api-definition subdirectories rbac+test
This commit is contained in:
		
							
								
								
									
										51
									
								
								build.gradle
									
									
									
									
									
								
							
							
						
						
									
										51
									
								
								build.gradle
									
									
									
									
									
								
							| @@ -97,18 +97,39 @@ tasks.named('test') { | ||||
|  | ||||
| // OpenAPI Source Code Generation | ||||
| openapiProcessor { | ||||
|     spring { | ||||
|     springRoot { | ||||
|         processorName 'spring' | ||||
|         processor 'io.openapiprocessor:openapi-processor-spring:2022.4' | ||||
|         apiPath "$projectDir/src/main/resources/api-definition.yaml" | ||||
|         targetDir "$projectDir/build/generated/sources/openapi" | ||||
|         mapping "$projectDir/src/main/resources/api-mappings.yaml" | ||||
|         targetDir "$projectDir/build/generated/sources/openapi" | ||||
|         showWarnings true | ||||
|         openApiNullable true | ||||
|     } | ||||
|     springRbac { | ||||
|         processorName 'spring' | ||||
|         processor 'io.openapiprocessor:openapi-processor-spring:2022.4' | ||||
|         apiPath "$projectDir/src/main/resources/api-definition/rbac/rbac.yaml" | ||||
|         mapping "$projectDir/src/main/resources/api-definition/rbac/api-mappings.yaml" | ||||
|         targetDir "$projectDir/build/generated/sources/openapi" | ||||
|         showWarnings true | ||||
|         openApiNullable true | ||||
|     } | ||||
|     springTest { | ||||
|         processorName 'spring' | ||||
|         processor 'io.openapiprocessor:openapi-processor-spring:2022.4' | ||||
|         apiPath "$projectDir/src/main/resources/api-definition/test/test.yaml" | ||||
|         mapping "$projectDir/src/main/resources/api-definition/test/api-mappings.yaml" | ||||
|         targetDir "$projectDir/build/generated/sources/openapi" | ||||
|         showWarnings true | ||||
|         openApiNullable true | ||||
|     } | ||||
| } | ||||
| sourceSets.main.java.srcDir 'build/generated/sources/openapi' | ||||
| project.tasks.processResources.dependsOn('processSpring') | ||||
| project.tasks.compileJava.dependsOn('processSpring') | ||||
| ['processSpringRoot', 'processSpringRbac', 'processSpringTest'].each { | ||||
|     project.tasks.processResources.dependsOn it | ||||
|     project.tasks.compileJava.dependsOn it | ||||
| } | ||||
|  | ||||
| // Spotless Code Formatting | ||||
| spotless { | ||||
| @@ -154,7 +175,7 @@ jacoco { | ||||
| test { | ||||
|     finalizedBy jacocoTestReport // generate report after tests | ||||
|     excludes = [ | ||||
|             'net.hostsharing.hsadminng.generated.**', | ||||
|             'net.hostsharing.hsadminng.**.generated.**', | ||||
|     ] | ||||
| } | ||||
| jacocoTestReport { | ||||
| @@ -162,8 +183,8 @@ jacocoTestReport { | ||||
|     afterEvaluate { | ||||
|         classDirectories.setFrom(files(classDirectories.files.collect { | ||||
|             fileTree(dir: it, exclude: [ | ||||
|                     "net/hostsharing/hsadminng/generated/**/*.class", | ||||
|                     "net/hostsharing/hsadminng/TestController.class", | ||||
|                     "net/hostsharing/hsadminng/**/generated/**/*.class", | ||||
|                     "net/hostsharing/hsadminng/PingController.class", | ||||
|                     "net/hostsharing/hsadminng/hs/hscustomer/HsadminNgApplication.class" | ||||
|             ]) | ||||
|         })) | ||||
| @@ -176,12 +197,8 @@ project.tasks.check.dependsOn(jacocoTestCoverageVerification) | ||||
| jacocoTestCoverageVerification { | ||||
|     violationRules { | ||||
|         rule { | ||||
|             excludes = [ | ||||
|                     'net.hostsharing.hsadminng.generated.**', | ||||
|                     'net.hostsharing.hsadminng.HsadminNgApplication' // main method | ||||
|             ] | ||||
|             limit { | ||||
|                 minimum = 0.94 | ||||
|                 minimum = 0.90 | ||||
|             } | ||||
|         } | ||||
|  | ||||
| @@ -192,9 +209,9 @@ jacocoTestCoverageVerification { | ||||
|         rule { | ||||
|             element = 'CLASS' | ||||
|             excludes = [ | ||||
|                     'net.hostsharing.hsadminng.generated.**', | ||||
|                     'net.hostsharing.hsadminng.**.generated.**', | ||||
|                     'net.hostsharing.hsadminng.HsadminNgApplication', | ||||
|                     'net.hostsharing.hsadminng.TestController', | ||||
|                     'net.hostsharing.hsadminng.PingController', | ||||
|                     'net.hostsharing.hsadminng.Mapper' | ||||
|             ] | ||||
|  | ||||
| @@ -207,9 +224,9 @@ jacocoTestCoverageVerification { | ||||
|         rule { | ||||
|             element = 'METHOD' | ||||
|             excludes = [ | ||||
|                     'net.hostsharing.hsadminng.generated.**', | ||||
|                     'net.hostsharing.hsadminng.**.generated.**', | ||||
|                     'net.hostsharing.hsadminng.HsadminNgApplication.main', | ||||
|                     'net.hostsharing.hsadminng.TestController.*' | ||||
|                     'net.hostsharing.hsadminng.PingController.*' | ||||
|             ] | ||||
|  | ||||
|             limit { | ||||
| @@ -226,7 +243,7 @@ pitest { | ||||
|     targetClasses = ['net.hostsharing.hsadminng.**'] | ||||
|     excludedClasses = [ | ||||
|             'net.hostsharing.hsadminng.config.**', | ||||
|             'net.hostsharing.hsadminng.generated.**' | ||||
|             'net.hostsharing.hsadminng.**.generated.**' | ||||
|     ] | ||||
|  | ||||
|     targetTests = ['net.hostsharing.hsadminng.**.*UnitTest', 'net.hostsharing.hsadminng.**.*RestTest'] | ||||
|   | ||||
| @@ -6,7 +6,7 @@ import org.springframework.web.bind.annotation.RequestMethod; | ||||
| import org.springframework.web.bind.annotation.ResponseBody; | ||||
| 
 | ||||
| @Controller | ||||
| public class TestController { | ||||
| public class PingController { | ||||
| 
 | ||||
|     @ResponseBody | ||||
|     @RequestMapping(value = "/api/ping", method = RequestMethod.GET) | ||||
| @@ -1,8 +1,8 @@ | ||||
| package net.hostsharing.hsadminng.rbac.rbacgrant; | ||||
|  | ||||
| import net.hostsharing.hsadminng.context.Context; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.api.RbacgrantsApi; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.model.RbacGrantResource; | ||||
| import net.hostsharing.hsadminng.rbac.generated.api.v1.api.RbacGrantsApi; | ||||
| import net.hostsharing.hsadminng.rbac.generated.api.v1.model.RbacGrantResource; | ||||
| import org.springframework.beans.factory.annotation.Autowired; | ||||
| import org.springframework.http.ResponseEntity; | ||||
| import org.springframework.transaction.annotation.Transactional; | ||||
| @@ -18,7 +18,7 @@ import static net.hostsharing.hsadminng.Mapper.mapList; | ||||
|  | ||||
| @RestController | ||||
|  | ||||
| public class RbacGrantController implements RbacgrantsApi { | ||||
| public class RbacGrantController implements RbacGrantsApi { | ||||
|  | ||||
|     @Autowired | ||||
|     private Context context; | ||||
| @@ -73,7 +73,7 @@ public class RbacGrantController implements RbacgrantsApi { | ||||
|  | ||||
|         final var uri = | ||||
|                 MvcUriComponentsBuilder.fromController(getClass()) | ||||
|                         .path("/api/rbac/grants/{roleUuid}") | ||||
|                         .path("/api/rbac.yaml/grants/{roleUuid}") | ||||
|                         .buildAndExpand(body.getGrantedRoleUuid()) | ||||
|                         .toUri(); | ||||
|         return ResponseEntity.created(uri).body(map(granted, RbacGrantResource.class)); | ||||
|   | ||||
| @@ -1,8 +1,8 @@ | ||||
| package net.hostsharing.hsadminng.rbac.rbacrole; | ||||
|  | ||||
| import net.hostsharing.hsadminng.context.Context; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.api.RbacrolesApi; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.model.RbacRoleResource; | ||||
| import net.hostsharing.hsadminng.rbac.generated.api.v1.api.RbacRolesApi; | ||||
| import net.hostsharing.hsadminng.rbac.generated.api.v1.model.RbacRoleResource; | ||||
| import org.springframework.beans.factory.annotation.Autowired; | ||||
| import org.springframework.http.ResponseEntity; | ||||
| import org.springframework.transaction.annotation.Transactional; | ||||
| @@ -14,7 +14,7 @@ import static net.hostsharing.hsadminng.Mapper.mapList; | ||||
|  | ||||
| @RestController | ||||
|  | ||||
| public class RbacRoleController implements RbacrolesApi { | ||||
| public class RbacRoleController implements RbacRolesApi { | ||||
|  | ||||
|     @Autowired | ||||
|     private Context context; | ||||
|   | ||||
| @@ -1,9 +1,9 @@ | ||||
| package net.hostsharing.hsadminng.rbac.rbacuser; | ||||
|  | ||||
| import net.hostsharing.hsadminng.context.Context; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.api.RbacusersApi; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.model.RbacUserPermissionResource; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.model.RbacUserResource; | ||||
| import net.hostsharing.hsadminng.rbac.generated.api.v1.api.RbacUsersApi; | ||||
| import net.hostsharing.hsadminng.rbac.generated.api.v1.model.RbacUserPermissionResource; | ||||
| import net.hostsharing.hsadminng.rbac.generated.api.v1.model.RbacUserResource; | ||||
| import org.springframework.beans.factory.annotation.Autowired; | ||||
| import org.springframework.http.ResponseEntity; | ||||
| import org.springframework.transaction.annotation.Transactional; | ||||
| @@ -17,7 +17,7 @@ import static net.hostsharing.hsadminng.Mapper.map; | ||||
| import static net.hostsharing.hsadminng.Mapper.mapList; | ||||
|  | ||||
| @RestController | ||||
| public class RbacUserController implements RbacusersApi { | ||||
| public class RbacUserController implements RbacUsersApi { | ||||
|  | ||||
|     @Autowired | ||||
|     private Context context; | ||||
| @@ -39,7 +39,7 @@ public class RbacUserController implements RbacusersApi { | ||||
|         rbacUserRepository.create(saved); | ||||
|         final var uri = | ||||
|                 MvcUriComponentsBuilder.fromController(getClass()) | ||||
|                         .path("/api/rbac/users/{id}") | ||||
|                         .path("/api/rbac.yaml/users/{id}") | ||||
|                         .buildAndExpand(saved.getUuid()) | ||||
|                         .toUri(); | ||||
|         return ResponseEntity.created(uri).body(map(saved, RbacUserResource.class)); | ||||
|   | ||||
| @@ -1,8 +1,8 @@ | ||||
| package net.hostsharing.hsadminng.test.cust; | ||||
|  | ||||
| import net.hostsharing.hsadminng.context.Context; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.api.TestCustomersApi; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.model.TestCustomerResource; | ||||
| import net.hostsharing.hsadminng.test.generated.api.v1.api.TestCustomersApi; | ||||
| import net.hostsharing.hsadminng.test.generated.api.v1.model.TestCustomerResource; | ||||
| import org.springframework.beans.factory.annotation.Autowired; | ||||
| import org.springframework.http.ResponseEntity; | ||||
| import org.springframework.transaction.annotation.Transactional; | ||||
|   | ||||
| @@ -2,9 +2,9 @@ package net.hostsharing.hsadminng.test.pac; | ||||
|  | ||||
| import net.hostsharing.hsadminng.OptionalFromJson; | ||||
| import net.hostsharing.hsadminng.context.Context; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.api.TestPackagesApi; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.model.TestPackageResource; | ||||
| import net.hostsharing.hsadminng.generated.api.v1.model.TestPackageUpdateResource; | ||||
| import net.hostsharing.hsadminng.test.generated.api.v1.api.TestPackagesApi; | ||||
| import net.hostsharing.hsadminng.test.generated.api.v1.model.TestPackageResource; | ||||
| import net.hostsharing.hsadminng.test.generated.api.v1.model.TestPackageUpdateResource; | ||||
| import org.springframework.beans.factory.annotation.Autowired; | ||||
| import org.springframework.http.ResponseEntity; | ||||
| import org.springframework.transaction.annotation.Transactional; | ||||
|   | ||||
| @@ -8,41 +8,6 @@ servers: | ||||
|  | ||||
| paths: | ||||
|  | ||||
|     # RBAC | ||||
|  | ||||
|     /api/rbac/users: | ||||
|         $ref: "./api-definition/rbac-users.yaml" | ||||
|  | ||||
|     /api/rbac/users/{userUuid}/permissions: | ||||
|         $ref: "./api-definition/rbac-users-with-id-permissions.yaml" | ||||
|  | ||||
|     /api/rbac/users/{userUuid}: | ||||
|         $ref: "./api-definition/rbac-users-with-uuid.yaml" | ||||
|  | ||||
|     /api/rbac/roles: | ||||
|         $ref: "./api-definition/rbac-roles.yaml" | ||||
|  | ||||
|     /api/rbac/grants: | ||||
|         $ref: "./api-definition/rbac-grants.yaml" | ||||
|  | ||||
|     /api/rbac/grants/{grantedRoleUuid}/{granteeUserUuid}: | ||||
|         $ref: "./api-definition/rbac-grants-with-id.yaml" | ||||
|  | ||||
|  | ||||
|     # Test-Entities for RBAC | ||||
|  | ||||
|     /api/test/customers: | ||||
|         $ref: "./api-definition/test-customers.yaml" | ||||
|  | ||||
|     /api/test/packages: | ||||
|         $ref: "./api-definition/test-packages.yaml" | ||||
|  | ||||
|     /api/test/packages/{packageUUID}: | ||||
|         $ref: "./api-definition/test-packages-uuid.yaml" | ||||
|  | ||||
|  | ||||
|     # Other | ||||
|  | ||||
|     /api/ping: | ||||
|         get: | ||||
|             tags: | ||||
|   | ||||
| @@ -1,5 +0,0 @@ | ||||
| The symbolik self-link 'api-definition' is a workaround to align IntelliJ IDEAs relative link interpretation with the interpretation of OpenAPI-generator. | ||||
| Where IDEA only uses the path of the file in which the `$ref` is used, | ||||
| the OpenAPI-generator always uses the path of the root API definition to resolve relative links. | ||||
|  | ||||
| See also https://github.com/OpenAPITools/openapi-generator/issues/10320. | ||||
| @@ -1 +0,0 @@ | ||||
| . | ||||
| @@ -1,43 +0,0 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - rbacgrants | ||||
|     operationId: listUserGrants | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' | ||||
|  | ||||
| post: | ||||
|     tags: | ||||
|         - rbacgrants | ||||
|     operationId: grantRoleToUser | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|     requestBody: | ||||
|         required: true | ||||
|         content: | ||||
|             application/json: | ||||
|                 schema: | ||||
|                     $ref: './api-definition/rbac-grant-schemas.yaml#/components/schemas/RbacGrant' | ||||
|     responses: | ||||
|         "201": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         $ref: './api-definition/rbac-grant-schemas.yaml#/components/schemas/RbacGrant' | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
|         "409": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Conflict' | ||||
| @@ -1,16 +0,0 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - rbacroles | ||||
|     operationId: listRoles | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './api-definition/rbac-role-schemas.yaml#/components/schemas/RbacRole' | ||||
| @@ -1,51 +0,0 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - rbacusers | ||||
|     description: 'Fetch a single user by its id, if visible for the current subject.' | ||||
|     operationId: getUserById | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: userUuid | ||||
|           in: path | ||||
|           required: true | ||||
|           schema: | ||||
|               type: string | ||||
|               format: uuid | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser' | ||||
|  | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
|  | ||||
|  | ||||
| delete: | ||||
|     tags: | ||||
|         - rbacusers | ||||
|     operationId: deleteUserByUuid | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: userUuid | ||||
|           in: path | ||||
|           required: true | ||||
|           schema: | ||||
|               type: string | ||||
|               format: uuid | ||||
|           description: UUID of the user to delete. | ||||
|     responses: | ||||
|         "204": | ||||
|             description: No Content | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
|         "404": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/NotFound' | ||||
| @@ -1,48 +0,0 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - rbacusers | ||||
|     description: List accessible RBAC users with optional filter by name. | ||||
|     operationId: listUsers | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: name | ||||
|           in: query | ||||
|           required: false | ||||
|           schema: | ||||
|               type: string | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser' | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
|  | ||||
| post: | ||||
|     tags: | ||||
|         - rbacusers | ||||
|     description: Create a new RBAC user. | ||||
|     operationId: createUser | ||||
|     requestBody: | ||||
|         required: true | ||||
|         content: | ||||
|             application/json: | ||||
|                 schema: | ||||
|                     $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser' | ||||
|     responses: | ||||
|         "201": | ||||
|             description: Created | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser' | ||||
|         "409": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Conflict' | ||||
|  | ||||
							
								
								
									
										12
									
								
								src/main/resources/api-definition/rbac/api-mappings.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								src/main/resources/api-definition/rbac/api-mappings.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,12 @@ | ||||
| openapi-processor-mapping: v2 | ||||
|  | ||||
| options: | ||||
|     package-name: net.hostsharing.hsadminng.rbac.generated.api.v1 | ||||
|     model-name-suffix: Resource | ||||
|  | ||||
| map: | ||||
|     result: org.springframework.http.ResponseEntity | ||||
|  | ||||
|     types: | ||||
|         - type: array => java.util.List | ||||
|         - type: string:uuid => java.util.UUID | ||||
							
								
								
									
										1
									
								
								src/main/resources/api-definition/rbac/auth.yaml
									
									
									
									
									
										Symbolic link
									
								
							
							
						
						
									
										1
									
								
								src/main/resources/api-definition/rbac/auth.yaml
									
									
									
									
									
										Symbolic link
									
								
							| @@ -0,0 +1 @@ | ||||
| ../auth.yaml | ||||
							
								
								
									
										1
									
								
								src/main/resources/api-definition/rbac/error-responses.yaml
									
									
									
									
									
										Symbolic link
									
								
							
							
						
						
									
										1
									
								
								src/main/resources/api-definition/rbac/error-responses.yaml
									
									
									
									
									
										Symbolic link
									
								
							| @@ -0,0 +1 @@ | ||||
| ../error-responses.yaml | ||||
| @@ -1,10 +1,10 @@ | ||||
| get: | ||||
|   tags: | ||||
|     - rbacgrants | ||||
|     - rbac-grants | ||||
|   operationId: getGrantById | ||||
|   parameters: | ||||
|     - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|     - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|     - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|     - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|     - name: grantedRoleUuid | ||||
|       in: path | ||||
|       required: true | ||||
| @@ -25,21 +25,21 @@ get: | ||||
|       content: | ||||
|         'application/json': | ||||
|             schema: | ||||
|               $ref: './api-definition/rbac-grant-schemas.yaml#/components/schemas/RbacGrant' | ||||
|               $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' | ||||
|     "401": | ||||
|       $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|       $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|     "403": | ||||
|       $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
|       $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
|     "404": | ||||
|       $ref: './api-definition/error-responses.yaml#/components/responses/NotFound' | ||||
|       $ref: './error-responses.yaml#/components/responses/NotFound' | ||||
| 
 | ||||
| delete: | ||||
|     tags: | ||||
|         - rbacgrants | ||||
|         - rbac-grants | ||||
|     operationId: revokeRoleFromUser | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: grantedRoleUuid | ||||
|           in: path | ||||
|           required: true | ||||
| @@ -58,8 +58,8 @@ delete: | ||||
|         "204": | ||||
|             description: No Content | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
|         "404": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/NotFound' | ||||
|             $ref: './error-responses.yaml#/components/responses/NotFound' | ||||
							
								
								
									
										43
									
								
								src/main/resources/api-definition/rbac/rbac-grants.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										43
									
								
								src/main/resources/api-definition/rbac/rbac-grants.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,43 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - rbac-grants | ||||
|     operationId: listUserGrants | ||||
|     parameters: | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' | ||||
|  | ||||
| post: | ||||
|     tags: | ||||
|         - rbac-grants | ||||
|     operationId: grantRoleToUser | ||||
|     parameters: | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|     requestBody: | ||||
|         required: true | ||||
|         content: | ||||
|             application/json: | ||||
|                 schema: | ||||
|                     $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' | ||||
|     responses: | ||||
|         "201": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' | ||||
|         "401": | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
|         "409": | ||||
|             $ref: './error-responses.yaml#/components/responses/Conflict' | ||||
							
								
								
									
										16
									
								
								src/main/resources/api-definition/rbac/rbac-roles.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										16
									
								
								src/main/resources/api-definition/rbac/rbac-roles.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,16 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - rbac-roles | ||||
|     operationId: listRoles | ||||
|     parameters: | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './rbac-role-schemas.yaml#/components/schemas/RbacRole' | ||||
| @@ -1,11 +1,11 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - rbacusers | ||||
|         - rbac-users | ||||
|     description: 'List all visible permissions granted to the given user; reduced ' | ||||
|     operationId: listUserPermissions | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: userUuid | ||||
|           in: path | ||||
|           required: true | ||||
| @@ -20,9 +20,9 @@ get: | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUserPermission' | ||||
|                             $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUserPermission' | ||||
| 
 | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
| @@ -0,0 +1,51 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - rbac-users | ||||
|     description: 'Fetch a single user by its id, if visible for the current subject.' | ||||
|     operationId: getUserById | ||||
|     parameters: | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: userUuid | ||||
|           in: path | ||||
|           required: true | ||||
|           schema: | ||||
|               type: string | ||||
|               format: uuid | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUser' | ||||
|  | ||||
|         "401": | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
|  | ||||
|  | ||||
| delete: | ||||
|     tags: | ||||
|         - rbac-users | ||||
|     operationId: deleteUserByUuid | ||||
|     parameters: | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: userUuid | ||||
|           in: path | ||||
|           required: true | ||||
|           schema: | ||||
|               type: string | ||||
|               format: uuid | ||||
|           description: UUID of the user to delete. | ||||
|     responses: | ||||
|         "204": | ||||
|             description: No Content | ||||
|         "401": | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
|         "404": | ||||
|             $ref: './error-responses.yaml#/components/responses/NotFound' | ||||
							
								
								
									
										48
									
								
								src/main/resources/api-definition/rbac/rbac-users.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										48
									
								
								src/main/resources/api-definition/rbac/rbac-users.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,48 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - rbac-users | ||||
|     description: List accessible RBAC users with optional filter by name. | ||||
|     operationId: listUsers | ||||
|     parameters: | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: name | ||||
|           in: query | ||||
|           required: false | ||||
|           schema: | ||||
|               type: string | ||||
|     responses: | ||||
|         '200': | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUser' | ||||
|         '401': | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         '403': | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
|  | ||||
| post: | ||||
|     tags: | ||||
|         - rbac-users | ||||
|     description: Create a new RBAC user. | ||||
|     operationId: createUser | ||||
|     requestBody: | ||||
|         required: true | ||||
|         content: | ||||
|             application/json: | ||||
|                 schema: | ||||
|                     $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUser' | ||||
|     responses: | ||||
|         '201': | ||||
|             description: Created | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUser' | ||||
|         '409': | ||||
|             $ref: './error-responses.yaml#/components/responses/Conflict' | ||||
|  | ||||
							
								
								
									
										28
									
								
								src/main/resources/api-definition/rbac/rbac.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										28
									
								
								src/main/resources/api-definition/rbac/rbac.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,28 @@ | ||||
| openapi: 3.0.1 | ||||
| info: | ||||
|     title: Hostsharing hsadmin-ng API | ||||
|     version: v0 | ||||
| servers: | ||||
|     - url: http://localhost:8080 | ||||
|       description: Local development default URL. | ||||
|  | ||||
| paths: | ||||
|  | ||||
|     /api/rbac/users: | ||||
|         $ref: './rbac-users.yaml' | ||||
|  | ||||
|     /api/rbac/users/{userUuid}/permissions: | ||||
|         $ref: './rbac-users-with-id-permissions.yaml' | ||||
|  | ||||
|     /api/rbac/users/{userUuid}: | ||||
|         $ref: './rbac-users-with-uuid.yaml' | ||||
|  | ||||
|     /api/rbac/roles: | ||||
|         $ref: './rbac-roles.yaml' | ||||
|  | ||||
|     /api/rbac/grants: | ||||
|         $ref: './rbac-grants.yaml' | ||||
|  | ||||
|     /api/rbac/grants/{grantedRoleUuid}/{granteeUserUuid}: | ||||
|         $ref: './rbac-grants-with-id.yaml' | ||||
|  | ||||
| @@ -1,29 +0,0 @@ | ||||
| patch: | ||||
|     tags: | ||||
|         - testPackages | ||||
|     operationId: updatePackage | ||||
|     parameters: | ||||
|         -   $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         -   $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|         -   name: packageUUID | ||||
|             in: path | ||||
|             required: true | ||||
|             schema: | ||||
|                 type: string | ||||
|                 format: uuid | ||||
|     requestBody: | ||||
|         content: | ||||
|             'application/json': | ||||
|                 schema: | ||||
|                     $ref: './api-definition/test-package-schemas.yaml#/components/schemas/TestPackageUpdate' | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         $ref: './api-definition/test-package-schemas.yaml#/components/schemas/TestPackage' | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
| @@ -1,25 +0,0 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - testPackages | ||||
|     operationId: listPackages | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: name | ||||
|           in: query | ||||
|           required: false | ||||
|           schema: | ||||
|               type: string | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './api-definition/test-package-schemas.yaml#/components/schemas/TestPackage' | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
							
								
								
									
										16
									
								
								src/main/resources/api-definition/test/api-mappings.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										16
									
								
								src/main/resources/api-definition/test/api-mappings.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,16 @@ | ||||
| openapi-processor-mapping: v2 | ||||
|  | ||||
| options: | ||||
|     package-name: net.hostsharing.hsadminng.test.generated.api.v1 | ||||
|     model-name-suffix: Resource | ||||
|  | ||||
| map: | ||||
|     result: org.springframework.http.ResponseEntity | ||||
|  | ||||
|     types: | ||||
|         - type: array => java.util.List | ||||
|         - type: string:uuid => java.util.UUID | ||||
|  | ||||
|     paths: | ||||
|         /api/test/packages/{packageUUID}: | ||||
|             null: org.openapitools.jackson.nullable.JsonNullable | ||||
| @@ -5,8 +5,8 @@ get: | ||||
|         - testCustomers | ||||
|     operationId: listCustomers | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: prefix | ||||
|           in: query | ||||
|           required: false | ||||
| @@ -21,11 +21,11 @@ get: | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './api-definition/test-customer-schemas.yaml#/components/schemas/TestCustomer' | ||||
|                             $ref: './test-customer-schemas.yaml#/components/schemas/TestCustomer' | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
| 
 | ||||
| post: | ||||
|     summary: Adds a new customer. | ||||
| @@ -33,13 +33,13 @@ post: | ||||
|         - testCustomers | ||||
|     operationId: addCustomer | ||||
|     parameters: | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|     requestBody: | ||||
|         content: | ||||
|             'application/json': | ||||
|                 schema: | ||||
|                     $ref: './api-definition/api-definition/test-customer-schemas.yaml#/components/schemas/TestCustomer' | ||||
|                     $ref: './test-customer-schemas.yaml#/components/schemas/TestCustomer' | ||||
|         required: true | ||||
|     responses: | ||||
|         "201": | ||||
| @@ -47,10 +47,10 @@ post: | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         $ref: './api-definition/test-customer-schemas.yaml#/components/schemas/TestCustomer' | ||||
|                         $ref: './test-customer-schemas.yaml#/components/schemas/TestCustomer' | ||||
|         "401": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
|         "409": | ||||
|             $ref: './api-definition/error-responses.yaml#/components/responses/Conflict' | ||||
|             $ref: './error-responses.yaml#/components/responses/Conflict' | ||||
| @@ -10,7 +10,7 @@ components: | ||||
|                     type: string | ||||
|                     format: uuid | ||||
|                 customer: | ||||
|                     $ref: './api-definition/test-customer-schemas.yaml#/components/schemas/TestCustomer' | ||||
|                     $ref: './test-customer-schemas.yaml#/components/schemas/TestCustomer' | ||||
|                 name: | ||||
|                     type: string | ||||
|                 description: | ||||
| @@ -0,0 +1,29 @@ | ||||
| patch: | ||||
|     tags: | ||||
|         - testPackages | ||||
|     operationId: updatePackage | ||||
|     parameters: | ||||
|         -   $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         -   $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|         -   name: packageUUID | ||||
|             in: path | ||||
|             required: true | ||||
|             schema: | ||||
|                 type: string | ||||
|                 format: uuid | ||||
|     requestBody: | ||||
|         content: | ||||
|             'application/json': | ||||
|                 schema: | ||||
|                     $ref: './test-package-schemas.yaml#/components/schemas/TestPackageUpdate' | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         $ref: './test-package-schemas.yaml#/components/schemas/TestPackage' | ||||
|         "401": | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
							
								
								
									
										25
									
								
								src/main/resources/api-definition/test/test-packages.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								src/main/resources/api-definition/test/test-packages.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,25 @@ | ||||
| get: | ||||
|     tags: | ||||
|         - testPackages | ||||
|     operationId: listPackages | ||||
|     parameters: | ||||
|         - $ref: './auth.yaml#/components/parameters/currentUser' | ||||
|         - $ref: './auth.yaml#/components/parameters/assumedRoles' | ||||
|         - name: name | ||||
|           in: query | ||||
|           required: false | ||||
|           schema: | ||||
|               type: string | ||||
|     responses: | ||||
|         "200": | ||||
|             description: OK | ||||
|             content: | ||||
|                 'application/json': | ||||
|                     schema: | ||||
|                         type: array | ||||
|                         items: | ||||
|                             $ref: './test-package-schemas.yaml#/components/schemas/TestPackage' | ||||
|         "401": | ||||
|             $ref: './error-responses.yaml#/components/responses/Unauthorized' | ||||
|         "403": | ||||
|             $ref: './error-responses.yaml#/components/responses/Forbidden' | ||||
							
								
								
									
										19
									
								
								src/main/resources/api-definition/test/test.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								src/main/resources/api-definition/test/test.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | ||||
| openapi: 3.0.1 | ||||
| info: | ||||
|   title: Hostsharing hsadmin-ng API | ||||
|   version: v0 | ||||
| servers: | ||||
|   - url: http://localhost:8080 | ||||
|     description: Local development default URL. | ||||
|  | ||||
| paths: | ||||
|  | ||||
|   /api/test/customers: | ||||
|     $ref: "./test-customers.yaml" | ||||
|  | ||||
|   /api/test/packages: | ||||
|     $ref: "./test-packages.yaml" | ||||
|  | ||||
|   /api/test/packages/{packageUUID}: | ||||
|     $ref: "./test-packages-uuid.yaml" | ||||
|  | ||||
| @@ -6,11 +6,3 @@ options: | ||||
|  | ||||
| map: | ||||
|     result: org.springframework.http.ResponseEntity | ||||
|  | ||||
|     types: | ||||
|         - type: array => java.util.List | ||||
|         - type: string:uuid => java.util.UUID | ||||
|  | ||||
|     paths: | ||||
|         /api/test/packages/{packageUUID}: | ||||
|             null: org.openapitools.jackson.nullable.JsonNullable | ||||
|   | ||||
| @@ -5,7 +5,6 @@ import io.restassured.http.ContentType; | ||||
| import io.restassured.response.ValidatableResponse; | ||||
| import net.hostsharing.hsadminng.Accepts; | ||||
| import net.hostsharing.hsadminng.HsadminNgApplication; | ||||
| import net.hostsharing.hsadminng.context.Context; | ||||
| import net.hostsharing.hsadminng.context.ContextBasedTest; | ||||
| import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleEntity; | ||||
| import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleRepository; | ||||
|   | ||||
		Reference in New Issue
	
	Block a user