Supporter.class, read = Supporter.class)
BigDecimal restrictedBigDecimalField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@AccessFor(init = Anybody.class, update = Anybody.class, read = Anybody.class)
int[] openArrayField;
@AccessFor(init = IGNORED, update = IGNORED, read = ANYBODY)
@AccessFor(init = Ignored.class, update = Ignored.class, read = Anybody.class)
String displayLabel;
@Override
@@ -130,21 +129,21 @@ public class JSonAccessFilterTestFixture {
public static class GivenChildDto implements AccessMappings, FluentBuilder<GivenChildDto> {
@SelfId(resolver = GivenChildService.class)
@AccessFor(read = Role.ANY_CUSTOMER_USER)
@AccessFor(read = AnyCustomerUser.class)
Long id;
@AccessFor(
init = Role.CUSTOMER_CONTRACTUAL_CONTACT,
update = Role.CUSTOMER_CONTRACTUAL_CONTACT,
read = ANY_CUSTOMER_USER)
init = CustomerContractualContact.class,
update = CustomerContractualContact.class,
read = AnyCustomerUser.class)
@ParentId(resolver = GivenService.class)
Long parentId;
@AccessFor(
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
init = { CustomerTechnicalContact.class, CustomerFinancialContact.class },
update = {
CUSTOMER_TECHNICAL_CONTACT,
CUSTOMER_FINANCIAL_CONTACT })
CustomerTechnicalContact.class,
CustomerFinancialContact.class })
String restrictedField;
@Override
@@ -156,11 +155,11 @@ public class JSonAccessFilterTestFixture {
public static class GivenDtoWithMultipleSelfId implements AccessMappings {
@SelfId(resolver = GivenChildService.class)
@AccessFor(read = Role.ANY_CUSTOMER_USER)
@AccessFor(read = AnyCustomerUser.class)
Long id;
@SelfId(resolver = GivenChildService.class)
@AccessFor(read = Role.ANY_CUSTOMER_USER)
@AccessFor(read = AnyCustomerUser.class)
Long id2;
@Override
@@ -172,10 +171,10 @@ public class JSonAccessFilterTestFixture {
public static class GivenDtoWithUnknownFieldType implements AccessMappings {
@SelfId(resolver = GivenChildService.class)
@AccessFor(read = Role.ANYBODY)
@AccessFor(read = Anybody.class)
Long id;
@AccessFor(init = Role.ANYBODY, read = Role.ANYBODY)
@AccessFor(init = Anybody.class, read = Anybody.class)
Arbitrary unknown;
@Override
@@ -184,14 +183,14 @@ public class JSonAccessFilterTestFixture {
}
}
public static class Arbitrary {
static class Arbitrary {
}
@EntityTypeId("givenParent")
public static class GivenParent implements AccessMappings, FluentBuilder<GivenParent> {
@SelfId(resolver = GivenParentService.class)
@AccessFor(read = Role.ANY_CUSTOMER_USER)
@AccessFor(read = AnyCustomerUser.class)
Long id;
@Override
@@ -208,21 +207,21 @@ public class JSonAccessFilterTestFixture {
public static class GivenChild implements AccessMappings, FluentBuilder<GivenChild> {
@SelfId(resolver = GivenChildService.class)
@AccessFor(read = Role.ANY_CUSTOMER_USER)
@AccessFor(read = AnyCustomerUser.class)
Long id;
@AccessFor(
init = Role.CUSTOMER_CONTRACTUAL_CONTACT,
update = Role.CUSTOMER_CONTRACTUAL_CONTACT,
read = ANY_CUSTOMER_USER)
init = CustomerContractualContact.class,
update = CustomerContractualContact.class,
read = AnyCustomerUser.class)
@ParentId(resolver = GivenParentService.class)
GivenParent parent;
@AccessFor(
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
init = { CustomerTechnicalContact.class, CustomerFinancialContact.class },
update = {
CUSTOMER_TECHNICAL_CONTACT,
CUSTOMER_FINANCIAL_CONTACT })
CustomerTechnicalContact.class,
CustomerFinancialContact.class })
String restrictedField;
@Override

14
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonBuilder.java
View File

@@ -32,37 +32,37 @@ public class JSonBuilder {
}
public JSonBuilder withFieldValue(String name, String value) {
json.append(inQuotes(name) + ":" + (value != null ? inQuotes(value) : "null") + ",");
json.append(inQuotes(name)).append(":").append(value != null ? inQuotes(value) : "null").append(",");
return this;
}
public JSonBuilder withFieldValue(String name, Number value) {
json.append(inQuotes(name) + ":" + (value != null ? value : "null") + ",");
json.append(inQuotes(name)).append(":").append(value != null ? value : "null").append(",");
return this;
}
public JSonBuilder toJSonNullFieldDefinition(String name) {
json.append(inQuotes(name) + ":null,");
json.append(inQuotes(name)).append(":null,");
return this;
}
public JSonBuilder withFieldValueIfPresent(String name, String value) {
if (value != null) {
json.append(inQuotes(name) + ":" + inQuotes(value) + ",");
json.append(inQuotes(name)).append(":").append(inQuotes(value)).append(",");
}
return this;
}
public JSonBuilder withFieldValueIfPresent(String name, Number value) {
if (value != null) {
json.append(inQuotes(name) + ":" + value + ",");
json.append(inQuotes(name)).append(":").append(value).append(",");
}
return this;
}
public <E extends Enum<E>> JSonBuilder withFieldValueIfPresent(final String name, final E value) {
public <E extends Enum<E>> JSonBuilder withFieldValueIfPresent(final String name, final Role value) {
if (value != null) {
json.append(inQuotes(name) + ":" + inQuotes(value.name()) + ",");
json.append(inQuotes(name)).append(":").append(inQuotes(value.name())).append(",");
}
return this;
}

45
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java
View File

@@ -1,26 +1,18 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.accessfilter;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.assertj.core.api.Assumptions.assumeThat;
import static org.hostsharing.hsadminng.service.accessfilter.JSonAccessFilterTestFixture.*;
import static org.hostsharing.hsadminng.service.accessfilter.JSonBuilder.asJSon;
import static org.mockito.BDDMockito.given;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.ObjectCodec;
import com.fasterxml.jackson.core.TreeNode;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.NotImplementedException;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.Role.Admin;
import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -37,6 +29,13 @@ import java.time.LocalDate;
import java.util.Arrays;
import java.util.Optional;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.assertj.core.api.Assumptions.assumeThat;
import static org.hostsharing.hsadminng.service.accessfilter.JSonAccessFilterTestFixture.*;
import static org.hostsharing.hsadminng.service.accessfilter.JSonBuilder.asJSon;
import static org.mockito.BDDMockito.given;
@SuppressWarnings("ALL")
public class JSonDeserializationWithAccessFilterUnitTest {
@@ -83,7 +82,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void init() {
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withRole(GivenDto.class, 1234L, Role.ANY_CUSTOMER_USER);
.withRole(GivenDto.class, 1234L, Role.AnyCustomerUser.ROLE);
given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory);
given(autowireCapableBeanFactory.createBean(GivenService.class)).willReturn(givenService);
@@ -244,7 +243,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldDeserializeStringFieldIfRequiredRoleIsCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
.withRole(GivenCustomerDto.class, 888L, Role.CustomerFinancialContact.ROLE);
givenJSonTree(
asJSon(
ImmutablePair.of("id", 1234L),
@@ -262,7 +261,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldDeserializeUnchangedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
.withRole(GivenCustomerDto.class, 888L, Role.CustomerFinancialContact.ROLE);
givenJSonTree(
asJSon(
ImmutablePair.of("id", 1234L),
@@ -280,7 +279,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldNotDeserializeUpatedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
.withRole(GivenCustomerDto.class, 888L, Role.ActualCustomerUser.ROLE);
givenJSonTree(
asJSon(
ImmutablePair.of("customerId", 888L),
@@ -297,10 +296,10 @@ public class JSonDeserializationWithAccessFilterUnitTest {
}
@Test
public void shouldInitializeFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
public void shouldNotInitializeFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
.withRole(GivenCustomerDto.class, 888L, Role.ActualCustomerUser.ROLE);
givenJSonTree(
asJSon(
ImmutablePair.of("customerId", 888L),
@@ -320,7 +319,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldNotCreateIfRoleRequiredByParentEntityIsNotCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 9999L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
.withRole(GivenCustomerDto.class, 9999L, Role.CustomerContractualContact.ROLE);
givenJSonTree(
asJSon(
ImmutablePair.of("parentId", 1234L)));
@@ -340,7 +339,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldCreateIfRoleRequiredByReferencedEntityIsCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
.withRole(GivenCustomerDto.class, 888L, Role.CustomerContractualContact.ROLE);
givenJSonTree(
asJSon(
ImmutablePair.of("parentId", 1234L)));
@@ -357,7 +356,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldResolveParentIdFromIdOfSerializedSubEntity() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenParent.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
.withRole(GivenParent.class, 1234L, Role.CustomerContractualContact.ROLE);
givenJSonTree(
asJSon(
ImmutablePair.of(
@@ -377,7 +376,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldNotUpdateFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
.withRole(GivenCustomerDto.class, 888L, Role.ActualCustomerUser.ROLE);
givenJSonTree(
asJSon(
ImmutablePair.of("id", 1234L),
@@ -475,7 +474,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Test
public void shouldIgnorePropertyToIgnoreForInit() throws IOException {
// given
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
securityContext.havingAuthenticatedUser().withAuthority(Admin.ROLE.authority());
givenJSonTree(
asJSon(
ImmutablePair.of("displayLabel", "Some Value")));

29
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java
View File

@@ -1,18 +1,9 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.accessfilter;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.hostsharing.hsadminng.service.accessfilter.JSonAccessFilterTestFixture.*;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import com.fasterxml.jackson.core.JsonGenerator;
import org.apache.commons.lang3.NotImplementedException;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -25,6 +16,13 @@ import org.springframework.context.ApplicationContext;
import java.io.IOException;
import java.util.Optional;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.hostsharing.hsadminng.service.accessfilter.JSonAccessFilterTestFixture.*;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
public class JSonSerializationWithAccessFilterUnitTest {
@Rule
@@ -53,7 +51,7 @@ public class JSonSerializationWithAccessFilterUnitTest {
public void init() {
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.ANY_CUSTOMER_USER);
.withRole(GivenCustomerDto.class, 888L, Role.AnyCustomerUser.ROLE);
given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory);
given(autowireCapableBeanFactory.createBean(GivenCustomerService.class)).willReturn(givenCustomerService);
@@ -157,7 +155,8 @@ public class JSonSerializationWithAccessFilterUnitTest {
public void shouldSerializeRestrictedFieldIfRequiredRoleIsCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.of(Role.CustomerFinancialContact.class));
// when
serialize(givenDTO);
@@ -170,7 +169,7 @@ public class JSonSerializationWithAccessFilterUnitTest {
public void shouldNotSerializeRestrictedFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.ANY_CUSTOMER_USER);
securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.AnyCustomerUser.ROLE);
// when
serialize(givenDTO);
@@ -188,7 +187,7 @@ public class JSonSerializationWithAccessFilterUnitTest {
}
class GivenDtoWithUnimplementedFieldType implements AccessMappings {
@AccessFor(read = Role.ANYBODY)
@AccessFor(read = Role.Anybody.class)
Arbitrary fieldWithUnimplementedType = new Arbitrary();
@Override
@@ -208,7 +207,7 @@ public class JSonSerializationWithAccessFilterUnitTest {
// --- fixture code below ---
public <T extends AccessMappings> void serialize(final T dto) throws IOException {
private <T extends AccessMappings> void serialize(final T dto) throws IOException {
// @formatter:off
new JsonSerializerWithAccessFilter<T>(ctx, userRoleAssignmentService) {}
.serialize(dto, jsonGenerator, null);

179
src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java
View File

@@ -1,118 +1,113 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.accessfilter;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.ThrowableAssert.catchThrowable;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import com.google.common.base.VerifyException;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.accessfilter.Role.*;
import org.junit.Test;
import java.lang.reflect.Field;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.ThrowableAssert.catchThrowable;
public class RoleUnitTest {
@Test
public void allUserRolesShouldCoverSameRequiredRole() {
assertThat(Role.HOSTMASTER.covers(Role.HOSTMASTER)).isTrue();
assertThat(Role.ADMIN.covers(Role.ADMIN)).isTrue();
assertThat(Role.SUPPORTER.covers(Role.SUPPORTER)).isTrue();
assertThat(Hostmaster.ROLE.covers(Hostmaster.class)).isTrue();
assertThat(Admin.ROLE.covers(Admin.class)).isTrue();
assertThat(Supporter.ROLE.covers(Supporter.class)).isTrue();
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue();
assertThat(Role.CustomerContractualContact.ROLE.covers(Role.CustomerContractualContact.class)).isTrue();
assertThat(CustomerFinancialContact.ROLE.covers(CustomerFinancialContact.class)).isTrue();
assertThat(CustomerTechnicalContact.ROLE.covers(CustomerTechnicalContact.class)).isTrue();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isTrue();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue();
assertThat(ActualCustomerUser.ROLE.covers((ActualCustomerUser.class))).isTrue();
assertThat(AnyCustomerUser.ROLE.covers((Role.AnyCustomerUser.class))).isTrue();
}
@Test
public void lowerUserRolesShouldNotCoverHigherRequiredRoles() {
assertThat(Role.HOSTMASTER.covers(Role.NOBODY)).isFalse();
assertThat(Role.ADMIN.covers(Role.HOSTMASTER)).isFalse();
assertThat(Role.SUPPORTER.covers(Role.ADMIN)).isFalse();
assertThat(Hostmaster.ROLE.covers(Nobody.class)).isFalse();
assertThat(Admin.ROLE.covers(Hostmaster.class)).isFalse();
assertThat(Supporter.ROLE.covers(Admin.class)).isFalse();
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.SUPPORTER)).isFalse();
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isFalse();
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isFalse();
assertThat(AnyCustomerContact.ROLE.covers(Supporter.class)).isFalse();
assertThat(AnyCustomerContact.ROLE.covers(Role.CustomerContractualContact.class)).isFalse();
assertThat(CustomerFinancialContact.ROLE.covers(Role.CustomerContractualContact.class)).isFalse();
assertThat(CustomerFinancialContact.ROLE.covers(CustomerTechnicalContact.class)).isFalse();
assertThat(CustomerTechnicalContact.ROLE.covers(Role.CustomerContractualContact.class)).isFalse();
assertThat(CustomerTechnicalContact.ROLE.covers(CustomerFinancialContact.class)).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse();
assertThat(ActualCustomerUser.ROLE.covers((AnyCustomerContact.class))).isFalse();
assertThat(ActualCustomerUser.ROLE.covers((Role.CustomerContractualContact.class))).isFalse();
assertThat(ActualCustomerUser.ROLE.covers((CustomerTechnicalContact.class))).isFalse();
assertThat(ActualCustomerUser.ROLE.covers((CustomerFinancialContact.class))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse();
assertThat(AnyCustomerUser.ROLE.covers((ActualCustomerUser.class))).isFalse();
assertThat(AnyCustomerUser.ROLE.covers((AnyCustomerContact.class))).isFalse();
assertThat(AnyCustomerUser.ROLE.covers((Role.CustomerContractualContact.class))).isFalse();
assertThat(AnyCustomerUser.ROLE.covers((CustomerTechnicalContact.class))).isFalse();
assertThat(AnyCustomerUser.ROLE.covers((CustomerFinancialContact.class))).isFalse();
assertThat(Role.ANYBODY.covers((Role.ANY_CUSTOMER_USER))).isFalse();
assertThat(Anybody.ROLE.covers((Role.AnyCustomerUser.class))).isFalse();
}
@Test
public void higherUserRolesShouldCoverLowerRequiredRoles() {
assertThat(Role.HOSTMASTER.covers(Role.SUPPORTER)).isTrue();
assertThat(Role.ADMIN.covers(Role.SUPPORTER)).isTrue();
assertThat(Hostmaster.ROLE.covers(Supporter.class)).isTrue();
assertThat(Admin.ROLE.covers(Supporter.class)).isTrue();
assertThat(Role.SUPPORTER.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
assertThat(Supporter.ROLE.covers(AnyCustomerContact.class)).isTrue();
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue();
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isTrue();
assertThat(Role.CustomerContractualContact.ROLE.covers(AnyCustomerContact.class)).isTrue();
assertThat(Role.CustomerContractualContact.ROLE.covers(CustomerFinancialContact.class)).isTrue();
assertThat(Role.CustomerContractualContact.ROLE.covers(CustomerTechnicalContact.class)).isTrue();
assertThat(CustomerTechnicalContact.ROLE.covers(Role.AnyCustomerUser.class)).isTrue();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANYBODY))).isTrue();
assertThat(ActualCustomerUser.ROLE.covers((Role.AnyCustomerUser.class))).isTrue();
assertThat(AnyCustomerUser.ROLE.covers((Anybody.class))).isTrue();
}
@Test
public void financialContactShouldNotCoverAnyOtherRealRoleRequirement() {
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ACTUAL_CUSTOMER_USER)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse();
assertThat(CustomerFinancialContact.ROLE.covers(Role.AnyCustomerUser.class)).isFalse();
assertThat(CustomerFinancialContact.ROLE.covers(ActualCustomerUser.class)).isFalse();
assertThat(CustomerFinancialContact.ROLE.covers(Role.AnyCustomerUser.class)).isFalse();
}
@Test
public void ignoredCoversNothingAndIsNotCovered() {
assertThat(Role.IGNORED.covers(Role.HOSTMASTER)).isFalse();
assertThat(Role.IGNORED.covers(Role.ANYBODY)).isFalse();
assertThat(Role.IGNORED.covers(Role.IGNORED)).isFalse();
assertThat(Role.HOSTMASTER.covers(Role.IGNORED)).isFalse();
assertThat(Role.ANYBODY.covers(Role.IGNORED)).isFalse();
assertThat(Ignored.ROLE.covers(Hostmaster.class)).isFalse();
assertThat(Ignored.ROLE.covers(Anybody.class)).isFalse();
assertThat(Ignored.ROLE.covers(Ignored.class)).isFalse();
assertThat(Hostmaster.ROLE.covers(Ignored.class)).isFalse();
assertThat(Anybody.ROLE.covers(Ignored.class)).isFalse();
}
@Test
public void coversAny() {
assertThat(Role.HOSTMASTER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
assertThat(Hostmaster.ROLE.coversAny(Role.CustomerContractualContact.class, CustomerFinancialContact.class)).isTrue();
assertThat(
Role.CUSTOMER_CONTRACTUAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
.isTrue();
Role.CustomerContractualContact.ROLE.coversAny(
Role.CustomerContractualContact.class,
CustomerFinancialContact.class))
.isTrue();
assertThat(
Role.CUSTOMER_FINANCIAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
.isTrue();
CustomerFinancialContact.ROLE.coversAny(
Role.CustomerContractualContact.class,
CustomerFinancialContact.class))
.isTrue();
assertThat(Role.ANY_CUSTOMER_USER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
assertThat(Role.AnyCustomerUser.ROLE.coversAny(Role.CustomerContractualContact.class, CustomerFinancialContact.class))
.isFalse();
assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny())).isInstanceOf(VerifyException.class);
assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny((Role[]) null))).isInstanceOf(VerifyException.class);
}
@Test
public void isIgnored() {
for (Role role : Role.values()) {
if (role == Role.IGNORED) {
assertThat(role.isIgnored()).isTrue();
} else {
assertThat(role.isIgnored()).isFalse();
}
}
assertThat(catchThrowable(Hostmaster.ROLE::coversAny)).isInstanceOf(VerifyException.class);
assertThat(
catchThrowable(
() -> Hostmaster.ROLE.coversAny(
(Class<Role>[]) null))).isInstanceOf(VerifyException.class);
}
@Test
@@ -125,54 +120,54 @@ public class RoleUnitTest {
@Test
public void getAuthority() {
assertThat(Role.NOBODY.getAuthority()).isEmpty();
assertThat(Role.HOSTMASTER.getAuthority()).hasValue(AuthoritiesConstants.HOSTMASTER);
assertThat(Role.ADMIN.getAuthority()).hasValue(AuthoritiesConstants.ADMIN);
assertThat(Role.SUPPORTER.getAuthority()).hasValue(AuthoritiesConstants.SUPPORTER);
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.getAuthority()).isEmpty();
assertThat(Role.ANYBODY.getAuthority()).hasValue(AuthoritiesConstants.ANONYMOUS);
assertThat(Nobody.ROLE.authority()).isEqualTo(AuthoritiesConstants.USER);
assertThat(Hostmaster.ROLE.authority()).isEqualTo(AuthoritiesConstants.HOSTMASTER);
assertThat(Admin.ROLE.authority()).isEqualTo(AuthoritiesConstants.ADMIN);
assertThat(Supporter.ROLE.authority()).isEqualTo(AuthoritiesConstants.SUPPORTER);
assertThat(Role.CustomerContractualContact.ROLE.authority()).isEqualTo(AuthoritiesConstants.USER);
assertThat(Anybody.ROLE.authority()).isEqualTo(AuthoritiesConstants.ANONYMOUS);
}
@Test
public void isBroadest() {
assertThat(Role.broadest(Role.HOSTMASTER, Role.CUSTOMER_CONTRACTUAL_CONTACT)).isEqualTo(Role.HOSTMASTER);
assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.HOSTMASTER)).isEqualTo(Role.HOSTMASTER);
assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.ANY_CUSTOMER_USER))
.isEqualTo(Role.CUSTOMER_CONTRACTUAL_CONTACT);
assertThat(Role.broadest(Hostmaster.ROLE, Role.CustomerContractualContact.ROLE)).isEqualTo(Hostmaster.ROLE);
assertThat(Role.broadest(Role.CustomerContractualContact.ROLE, Hostmaster.ROLE)).isEqualTo(Hostmaster.ROLE);
assertThat(Role.broadest(Role.CustomerContractualContact.ROLE, Role.AnyCustomerUser.ROLE))
.isEqualTo(Role.CustomerContractualContact.ROLE);
}
@Test
public void isAllowedToInit() {
assertThat(Role.HOSTMASTER.isAllowedToInit(someFieldWithoutAccessForAnnotation)).isFalse();
assertThat(Role.SUPPORTER.isAllowedToInit(someFieldWithoutAccessForAnnotation)).isFalse();
assertThat(Role.ADMIN.isAllowedToInit(someFieldWithAccessForAnnotation)).isTrue();
assertThat(Hostmaster.ROLE.isAllowedToInit(someFieldWithoutAccessForAnnotation)).isFalse();
assertThat(Supporter.ROLE.isAllowedToInit(someFieldWithoutAccessForAnnotation)).isFalse();
assertThat(Admin.ROLE.isAllowedToInit(someFieldWithAccessForAnnotation)).isTrue();
}
@Test
public void isAllowedToUpdate() {
assertThat(Role.HOSTMASTER.isAllowedToUpdate(someFieldWithoutAccessForAnnotation)).isFalse();
assertThat(Role.ANY_CUSTOMER_CONTACT.isAllowedToUpdate(someFieldWithAccessForAnnotation)).isFalse();
assertThat(Role.SUPPORTER.isAllowedToUpdate(someFieldWithAccessForAnnotation)).isTrue();
assertThat(Hostmaster.ROLE.isAllowedToUpdate(someFieldWithoutAccessForAnnotation)).isFalse();
assertThat(AnyCustomerContact.ROLE.isAllowedToUpdate(someFieldWithAccessForAnnotation)).isFalse();
assertThat(Supporter.ROLE.isAllowedToUpdate(someFieldWithAccessForAnnotation)).isTrue();
}
@Test
public void isAllowedToRead() {
assertThat(Role.HOSTMASTER.isAllowedToRead(someFieldWithoutAccessForAnnotation)).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.isAllowedToRead(someFieldWithAccessForAnnotation)).isFalse();
assertThat(Role.ANY_CUSTOMER_CONTACT.isAllowedToRead(someFieldWithAccessForAnnotation)).isTrue();
assertThat(Hostmaster.ROLE.isAllowedToRead(someFieldWithoutAccessForAnnotation)).isFalse();
assertThat(Role.AnyCustomerUser.ROLE.isAllowedToRead(someFieldWithAccessForAnnotation)).isFalse();
assertThat(AnyCustomerContact.ROLE.isAllowedToRead(someFieldWithAccessForAnnotation)).isTrue();
}
// --- only test fixture below ---
static class TestDto {
private static class TestDto {
@AccessFor(init = Role.ADMIN, update = Role.SUPPORTER, read = Role.ANY_CUSTOMER_CONTACT)
@AccessFor(init = Admin.class, update = Supporter.class, read = AnyCustomerContact.class)
private Integer someFieldWithAccessForAnnotation;
@AccessFor(update = Role.IGNORED, read = Role.ANY_CUSTOMER_CONTACT)
@AccessFor(update = Ignored.class, read = AnyCustomerContact.class)
private Integer someFieldWithAccessForAnnotationToBeIgnoredForUpdates;
@AccessFor(update = { Role.IGNORED, Role.SUPPORTER }, read = Role.ANY_CUSTOMER_CONTACT)
@AccessFor(update = { Ignored.class, Supporter.class }, read = AnyCustomerContact.class)
private Integer someFieldWithAccessForAnnotationToBeIgnoredForUpdatesAmongOthers;
private Integer someFieldWithoutAccessForAnnotation;

5
src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextFake.java
View File

@@ -3,6 +3,11 @@ package org.hostsharing.hsadminng.service.accessfilter;
public class SecurityContextFake extends SecurityContextDouble<SecurityContextFake> {
public static SecurityContextFake havingUnauthenticatedUser() {
final SecurityContextFake securityContext = new SecurityContextFake();
return securityContext;
}
public static SecurityContextFake havingAuthenticatedUser() {
return havingAuthenticatedUser("dummyUser");
}

21
src/test/java/org/hostsharing/hsadminng/service/dto/AccessMappingsUnitTestBase.java
View File

@@ -1,14 +1,9 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import static org.apache.commons.lang3.StringUtils.removeEnd;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.service.accessfilter.*;
import org.hostsharing.hsadminng.service.util.ReflectionUtil;
import org.apache.commons.lang3.RandomUtils;
import org.junit.Test;
import org.springframework.boot.jackson.JsonComponent;
@@ -21,6 +16,10 @@ import java.util.function.BiFunction;
import java.util.function.Function;
import java.util.stream.Collectors;
import static org.apache.commons.lang3.StringUtils.removeEnd;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail;
/**
* Usually base classes for unit tests are not a good idea, but because
* DTOs which implement AccessMapping are more like a DSL,
@@ -117,7 +116,7 @@ public abstract class AccessMappingsUnitTestBase<D> {
private final String[] namesOfFieldsWithAccessForAnnotation;
private final String[] namesOfAccessibleFields;
AccessRightsMatcher(final Class dtoClass, final Role role, final Function<AccessFor, Role[]> access) {
AccessRightsMatcher(final Class dtoClass, final Role role, final Function<AccessFor, Class<? extends Role>[]> access) {
this.dtoClass = dtoClass;
this.role = role;
@@ -159,10 +158,14 @@ public abstract class AccessMappingsUnitTestBase<D> {
return fieldsWithAccessForAnnotation;
}
private static boolean allows(final Field field, final Function<AccessFor, Role[]> access, final Role role) {
private static boolean allows(
final Field field,
final Function<AccessFor, Class<? extends Role>[]> access,
final Role role) {
if (field.isAnnotationPresent(AccessFor.class)) {
final AccessFor accessFor = field.getAnnotation(AccessFor.class);
return role.coversAny(access.apply(accessFor));
Class<? extends Role>[] roleClasses = access.apply(accessFor);
return role.coversAny(roleClasses);
}
return false;
}

27
src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java
View File

@@ -1,11 +1,9 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.domain.Asset;
import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.Membership;
@@ -20,17 +18,14 @@ import org.hostsharing.hsadminng.service.MembershipValidator;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerFinancialContact;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.mapper.AssetMapper;
import org.hostsharing.hsadminng.service.mapper.AssetMapperImpl;
import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl;
import org.hostsharing.hsadminng.service.mapper.MembershipMapperImpl;
import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.RandomUtils;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -43,12 +38,16 @@ import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.test.context.junit4.SpringRunner;
import javax.persistence.EntityManager;
import java.io.IOException;
import java.math.BigDecimal;
import java.time.LocalDate;
import java.util.Optional;
import javax.persistence.EntityManager;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
@JsonTest
@SpringBootTest(
@@ -129,7 +128,7 @@ public class AssetDTOIntTest {
// given
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.of(CustomerFinancialContact.class));
final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID);
@@ -159,7 +158,7 @@ public class AssetDTOIntTest {
public void shouldNotDeserializeForContractualCustomerContact() {
// given
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.of(CustomerContractualContact.class));
final String json = new JSonBuilder()
.withFieldValue("id", SOME_ASSET_ID)
.withFieldValue("remark", "Updated Remark")
@@ -173,7 +172,7 @@ public class AssetDTOIntTest {
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage())
.isEqualTo(
"Update of field AssetDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
"Update of field AssetDTO.remark prohibited for current user role(s): CustomerContractualContact"));
}
@Test

37
src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOUnitTest.java
View File

@@ -1,12 +1,13 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import org.hostsharing.hsadminng.domain.enumeration.AssetAction;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.util.RandomUtil;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.domain.enumeration.AssetAction;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.Admin;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.util.RandomUtil;
import org.junit.Test;
import java.math.BigDecimal;
@@ -20,22 +21,22 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase<AssetDTO> {
@Test
public void shouldHaveProperAccessForAdmin() {
initAccessFor(AssetDTO.class, Role.ADMIN).shouldBeExactlyFor(
initAccessFor(AssetDTO.class, Admin.ROLE).shouldBeExactlyFor(
"membershipId",
"documentDate",
"amount",
"action",
"valueDate",
"remark");
updateAccessFor(AssetDTO.class, Role.ADMIN).shouldBeExactlyFor("remark");
readAccessFor(AssetDTO.class, Role.ADMIN).shouldBeForAllFields();
updateAccessFor(AssetDTO.class, Admin.ROLE).shouldBeExactlyFor("remark");
readAccessFor(AssetDTO.class, Admin.ROLE).shouldBeForAllFields();
}
@Test
public void shouldHaveProperAccessForContractualContact() {
initAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
initAccessFor(AssetDTO.class, CustomerContractualContact.ROLE).shouldBeForNothing();
updateAccessFor(AssetDTO.class, CustomerContractualContact.ROLE).shouldBeForNothing();
readAccessFor(AssetDTO.class, CustomerContractualContact.ROLE).shouldBeExactlyFor(
"id",
"membershipId",
"documentDate",
@@ -47,21 +48,21 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase<AssetDTO> {
@Test
public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
initAccessFor(AssetDTO.class, Role.CustomerTechnicalContact.ROLE).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.CustomerTechnicalContact.ROLE).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.CustomerTechnicalContact.ROLE).shouldBeForNothing();
}
@Test
public void shouldHaveNoAccessForNormalUsersWithinCustomerRealm() {
initAccessFor(AssetDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
initAccessFor(AssetDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
}
// --- only test fixture below ---
public static AssetDTO createSampleDTO(final Long id, final Long parentId) {
private static AssetDTO createSampleDTO(final Long id, final Long parentId) {
final AssetDTO dto = new AssetDTO();
dto.setId(id);
dto.setDocumentDate(LocalDate.parse("2000-12-07"));
@@ -74,7 +75,7 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase<AssetDTO> {
return dto;
}
public static AssetDTO createRandomDTO(final Long id, final Long parentId) {
private static AssetDTO createRandomDTO(final Long id, final Long parentId) {
final AssetDTO dto = new AssetDTO();
dto.setId(id);
final LocalDate randomDate = LocalDate.parse("2000-12-07").plusDays(RandomUtils.nextInt(1, 999));

22
src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java
View File

@@ -1,10 +1,8 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.enumeration.CustomerKind;
import org.hostsharing.hsadminng.domain.enumeration.VatRegion;
@@ -14,13 +12,11 @@ import org.hostsharing.hsadminng.service.CustomerService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerTechnicalContact;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.mapper.CustomerMapper;
import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -36,6 +32,10 @@ import org.springframework.test.context.junit4.SpringRunner;
import java.io.IOException;
import java.util.Optional;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
@JsonTest
@SpringBootTest(
classes = {
@@ -76,7 +76,7 @@ public class CustomerDTOUnitTest {
public void testSerializationAsContractualCustomerContact() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.of(CustomerContractualContact.class));
CustomerDTO given = createSomeCustomerDTO(1234L);
// when
@@ -91,7 +91,7 @@ public class CustomerDTOUnitTest {
public void testSerializationAsTechnicalCustomerUser() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_TECHNICAL_CONTACT);
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.of(CustomerTechnicalContact.class));
CustomerDTO given = createSomeCustomerDTO(1234L);
// when
@@ -125,7 +125,7 @@ public class CustomerDTOUnitTest {
@Test
public void testDeserializeAsContractualCustomerContact() throws IOException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.of(CustomerContractualContact.class));
given(customerRepository.findById(1234L)).willReturn(Optional.of(new Customer().id(1234L)));
String json = "{\"id\":1234,\"contractualSalutation\":\"Hallo Updated\",\"billingSalutation\":\"Moin Updated\"}";

30
src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOIntTest.java
View File

@@ -1,12 +1,9 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.hostsharing.hsadminng.service.dto.MembershipDTOUnitTest.createSampleDTO;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.Membership;
import org.hostsharing.hsadminng.repository.CustomerRepository;
@@ -16,17 +13,13 @@ import org.hostsharing.hsadminng.service.MembershipService;
import org.hostsharing.hsadminng.service.MembershipValidator;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerFinancialContact;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl;
import org.hostsharing.hsadminng.service.mapper.MembershipMapper;
import org.hostsharing.hsadminng.service.mapper.MembershipMapperImpl;
import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.RandomUtils;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -39,11 +32,16 @@ import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.test.context.junit4.SpringRunner;
import javax.persistence.EntityManager;
import java.io.IOException;
import java.util.Objects;
import java.util.Optional;
import javax.persistence.EntityManager;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.hostsharing.hsadminng.service.dto.MembershipDTOUnitTest.createSampleDTO;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
@JsonTest
@SpringBootTest(
@@ -112,7 +110,7 @@ public class MembershipDTOIntTest {
// given
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, CustomerFinancialContact.ROLE);
final MembershipDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID);
// when
@@ -141,7 +139,7 @@ public class MembershipDTOIntTest {
public void shouldNotDeserializeForContractualCustomerContact() {
// given
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, CustomerContractualContact.ROLE);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_SEPA_MANDATE_ID)
.withFieldValue("remark", "Updated Remark")
@@ -154,7 +152,7 @@ public class MembershipDTOIntTest {
assertThat(actual).isInstanceOfSatisfying(
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage()).isEqualTo(
"Update of field MembershipDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
"Update of field MembershipDTO.remark prohibited for current user role(s): CustomerContractualContact"));
}
@Test

39
src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java
View File

@@ -1,10 +1,13 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.Admin;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerTechnicalContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.Supporter;
import org.junit.Test;
import java.time.LocalDate;
@@ -17,32 +20,32 @@ public class MembershipDTOUnitTest extends AccessMappingsUnitTestBase<Membership
@Test
public void shouldHaveProperAccessForAdmin() {
initAccessFor(MembershipDTO.class, Role.ADMIN).shouldBeExactlyFor(
initAccessFor(MembershipDTO.class, Admin.ROLE).shouldBeExactlyFor(
"admissionDocumentDate",
"cancellationDocumentDate",
"memberFromDate",
"memberUntilDate",
"customerId",
"remark");
updateAccessFor(MembershipDTO.class, Role.ADMIN).shouldBeExactlyFor(
updateAccessFor(MembershipDTO.class, Admin.ROLE).shouldBeExactlyFor(
"cancellationDocumentDate",
"memberUntilDate",
"remark");
readAccessFor(MembershipDTO.class, Role.ADMIN).shouldBeForAllFields();
readAccessFor(MembershipDTO.class, Admin.ROLE).shouldBeForAllFields();
}
@Test
public void shouldHaveProperAccessForSupporter() {
initAccessFor(MembershipDTO.class, Role.SUPPORTER).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.SUPPORTER).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.SUPPORTER).shouldBeForAllFields();
initAccessFor(MembershipDTO.class, Supporter.ROLE).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Supporter.ROLE).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Supporter.ROLE).shouldBeForAllFields();
}
@Test
public void shouldHaveProperAccessForContractualContact() {
initAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
initAccessFor(MembershipDTO.class, CustomerContractualContact.ROLE).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, CustomerContractualContact.ROLE).shouldBeForNothing();
readAccessFor(MembershipDTO.class, CustomerContractualContact.ROLE).shouldBeExactlyFor(
"id",
"admissionDocumentDate",
"cancellationDocumentDate",
@@ -56,21 +59,21 @@ public class MembershipDTOUnitTest extends AccessMappingsUnitTestBase<Membership
@Test
public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
initAccessFor(MembershipDTO.class, CustomerTechnicalContact.ROLE).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, CustomerTechnicalContact.ROLE).shouldBeForNothing();
readAccessFor(MembershipDTO.class, CustomerTechnicalContact.ROLE).shouldBeForNothing();
}
@Test
public void shouldHaveNoAccessForNormalUsersWithinCustomerRealm() {
initAccessFor(MembershipDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
initAccessFor(MembershipDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
}
// --- only test fixture below ---
public static MembershipDTO createSampleDTO(final Long id, final Long parentId) {
static MembershipDTO createSampleDTO(final Long id, final Long parentId) {
final MembershipDTO dto = new MembershipDTO();
dto.setId(id);
final LocalDate referenceDate = LocalDate.parse("2000-12-07");

29
src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOIntTest.java
View File

@@ -1,12 +1,9 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.hostsharing.hsadminng.service.dto.SepaMandateDTOUnitTest.createSampleDTO;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.SepaMandate;
import org.hostsharing.hsadminng.repository.CustomerRepository;
@@ -18,17 +15,14 @@ import org.hostsharing.hsadminng.service.SepaMandateService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerFinancialContact;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl;
import org.hostsharing.hsadminng.service.mapper.MembershipMapperImpl;
import org.hostsharing.hsadminng.service.mapper.SepaMandateMapper;
import org.hostsharing.hsadminng.service.mapper.SepaMandateMapperImpl;
import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.RandomUtils;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -41,11 +35,16 @@ import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.test.context.junit4.SpringRunner;
import javax.persistence.EntityManager;
import java.io.IOException;
import java.util.Objects;
import java.util.Optional;
import javax.persistence.EntityManager;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.hostsharing.hsadminng.service.dto.SepaMandateDTOUnitTest.createSampleDTO;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
@JsonTest
@SpringBootTest(
@@ -117,7 +116,7 @@ public class SepaMandateDTOIntTest {
// given
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.of(CustomerFinancialContact.class));
final SepaMandateDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID);
// when
@@ -146,7 +145,7 @@ public class SepaMandateDTOIntTest {
public void shouldNotDeserializeForContractualCustomerContact() {
// given
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, CustomerContractualContact.ROLE);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_SEPA_MANDATE_ID)
.withFieldValue("remark", "Updated Remark")
@@ -159,7 +158,7 @@ public class SepaMandateDTOIntTest {
assertThat(actual).isInstanceOfSatisfying(
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage()).isEqualTo(
"Update of field SepaMandateDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
"Update of field SepaMandateDTO.remark prohibited for current user role(s): CustomerContractualContact"));
}
@Test

37
src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOUnitTest.java
View File

@@ -1,10 +1,13 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.Admin;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerTechnicalContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.Supporter;
import org.junit.Test;
import java.time.LocalDate;
@@ -17,7 +20,7 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
@Test
public void shouldHaveProperAccessForAdmin() {
initAccessFor(SepaMandateDTO.class, Role.ADMIN).shouldBeExactlyFor(
initAccessFor(SepaMandateDTO.class, Role.of(Admin.class)).shouldBeExactlyFor(
"grantingDocumentDate",
"bic",
"remark",
@@ -28,17 +31,17 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
"revokationDocumentDate",
"lastUsedDate",
"reference");
updateAccessFor(SepaMandateDTO.class, Role.ADMIN).shouldBeExactlyFor(
updateAccessFor(SepaMandateDTO.class, Role.of(Admin.class)).shouldBeExactlyFor(
"remark",
"validUntilDate",
"revokationDocumentDate",
"lastUsedDate");
readAccessFor(SepaMandateDTO.class, Role.ADMIN).shouldBeForAllFields();
readAccessFor(SepaMandateDTO.class, Role.of(Admin.class)).shouldBeForAllFields();
}
@Test
public void shouldHaveProperAccessForSupporter() {
initAccessFor(SepaMandateDTO.class, Role.SUPPORTER).shouldBeExactlyFor(
initAccessFor(SepaMandateDTO.class, Role.of(Supporter.class)).shouldBeExactlyFor(
"grantingDocumentDate",
"bic",
"validUntilDate",
@@ -46,16 +49,16 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
"validFromDate",
"iban",
"reference");
updateAccessFor(SepaMandateDTO.class, Role.SUPPORTER).shouldBeExactlyFor(
updateAccessFor(SepaMandateDTO.class, Role.of(Supporter.class)).shouldBeExactlyFor(
"remark",
"validUntilDate",
"revokationDocumentDate");
readAccessFor(SepaMandateDTO.class, Role.SUPPORTER).shouldBeForAllFields();
readAccessFor(SepaMandateDTO.class, Role.of(Supporter.class)).shouldBeForAllFields();
}
@Test
public void shouldHaveProperAccessForContractualContact() {
initAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
initAccessFor(SepaMandateDTO.class, Role.of(CustomerContractualContact.class)).shouldBeExactlyFor(
"grantingDocumentDate",
"bic",
"validUntilDate",
@@ -63,10 +66,10 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
"validFromDate",
"iban",
"reference");
updateAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
updateAccessFor(SepaMandateDTO.class, Role.of(CustomerContractualContact.class)).shouldBeExactlyFor(
"validUntilDate",
"revokationDocumentDate");
readAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
readAccessFor(SepaMandateDTO.class, Role.of(CustomerContractualContact.class)).shouldBeExactlyFor(
"grantingDocumentDate",
"bic",
"id",
@@ -82,16 +85,16 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
@Test
public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
initAccessFor(SepaMandateDTO.class, Role.of(CustomerTechnicalContact.class)).shouldBeForNothing();
updateAccessFor(SepaMandateDTO.class, Role.of(CustomerTechnicalContact.class)).shouldBeForNothing();
readAccessFor(SepaMandateDTO.class, Role.of(CustomerTechnicalContact.class)).shouldBeForNothing();
}
@Test
public void shouldHaveNoAccessForNormalUsersWithinCustomerRealm() {
initAccessFor(SepaMandateDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
updateAccessFor(SepaMandateDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
readAccessFor(SepaMandateDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
initAccessFor(SepaMandateDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
updateAccessFor(SepaMandateDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
readAccessFor(SepaMandateDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
}
// --- only test fixture below ---

32
src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOIntTest.java
View File

@@ -1,11 +1,9 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.Membership;
import org.hostsharing.hsadminng.domain.Share;
@@ -13,24 +11,20 @@ import org.hostsharing.hsadminng.domain.enumeration.ShareAction;
import org.hostsharing.hsadminng.repository.CustomerRepository;
import org.hostsharing.hsadminng.repository.MembershipRepository;
import org.hostsharing.hsadminng.repository.ShareRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.MembershipValidator;
import org.hostsharing.hsadminng.service.ShareService;
import org.hostsharing.hsadminng.service.ShareValidator;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerFinancialContact;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl;
import org.hostsharing.hsadminng.service.mapper.MembershipMapperImpl;
import org.hostsharing.hsadminng.service.mapper.ShareMapper;
import org.hostsharing.hsadminng.service.mapper.ShareMapperImpl;
import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.RandomUtils;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -43,11 +37,15 @@ import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.test.context.junit4.SpringRunner;
import javax.persistence.EntityManager;
import java.io.IOException;
import java.time.LocalDate;
import java.util.Optional;
import javax.persistence.EntityManager;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
@JsonTest
@SpringBootTest(
@@ -129,7 +127,7 @@ public class ShareDTOIntTest {
// given
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, CustomerFinancialContact.ROLE);
final ShareDTO given = createSomeShareDTO(SOME_SHARE_ID);
// when
@@ -144,7 +142,7 @@ public class ShareDTOIntTest {
public void shouldSerializeCompletelyForSupporter() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER);
securityContext.havingAuthenticatedUser().withAuthority(Role.Supporter.ROLE.authority());
final ShareDTO given = createSomeShareDTO(SOME_SHARE_ID);
// when
@@ -158,7 +156,7 @@ public class ShareDTOIntTest {
public void shouldNotDeserializeForContractualCustomerContact() {
// given
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, CustomerContractualContact.ROLE);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_SHARE_ID)
.withFieldValue("remark", "Updated Remark")
@@ -172,13 +170,13 @@ public class ShareDTOIntTest {
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage())
.isEqualTo(
"Update of field ShareDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
"Update of field ShareDTO.remark prohibited for current user role(s): CustomerContractualContact"));
}
@Test
public void shouldDeserializeForAdminIfRemarkIsChanged() throws IOException {
// given
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
securityContext.havingAuthenticatedUser().withAuthority(Role.Admin.ROLE.authority());
final String json = new JSonBuilder()
.withFieldValue("id", SOME_SHARE_ID)
.withFieldValue("remark", "Updated Remark")

38
src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOUnitTest.java
View File

@@ -1,12 +1,14 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import org.hostsharing.hsadminng.domain.enumeration.ShareAction;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.util.RandomUtil;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.RandomUtils;
import org.hostsharing.hsadminng.domain.enumeration.ShareAction;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.Admin;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerTechnicalContact;
import org.hostsharing.hsadminng.service.util.RandomUtil;
import org.junit.Test;
import java.time.LocalDate;
@@ -19,22 +21,22 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase<ShareDTO> {
@Test
public void shouldHaveProperAccessForAdmin() {
initAccessFor(ShareDTO.class, Role.ADMIN).shouldBeExactlyFor(
initAccessFor(ShareDTO.class, Admin.ROLE).shouldBeExactlyFor(
"membershipId",
"documentDate",
"quantity",
"action",
"valueDate",
"remark");
updateAccessFor(ShareDTO.class, Role.ADMIN).shouldBeExactlyFor("remark");
readAccessFor(ShareDTO.class, Role.ADMIN).shouldBeForAllFields();
updateAccessFor(ShareDTO.class, Admin.ROLE).shouldBeExactlyFor("remark");
readAccessFor(ShareDTO.class, Admin.ROLE).shouldBeForAllFields();
}
@Test
public void shouldHaveProperAccessForContractualContact() {
initAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
initAccessFor(ShareDTO.class, CustomerContractualContact.ROLE).shouldBeForNothing();
updateAccessFor(ShareDTO.class, CustomerContractualContact.ROLE).shouldBeForNothing();
readAccessFor(ShareDTO.class, CustomerContractualContact.ROLE).shouldBeExactlyFor(
"id",
"membershipId",
"documentDate",
@@ -46,21 +48,21 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase<ShareDTO> {
@Test
public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
initAccessFor(ShareDTO.class, CustomerTechnicalContact.ROLE).shouldBeForNothing();
updateAccessFor(ShareDTO.class, CustomerTechnicalContact.ROLE).shouldBeForNothing();
readAccessFor(ShareDTO.class, CustomerTechnicalContact.ROLE).shouldBeForNothing();
}
@Test
public void shouldHaveNoAccessForNormalUsersWithinCustomerRealm() {
initAccessFor(ShareDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.ANY_CUSTOMER_USER).shouldBeForNothing();
initAccessFor(ShareDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.AnyCustomerUser.ROLE).shouldBeForNothing();
}
// --- only test fixture below ---
public static ShareDTO createSampleDTO(final Long id, final Long parentId) {
private static ShareDTO createSampleDTO(final Long id, final Long parentId) {
final ShareDTO dto = new ShareDTO();
dto.setId(id);
dto.setMembershipId(parentId);
@@ -73,7 +75,7 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase<ShareDTO> {
return dto;
}
public static ShareDTO createRandomDTO(final Long id, final Long parentId) {
private static ShareDTO createRandomDTO(final Long id, final Long parentId) {
final ShareDTO dto = new ShareDTO();
dto.setId(id);
dto.setMembershipId(parentId);

45
src/test/java/org/hostsharing/hsadminng/service/dto/UserRoleAssignmentUnitTest.java
View File

@@ -1,25 +1,17 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.dto;
import static org.apache.commons.lang3.tuple.ImmutablePair.of;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.User;
import org.hostsharing.hsadminng.domain.UserRoleAssignment;
import org.hostsharing.hsadminng.repository.UserRepository;
import org.hostsharing.hsadminng.repository.UserRoleAssignmentRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -35,6 +27,11 @@ import org.springframework.test.context.junit4.SpringRunner;
import java.io.IOException;
import java.util.Optional;
import static org.apache.commons.lang3.tuple.ImmutablePair.of;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given;
@JsonTest
@SpringBootTest(
classes = {
@@ -45,9 +42,9 @@ import java.util.Optional;
@RunWith(SpringRunner.class)
public class UserRoleAssignmentUnitTest {
public static final long USER_ROLE_ASSIGNMENT_ID = 1234L;
public static final long CUSTOMER_ID = 888L;
public static final long USER_ID = 42L;
private static final long USER_ROLE_ASSIGNMENT_ID = 1234L;
private static final long CUSTOMER_ID = 888L;
private static final long USER_ID = 42L;
@Rule
public MockitoRule mockito = MockitoJUnit.rule();
@@ -75,7 +72,11 @@ public class UserRoleAssignmentUnitTest {
public void testSerializationAsContractualCustomerContact() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(
CustomerDTO.class,
CUSTOMER_ID,
Role.CustomerContractualContact.ROLE);
UserRoleAssignment given = createSomeUserRoleAssignment(USER_ROLE_ASSIGNMENT_ID);
// when
@@ -89,7 +90,7 @@ public class UserRoleAssignmentUnitTest {
public void testSerializationAsSupporter() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER);
securityContext.havingAuthenticatedUser().withAuthority(Role.Supporter.ROLE.authority());
UserRoleAssignment given = createSomeUserRoleAssignment(USER_ROLE_ASSIGNMENT_ID);
// when
@@ -102,7 +103,7 @@ public class UserRoleAssignmentUnitTest {
@Test
public void testDeserializeAsAdmin() throws IOException {
// given
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
securityContext.havingAuthenticatedUser().withAuthority(Role.Admin.ROLE.authority());
given(userRoleAssignmentRepository.findById(USER_ROLE_ASSIGNMENT_ID))
.willReturn(Optional.of(new UserRoleAssignment().id(USER_ROLE_ASSIGNMENT_ID)));
final User expectedUser = new User().id(USER_ID);
@@ -115,7 +116,7 @@ public class UserRoleAssignmentUnitTest {
"user",
JSonBuilder.asJSon(
of("id", USER_ID))),
of("assignedRole", Role.CUSTOMER_TECHNICAL_CONTACT.name()));
of("assignedRole", Role.CustomerTechnicalContact.ROLE.name()));
// when
UserRoleAssignment actual = objectMapper.readValue(json, UserRoleAssignment.class);
@@ -125,11 +126,17 @@ public class UserRoleAssignmentUnitTest {
expected.setId(USER_ROLE_ASSIGNMENT_ID);
expected.setEntityTypeId(Customer.ENTITY_TYPE_ID);
expected.setEntityObjectId(CUSTOMER_ID);
expected.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT);
expected.setAssignedRole(Role.CustomerTechnicalContact.ROLE);
expected.setUser(expectedUser);
assertThat(actual).isEqualToComparingFieldByField(expected);
}
@Test
public void getAssignedRoleHandlesNullValue() {
assertThat(new UserRoleAssignment().assignedRole(null).getAssignedRole()).isNull();
assertThat(new UserRoleAssignment().assignedRole(Role.Admin.ROLE).getAssignedRole()).isEqualTo(Role.Admin.ROLE);
}
// --- only test fixture below ---
public static String createExpectedJSon(UserRoleAssignment dto) {
@@ -148,7 +155,7 @@ public class UserRoleAssignmentUnitTest {
given.setEntityTypeId(Customer.ENTITY_TYPE_ID);
given.setEntityObjectId(CUSTOMER_ID);
given.setUser(new User().id(USER_ID));
given.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT);
given.setAssignedRole(Role.CustomerTechnicalContact.ROLE);
return given;
}
}

18
src/test/java/org/hostsharing/hsadminng/web/rest/AssetResourceIntTest.java
View File

@@ -1,26 +1,19 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.web.rest;
import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.hasItem;
import static org.hostsharing.hsadminng.web.rest.TestUtil.createFormattingConversionService;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
import org.hostsharing.hsadminng.HsadminNgApp;
import org.hostsharing.hsadminng.domain.Asset;
import org.hostsharing.hsadminng.domain.Membership;
import org.hostsharing.hsadminng.domain.enumeration.AssetAction;
import org.hostsharing.hsadminng.repository.AssetRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.AssetQueryService;
import org.hostsharing.hsadminng.service.AssetService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.dto.AssetDTO;
import org.hostsharing.hsadminng.service.mapper.AssetMapper;
import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -37,13 +30,18 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.Validator;
import javax.persistence.EntityManager;
import java.math.BigDecimal;
import java.math.RoundingMode;
import java.time.LocalDate;
import java.time.ZoneId;
import java.util.List;
import javax.persistence.EntityManager;
import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.hasItem;
import static org.hostsharing.hsadminng.web.rest.TestUtil.createFormattingConversionService;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
/**
* Test class for the AssetResource REST controller.
@@ -107,7 +105,7 @@ public class AssetResourceIntTest {
public void setup() {
SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withAuthority(AuthoritiesConstants.ADMIN);
.withAuthority(Role.Admin.ROLE.authority());
MockitoAnnotations.initMocks(this);
final AssetResource assetResource = new AssetResource(assetService, assetQueryService);

18
src/test/java/org/hostsharing/hsadminng/web/rest/ShareResourceIntTest.java
View File

@@ -1,26 +1,19 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.web.rest;
import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.hasItem;
import static org.hostsharing.hsadminng.web.rest.TestUtil.createFormattingConversionService;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
import org.hostsharing.hsadminng.HsadminNgApp;
import org.hostsharing.hsadminng.domain.Membership;
import org.hostsharing.hsadminng.domain.Share;
import org.hostsharing.hsadminng.domain.enumeration.ShareAction;
import org.hostsharing.hsadminng.repository.ShareRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.ShareQueryService;
import org.hostsharing.hsadminng.service.ShareService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.dto.ShareDTO;
import org.hostsharing.hsadminng.service.mapper.ShareMapper;
import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -37,11 +30,16 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.Validator;
import javax.persistence.EntityManager;
import java.time.LocalDate;
import java.time.ZoneId;
import java.util.List;
import javax.persistence.EntityManager;
import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.hasItem;
import static org.hostsharing.hsadminng.web.rest.TestUtil.createFormattingConversionService;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
/**
* Test class for the ShareResource REST controller.
@@ -105,7 +103,7 @@ public class ShareResourceIntTest {
public void setup() {
SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withAuthority(AuthoritiesConstants.ADMIN);
.withAuthority(Role.Admin.ROLE.authority());
MockitoAnnotations.initMocks(this);
final ShareResource shareResource = new ShareResource(shareService, shareQueryService);

54
src/test/java/org/hostsharing/hsadminng/web/rest/UserRoleAssignmentResourceIntTest.java
View File

@@ -1,23 +1,18 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.web.rest;
import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.hasItem;
import static org.hostsharing.hsadminng.web.rest.TestUtil.createFormattingConversionService;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
import org.hostsharing.hsadminng.HsadminNgApp;
import org.hostsharing.hsadminng.domain.User;
import org.hostsharing.hsadminng.domain.UserRoleAssignment;
import org.hostsharing.hsadminng.repository.UserRoleAssignmentRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.UserRoleAssignmentQueryService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.Role.Admin;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerContractualContact;
import org.hostsharing.hsadminng.service.accessfilter.Role.CustomerTechnicalContact;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextFake;
import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -33,9 +28,14 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.Validator;
import javax.persistence.EntityManager;
import java.util.List;
import javax.persistence.EntityManager;
import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.hasItem;
import static org.hostsharing.hsadminng.web.rest.TestUtil.createFormattingConversionService;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
/**
* Test class for the UserRoleAssignmentResource REST controller.
@@ -43,7 +43,7 @@ import javax.persistence.EntityManager;
* @see UserRoleAssignmentResource
*/
@RunWith(SpringRunner.class)
@SpringBootTest(classes = HsadminNgApp.class)
@SpringBootTest(classes = { HsadminNgApp.class })
public class UserRoleAssignmentResourceIntTest {
private static final String DEFAULT_ENTITY_TYPE_ID = "AAAAAAAAAA";
@@ -52,8 +52,8 @@ public class UserRoleAssignmentResourceIntTest {
private static final Long DEFAULT_ENTITY_OBJECT_ID = 1L;
private static final Long UPDATED_ENTITY_OBJECT_ID = 2L;
private static final Role DEFAULT_ASSIGNED_ROLE = Role.HOSTMASTER;
private static final Role UPDATED_ASSIGNED_ROLE = Role.ADMIN;
private static final Role DEFAULT_ASSIGNED_ROLE = CustomerTechnicalContact.ROLE;
private static final Role UPDATED_ASSIGNED_ROLE = CustomerContractualContact.ROLE;
@Autowired
private UserRoleAssignmentRepository userRoleAssignmentRepository;
@@ -97,7 +97,7 @@ public class UserRoleAssignmentResourceIntTest {
.setValidator(validator)
.build();
SecurityContextFake.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER);
SecurityContextFake.havingAuthenticatedUser().withAuthority(Role.Supporter.ROLE.authority());
}
/**
@@ -110,12 +110,11 @@ public class UserRoleAssignmentResourceIntTest {
User user = UserResourceIntTest.createEntity(em);
em.persist(user);
em.flush();
UserRoleAssignment userRoleAssignment = new UserRoleAssignment()
return new UserRoleAssignment()
.entityTypeId(DEFAULT_ENTITY_TYPE_ID)
.entityObjectId(DEFAULT_ENTITY_OBJECT_ID)
.user(user)
.assignedRole(DEFAULT_ASSIGNED_ROLE);
return userRoleAssignment;
}
@Before
@@ -129,7 +128,7 @@ public class UserRoleAssignmentResourceIntTest {
int databaseSizeBeforeCreate = userRoleAssignmentRepository.findAll().size();
// Create the UserRoleAssignment
SecurityContextFake.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
SecurityContextFake.havingAuthenticatedUser().withAuthority(Admin.ROLE.authority());
restUserRoleAssignmentMockMvc.perform(
post("/api/user-role-assignments")
.contentType(TestUtil.APPLICATION_JSON_UTF8)
@@ -142,6 +141,7 @@ public class UserRoleAssignmentResourceIntTest {
UserRoleAssignment testUserRoleAssignment = userRoleAssignmentList.get(userRoleAssignmentList.size() - 1);
assertThat(testUserRoleAssignment.getEntityTypeId()).isEqualTo(DEFAULT_ENTITY_TYPE_ID);
assertThat(testUserRoleAssignment.getEntityObjectId()).isEqualTo(DEFAULT_ENTITY_OBJECT_ID);
assertThat(testUserRoleAssignment.getAssignedRole().name()).isEqualTo(DEFAULT_ASSIGNED_ROLE.name());
assertThat(testUserRoleAssignment.getAssignedRole()).isEqualTo(DEFAULT_ASSIGNED_ROLE);
}
@@ -233,9 +233,9 @@ public class UserRoleAssignmentResourceIntTest {
.andExpect(status().isOk())
.andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8_VALUE))
.andExpect(jsonPath("$.[*].id").value(hasItem(userRoleAssignment.getId().intValue())))
.andExpect(jsonPath("$.[*].entityTypeId").value(hasItem(DEFAULT_ENTITY_TYPE_ID.toString())))
.andExpect(jsonPath("$.[*].entityTypeId").value(hasItem(DEFAULT_ENTITY_TYPE_ID)))
.andExpect(jsonPath("$.[*].entityObjectId").value(hasItem(DEFAULT_ENTITY_OBJECT_ID.intValue())))
.andExpect(jsonPath("$.[*].assignedRole").value(hasItem(DEFAULT_ASSIGNED_ROLE.toString())));
.andExpect(jsonPath("$.[*].assignedRole").value(hasItem(DEFAULT_ASSIGNED_ROLE.name())));
}
@Test
@@ -249,9 +249,9 @@ public class UserRoleAssignmentResourceIntTest {
.andExpect(status().isOk())
.andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8_VALUE))
.andExpect(jsonPath("$.id").value(userRoleAssignment.getId().intValue()))
.andExpect(jsonPath("$.entityTypeId").value(DEFAULT_ENTITY_TYPE_ID.toString()))
.andExpect(jsonPath("$.entityTypeId").value(DEFAULT_ENTITY_TYPE_ID))
.andExpect(jsonPath("$.entityObjectId").value(DEFAULT_ENTITY_OBJECT_ID.intValue()))
.andExpect(jsonPath("$.assignedRole").value(DEFAULT_ASSIGNED_ROLE.toString()));
.andExpect(jsonPath("$.assignedRole").value(DEFAULT_ASSIGNED_ROLE.name()));
}
@Test
@@ -366,10 +366,10 @@ public class UserRoleAssignmentResourceIntTest {
userRoleAssignmentRepository.saveAndFlush(userRoleAssignment);
// Get all the userRoleAssignmentList where assignedRole equals to DEFAULT_ASSIGNED_ROLE
defaultUserRoleAssignmentShouldBeFound("assignedRole.equals=" + DEFAULT_ASSIGNED_ROLE);
defaultUserRoleAssignmentShouldBeFound("assignedRole.equals=" + DEFAULT_ASSIGNED_ROLE.name());
// Get all the userRoleAssignmentList where assignedRole equals to UPDATED_ASSIGNED_ROLE
defaultUserRoleAssignmentShouldNotBeFound("assignedRole.equals=" + UPDATED_ASSIGNED_ROLE);
defaultUserRoleAssignmentShouldNotBeFound("assignedRole.equals=" + UPDATED_ASSIGNED_ROLE.name());
}
@Test
@@ -379,10 +379,11 @@ public class UserRoleAssignmentResourceIntTest {
userRoleAssignmentRepository.saveAndFlush(userRoleAssignment);
// Get all the userRoleAssignmentList where assignedRole in DEFAULT_ASSIGNED_ROLE or UPDATED_ASSIGNED_ROLE
defaultUserRoleAssignmentShouldBeFound("assignedRole.in=" + DEFAULT_ASSIGNED_ROLE + "," + UPDATED_ASSIGNED_ROLE);
defaultUserRoleAssignmentShouldBeFound(
"assignedRole.in=" + DEFAULT_ASSIGNED_ROLE.name() + "," + UPDATED_ASSIGNED_ROLE.name());
// Get all the userRoleAssignmentList where assignedRole equals to UPDATED_ASSIGNED_ROLE
defaultUserRoleAssignmentShouldNotBeFound("assignedRole.in=" + UPDATED_ASSIGNED_ROLE);
defaultUserRoleAssignmentShouldNotBeFound("assignedRole.in=" + UPDATED_ASSIGNED_ROLE.name());
}
@Test
@@ -426,7 +427,7 @@ public class UserRoleAssignmentResourceIntTest {
.andExpect(jsonPath("$.[*].id").value(hasItem(userRoleAssignment.getId().intValue())))
.andExpect(jsonPath("$.[*].entityTypeId").value(hasItem(DEFAULT_ENTITY_TYPE_ID)))
.andExpect(jsonPath("$.[*].entityObjectId").value(hasItem(DEFAULT_ENTITY_OBJECT_ID.intValue())))
.andExpect(jsonPath("$.[*].assignedRole").value(hasItem(DEFAULT_ASSIGNED_ROLE.toString())));
.andExpect(jsonPath("$.[*].assignedRole").value(hasItem(DEFAULT_ASSIGNED_ROLE.name())));
// Check, that the count call also returns 1
restUserRoleAssignmentMockMvc.perform(get("/api/user-role-assignments/count?sort=id,desc&" + filter))
@@ -469,7 +470,7 @@ public class UserRoleAssignmentResourceIntTest {
int databaseSizeBeforeUpdate = userRoleAssignmentRepository.findAll().size();
// Update the userRoleAssignment
SecurityContextFake.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
SecurityContextFake.havingAuthenticatedUser().withAuthority(Admin.ROLE.authority());
UserRoleAssignment updatedUserRoleAssignment = userRoleAssignmentRepository.findById(userRoleAssignment.getId()).get();
// Disconnect from session so that the updates on updatedUserRoleAssignment are not directly saved in db
em.detach(updatedUserRoleAssignment);
@@ -490,6 +491,7 @@ public class UserRoleAssignmentResourceIntTest {
UserRoleAssignment testUserRoleAssignment = userRoleAssignmentList.get(userRoleAssignmentList.size() - 1);
assertThat(testUserRoleAssignment.getEntityTypeId()).isEqualTo(UPDATED_ENTITY_TYPE_ID);
assertThat(testUserRoleAssignment.getEntityObjectId()).isEqualTo(UPDATED_ENTITY_OBJECT_ID);
assertThat(testUserRoleAssignment.getAssignedRole().name()).isEqualTo(UPDATED_ASSIGNED_ROLE.name());
assertThat(testUserRoleAssignment.getAssignedRole()).isEqualTo(UPDATED_ASSIGNED_ROLE);
}