hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

revert updatable columns for relation and code-cleanup

Browse Source
This commit is contained in:
Michael Hoennig 2025-03-03 09:13:40 +01:00
parent 7a2b1b6280
commit 2a2398441d
4 changed files with 32 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRbacEntity.java
View File

@ -51,7 +51,7 @@ public class HsOfficeRelationRbacEntity extends HsOfficeRelation {
"""))
.withRestrictedViewOrderBy(SQL.expression(
"(select idName from hs_office.person_iv p where p.uuid = target.holderUuid)"))
.withUpdatableColumns("anchorUuid", "holderUuid", "contactUuid")
.withUpdatableColumns("contactUuid")
.importEntityAlias("anchorPerson", HsOfficePersonRbacEntity.class, usingDefaultCase(),
dependsOnColumn("anchorUuid"),
directlyFetchedByDependsOnColumn(),

20
src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql
View File

@ -124,9 +124,7 @@ create or replace procedure hs_office.relation_update_rbac_system(
language plpgsql as $$
begin
if NEW.holderUuid is distinct from OLD.holderUuid
or NEW.anchorUuid is distinct from OLD.anchorUuid
or NEW.contactUuid is distinct from OLD.contactUuid then
if NEW.contactUuid is distinct from OLD.contactUuid then
delete from rbac.grant g where g.grantedbytriggerof = OLD.uuid;
call hs_office.relation_build_rbac_system(NEW);
end if;
@ -250,8 +248,6 @@ call rbac.generateRbacRestrictedView('hs_office.relation',
(select idName from hs_office.person_iv p where p.uuid = target.holderUuid)
$orderBy$,
$updates$
anchorUuid = new.anchorUuid,
holderUuid = new.holderUuid,
contactUuid = new.contactUuid
$updates$);
--//
@ -309,17 +305,3 @@ END;
$$;
--//
-- ============================================================================
--changeset RbacRbacSystemRebuildGenerator:hs-office-relation-rbac-actually-rebuild runOnChange:true validCheckSum:ANY endDelimiter:--//
-- ----------------------------------------------------------------------------
begin transaction;
call base.defineContext(
're-creating RBAC for table hs_office.relation',
null,
'superuser-alex@hostsharing.net' -- FIXME: use env-var
);
call hs_office.relation_rebuild_rbac_system();
commit;
--//

54
src/test/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationControllerAcceptanceTest.java
View File

@ -45,13 +45,13 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
Context context;
@Autowired
HsOfficeRelationRealRepository relationrealRepo;
HsOfficeRelationRealRepository realRelationRepo;
@Autowired
HsOfficePersonRealRepository personRepo;
HsOfficePersonRealRepository realPersonRepo;
@Autowired
HsOfficeContactRealRepository contactrealRepo;
HsOfficeContactRealRepository realContactRepo;
@Autowired
JpaAttempt jpaAttempt;
@ -64,7 +64,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
// given
context.define("superuser-alex@hostsharing.net");
final var givenPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").get(0);
final var givenPerson = realPersonRepo.findPersonByOptionalNameLike("Hostsharing eG").getFirst();
RestAssured // @formatter:off
.given()
@ -122,7 +122,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
// given
context.define("contact-admin@firstcontact.example.com");
final var givenPerson = personRepo.findPersonByOptionalNameLike("First GmbH").get(0);
final var givenPerson = realPersonRepo.findPersonByOptionalNameLike("First GmbH").getFirst();
RestAssured // @formatter:off
.given()
@ -229,9 +229,9 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
void globalAdmin_withoutAssumedRole_canAddRelationWithHolderUuidAndContactUuid() {
context.define("superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0);
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Paul").get(0);
final var givenContact = contactrealRepo.findContactByOptionalCaptionLike("second").get(0);
final var givenAnchorPerson = realPersonRepo.findPersonByOptionalNameLike("Third").getFirst();
final var givenHolderPerson = realPersonRepo.findPersonByOptionalNameLike("Paul").getFirst();
final var givenContact = realContactRepo.findContactByOptionalCaptionLike("second").getFirst();
final var location = RestAssured // @formatter:off
.given()
@ -276,7 +276,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
void globalAdmin_withoutAssumedRole_canAddRelationWithHolderAndContactData() {
context.define("superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0);
final var givenAnchorPerson = realPersonRepo.findPersonByOptionalNameLike("Third").getFirst();
final var location = RestAssured // @formatter:off
.given()
@ -343,8 +343,8 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
context.define("superuser-alex@hostsharing.net");
final var givenAnchorPersonUuid = GIVEN_NON_EXISTING_HOLDER_PERSON_UUID;
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Smith").get(0);
final var givenContact = contactrealRepo.findContactByOptionalCaptionLike("fourth").get(0);
final var givenHolderPerson = realPersonRepo.findPersonByOptionalNameLike("Smith").getFirst();
final var givenContact = realContactRepo.findContactByOptionalCaptionLike("fourth").getFirst();
RestAssured // @formatter:off
.given()
@ -375,8 +375,8 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
void globalAdmin_canNotAddRelation_ifHolderPersonDoesNotExist() {
context.define("superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0);
final var givenContact = contactrealRepo.findContactByOptionalCaptionLike("fourth").get(0);
final var givenAnchorPerson = realPersonRepo.findPersonByOptionalNameLike("Third").getFirst();
final var givenContact = realContactRepo.findContactByOptionalCaptionLike("fourth").getFirst();
final var location = RestAssured // @formatter:off
.given()
@ -407,8 +407,8 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
void globalAdmin_canNotAddRelation_ifContactDoesNotExist() {
context.define("superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0);
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Paul").get(0);
final var givenAnchorPerson = realPersonRepo.findPersonByOptionalNameLike("Third").getFirst();
final var givenHolderPerson = realPersonRepo.findPersonByOptionalNameLike("Paul").getFirst();
final var givenContactUuid = UUID.fromString("00000000-0000-0000-0000-000000000000");
final var location = RestAssured // @formatter:off
@ -506,9 +506,9 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
private HsOfficeRelation findRelation(
final String anchorPersonName,
final String holderPersoneName) {
final var anchorPersonUuid = personRepo.findPersonByOptionalNameLike(anchorPersonName).get(0).getUuid();
final var holderPersonUuid = personRepo.findPersonByOptionalNameLike(holderPersoneName).get(0).getUuid();
final var givenRelation = relationrealRepo
final var anchorPersonUuid = realPersonRepo.findPersonByOptionalNameLike(anchorPersonName).getFirst().getUuid();
final var holderPersonUuid = realPersonRepo.findPersonByOptionalNameLike(holderPersoneName).getFirst().getUuid();
final var givenRelation = realRelationRepo
.findRelationRelatedToPersonUuid(anchorPersonUuid)
.stream()
.filter(r -> r.getHolder().getUuid().equals(holderPersonUuid))
@ -525,7 +525,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
context.define("superuser-alex@hostsharing.net");
final var givenRelation = givenSomeTemporaryRelationBessler();
assertThat(givenRelation.getContact().getCaption()).isEqualTo("seventh contact");
final var givenContact = contactrealRepo.findContactByOptionalCaptionLike("fourth").get(0);
final var givenContact = realContactRepo.findContactByOptionalCaptionLike("fourth").getFirst();
RestAssured // @formatter:off
.given()
@ -551,7 +551,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
// finally, the relation is actually updated
context.define("superuser-alex@hostsharing.net");
assertThat(relationrealRepo.findByUuid(givenRelation.getUuid())).isPresent().get()
assertThat(realRelationRepo.findByUuid(givenRelation.getUuid())).isPresent().get()
.matches(rel -> {
assertThat(rel.getAnchor().getTradeName()).contains("Bessler");
assertThat(rel.getHolder().getFamilyName()).contains("Winkler");
@ -580,7 +580,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
.statusCode(204); // @formatter:on
// then the given relation is gone
assertThat(relationrealRepo.findByUuid(givenRelation.getUuid())).isEmpty();
assertThat(realRelationRepo.findByUuid(givenRelation.getUuid())).isEmpty();
}
@Test
@ -599,7 +599,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
.statusCode(403); // @formatter:on
// then the given relation is still there
assertThat(relationrealRepo.findByUuid(givenRelation.getUuid())).isNotEmpty();
assertThat(realRelationRepo.findByUuid(givenRelation.getUuid())).isNotEmpty();
}
@Test
@ -618,16 +618,16 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
.statusCode(404); // @formatter:on
// then the given relation is still there
assertThat(relationrealRepo.findByUuid(givenRelation.getUuid())).isNotEmpty();
assertThat(realRelationRepo.findByUuid(givenRelation.getUuid())).isNotEmpty();
}
}
private HsOfficeRelation givenSomeTemporaryRelationBessler() {
return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Erben Bessler").get(0);
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Winkler").get(0);
final var givenContact = contactrealRepo.findContactByOptionalCaptionLike("seventh contact").get(0);
final var givenAnchorPerson = realPersonRepo.findPersonByOptionalNameLike("Erben Bessler").getFirst();
final var givenHolderPerson = realPersonRepo.findPersonByOptionalNameLike("Winkler").getFirst();
final var givenContact = realContactRepo.findContactByOptionalCaptionLike("seventh contact").getFirst();
final var newRelation = HsOfficeRelationRealEntity.builder()
.type(HsOfficeRelationType.REPRESENTATIVE)
.anchor(givenAnchorPerson)
@ -635,7 +635,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
.contact(givenContact)
.build();
assertThat(toCleanup(relationrealRepo.save(newRelation))).isEqualTo(newRelation);
assertThat(toCleanup(realRelationRepo.save(newRelation))).isEqualTo(newRelation);
return newRelation;
}).assertSuccessful().returnedValue();

45
src/test/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRepositoryIntegrationTest.java
View File

@ -28,7 +28,6 @@ import static net.hostsharing.hsadminng.hs.office.person.HsOfficePersonType.NATU
import static net.hostsharing.hsadminng.hs.office.person.HsOfficePersonType.UNINCORPORATED_FIRM;
import static net.hostsharing.hsadminng.rbac.grant.RawRbacGrantEntity.distinctGrantDisplaysOf;
import static net.hostsharing.hsadminng.rbac.role.RawRbacRoleEntity.distinctRoleNamesOf;
import static net.hostsharing.hsadminng.rbac.role.RbacRoleType.ADMIN;
import static net.hostsharing.hsadminng.rbac.test.JpaAttempt.attempt;
import static org.assertj.core.api.Assertions.assertThat;
@ -284,44 +283,6 @@ class HsOfficeRelationRepositoryIntegrationTest extends ContextBasedTestWithClea
result.returnedValue(),
"hs_office.contact#fifthcontact:ADMIN");
// FIXME relationRbacRepo.deleteByUuid(givenRelation.getUuid());
}
@Test
public void hostsharingAdmin_withoutAssumedRole_canUpdateHolderOfArbitraryRelation() {
// given
context("superuser-alex@hostsharing.net");
final var givenRelation = givenSomeTemporaryRelationBessler(
"Bert", "fifth contact");
final var oldHolderPerson = givenRelation.getHolder();
final var newHolderPerson = personRepo.findPersonByOptionalNameLike("Paul").getFirst();
assertThatRelationActuallyInDatabase(givenRelation);
assertThatRelationIsVisibleForUserWithRole(
givenRelation,
givenRelation.getHolder().roleId(ADMIN));
// when
final var result = jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
givenRelation.setHolder(newHolderPerson);
return toCleanup(relationRbacRepo.save(givenRelation).load());
});
// then
result.assertSuccessful();
assertThat(result.returnedValue().getHolder().getGivenName()).isEqualTo("Paul");
assertThatRelationIsVisibleForUserWithRole(
result.returnedValue(),
"rbac.global#global:ADMIN");
assertThatRelationIsVisibleForUserWithRole(
result.returnedValue(),
newHolderPerson.roleId(ADMIN));
assertThatRelationIsNotVisibleForUserWithRole(
result.returnedValue(),
oldHolderPerson.roleId(ADMIN));
// FIXME: relationRbacRepo.deleteByUuid(givenRelation.getUuid());
}
@Test
@ -497,9 +458,9 @@ class HsOfficeRelationRepositoryIntegrationTest extends ContextBasedTestWithClea
private HsOfficeRelationRbacEntity givenSomeTemporaryRelationBessler(final String holderPerson, final String contact) {
return jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Erben Bessler").get(0);
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike(holderPerson).get(0);
final var givenContact = contactRealRepo.findContactByOptionalCaptionLike(contact).get(0);
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Erben Bessler").getFirst();
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike(holderPerson).getFirst();
final var givenContact = contactRealRepo.findContactByOptionalCaptionLike(contact).getFirst();
final var newRelation = HsOfficeRelationRbacEntity.builder()
.type(HsOfficeRelationType.REPRESENTATIVE)
.anchor(givenAnchorPerson)