RBAC object scope to replace serialID (WIP)

This commit is contained in:
Michael Hoennig 2024-05-02 13:31:18 +02:00
parent e09a09cf92
commit 349b9ddae0
78 changed files with 441 additions and 321 deletions

View File

@ -24,6 +24,10 @@ import static org.springframework.transaction.annotation.Propagation.MANDATORY;
@AllArgsConstructor @AllArgsConstructor
public class Context { public class Context {
public enum Scope {
BASE, TEST, TEMP, PROD;
}
private static final Set<String> HEADERS_TO_IGNORE = Set.of( private static final Set<String> HEADERS_TO_IGNORE = Set.of(
"accept-encoding", "accept-encoding",
"connection", "connection",
@ -38,28 +42,31 @@ public class Context {
private HttpServletRequest request; private HttpServletRequest request;
@Transactional(propagation = MANDATORY) @Transactional(propagation = MANDATORY)
public void define(final String currentUser) { public void define(final Scope scope, final String currentUser) {
define(currentUser, null); define(scope, currentUser, null);
} }
@Transactional(propagation = MANDATORY) @Transactional(propagation = MANDATORY)
public void define(final String currentUser, final String assumedRoles) { public void define(final Scope scope, final String currentUser, final String assumedRoles) {
define(toTask(request), toCurl(request), currentUser, assumedRoles); define(scope, toTask(request), toCurl(request), currentUser, assumedRoles);
} }
@Transactional(propagation = MANDATORY) @Transactional(propagation = MANDATORY)
public void define( public void define(
final Scope currentScope,
final String currentTask, final String currentTask,
final String currentRequest, final String currentRequest,
final String currentUser, final String currentUser,
final String assumedRoles) { final String assumedRoles) {
final var query = em.createNativeQuery(""" final var query = em.createNativeQuery("""
call defineContext( call defineContext(
cast(:currentScope as RbacObjectScope),
cast(:currentTask as varchar(127)), cast(:currentTask as varchar(127)),
cast(:currentRequest as text), cast(:currentRequest as text),
cast(:currentUser as varchar(63)), cast(:currentUser as varchar(63)),
cast(:assumedRoles as varchar(1023))); cast(:assumedRoles as varchar(1023)));
"""); """);
query.setParameter("currentScope", currentScope.name());
query.setParameter("currentTask", shortenToMaxLength(currentTask, 127)); query.setParameter("currentTask", shortenToMaxLength(currentTask, 127));
query.setParameter("currentRequest", currentRequest); query.setParameter("currentRequest", currentRequest);
query.setParameter("currentUser", currentUser); query.setParameter("currentUser", currentUser);

View File

@ -17,6 +17,7 @@ import java.util.List;
import java.util.UUID; import java.util.UUID;
import java.util.function.BiConsumer; import java.util.function.BiConsumer;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
import static net.hostsharing.hsadminng.mapper.PostgresDateRange.toPostgresDateRange; import static net.hostsharing.hsadminng.mapper.PostgresDateRange.toPostgresDateRange;
@RestController @RestController
@ -37,7 +38,7 @@ public class HsBookingItemController implements HsBookingItemsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID debitorUuid) { final UUID debitorUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = bookingItemRepo.findAllByDebitorUuid(debitorUuid); final var entities = bookingItemRepo.findAllByDebitorUuid(debitorUuid);
@ -52,7 +53,7 @@ public class HsBookingItemController implements HsBookingItemsApi {
final String assumedRoles, final String assumedRoles,
final HsBookingItemInsertResource body) { final HsBookingItemInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entityToSave = mapper.map(body, HsBookingItemEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER); final var entityToSave = mapper.map(body, HsBookingItemEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER);
@ -74,7 +75,7 @@ public class HsBookingItemController implements HsBookingItemsApi {
final String assumedRoles, final String assumedRoles,
final UUID bookingItemUuid) { final UUID bookingItemUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = bookingItemRepo.findByUuid(bookingItemUuid); final var result = bookingItemRepo.findByUuid(bookingItemUuid);
return result return result
@ -89,7 +90,7 @@ public class HsBookingItemController implements HsBookingItemsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID bookingItemUuid) { final UUID bookingItemUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = bookingItemRepo.deleteByUuid(bookingItemUuid); final var result = bookingItemRepo.deleteByUuid(bookingItemUuid);
return result == 0 return result == 0
@ -105,7 +106,7 @@ public class HsBookingItemController implements HsBookingItemsApi {
final UUID bookingItemUuid, final UUID bookingItemUuid,
final HsBookingItemPatchResource body) { final HsBookingItemPatchResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = bookingItemRepo.findByUuid(bookingItemUuid).orElseThrow(); final var current = bookingItemRepo.findByUuid(bookingItemUuid).orElseThrow();

View File

@ -18,6 +18,7 @@ import java.util.List;
import java.util.UUID; import java.util.UUID;
import java.util.function.BiConsumer; import java.util.function.BiConsumer;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
public class HsHostingAssetController implements HsHostingAssetsApi { public class HsHostingAssetController implements HsHostingAssetsApi {
@ -37,7 +38,7 @@ public class HsHostingAssetController implements HsHostingAssetsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID debitorUuid) { final UUID debitorUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = assetRepo.findAllByDebitorUuid(debitorUuid); final var entities = assetRepo.findAllByDebitorUuid(debitorUuid);
@ -53,7 +54,7 @@ public class HsHostingAssetController implements HsHostingAssetsApi {
final String assumedRoles, final String assumedRoles,
final HsHostingAssetInsertResource body) { final HsHostingAssetInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entityToSave = mapper.map(body, HsHostingAssetEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER); final var entityToSave = mapper.map(body, HsHostingAssetEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER);
@ -75,7 +76,7 @@ public class HsHostingAssetController implements HsHostingAssetsApi {
final String assumedRoles, final String assumedRoles,
final UUID serverUuid) { final UUID serverUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = assetRepo.findByUuid(serverUuid); final var result = assetRepo.findByUuid(serverUuid);
return result return result
@ -90,7 +91,7 @@ public class HsHostingAssetController implements HsHostingAssetsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID serverUuid) { final UUID serverUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = assetRepo.deleteByUuid(serverUuid); final var result = assetRepo.deleteByUuid(serverUuid);
return result == 0 return result == 0
@ -106,7 +107,7 @@ public class HsHostingAssetController implements HsHostingAssetsApi {
final UUID serverUuid, final UUID serverUuid,
final HsHostingAssetPatchResource body) { final HsHostingAssetPatchResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = assetRepo.findByUuid(serverUuid).orElseThrow(); final var current = assetRepo.findByUuid(serverUuid).orElseThrow();

View File

@ -16,6 +16,8 @@ import org.springframework.web.servlet.mvc.method.annotation.MvcUriComponentsBui
import java.util.List; import java.util.List;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
public class HsOfficeBankAccountController implements HsOfficeBankAccountsApi { public class HsOfficeBankAccountController implements HsOfficeBankAccountsApi {
@ -35,7 +37,7 @@ public class HsOfficeBankAccountController implements HsOfficeBankAccountsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final String holder) { final String holder) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = bankAccountRepo.findByOptionalHolderLike(holder); final var entities = bankAccountRepo.findByOptionalHolderLike(holder);
@ -50,7 +52,7 @@ public class HsOfficeBankAccountController implements HsOfficeBankAccountsApi {
final String assumedRoles, final String assumedRoles,
final HsOfficeBankAccountInsertResource body) { final HsOfficeBankAccountInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
IbanUtil.validate(body.getIban()); IbanUtil.validate(body.getIban());
BicUtil.validate(body.getBic()); BicUtil.validate(body.getBic());
@ -76,7 +78,7 @@ public class HsOfficeBankAccountController implements HsOfficeBankAccountsApi {
final String assumedRoles, final String assumedRoles,
final UUID bankAccountUuid) { final UUID bankAccountUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = bankAccountRepo.findByUuid(bankAccountUuid); final var result = bankAccountRepo.findByUuid(bankAccountUuid);
if (result.isEmpty()) { if (result.isEmpty()) {
@ -91,7 +93,7 @@ public class HsOfficeBankAccountController implements HsOfficeBankAccountsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID BankAccountUuid) { final UUID BankAccountUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = bankAccountRepo.deleteByUuid(BankAccountUuid); final var result = bankAccountRepo.deleteByUuid(BankAccountUuid);
if (result == 0) { if (result == 0) {

View File

@ -16,6 +16,7 @@ import java.util.List;
import java.util.UUID; import java.util.UUID;
import java.util.function.BiConsumer; import java.util.function.BiConsumer;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
import static net.hostsharing.hsadminng.mapper.KeyValueMap.from; import static net.hostsharing.hsadminng.mapper.KeyValueMap.from;
@RestController @RestController
@ -37,7 +38,7 @@ public class HsOfficeContactController implements HsOfficeContactsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final String label) { final String label) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = contactRepo.findContactByOptionalLabelLike(label); final var entities = contactRepo.findContactByOptionalLabelLike(label);
@ -52,7 +53,7 @@ public class HsOfficeContactController implements HsOfficeContactsApi {
final String assumedRoles, final String assumedRoles,
final HsOfficeContactInsertResource body) { final HsOfficeContactInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entityToSave = mapper.map(body, HsOfficeContactEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER); final var entityToSave = mapper.map(body, HsOfficeContactEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER);
@ -74,7 +75,7 @@ public class HsOfficeContactController implements HsOfficeContactsApi {
final String assumedRoles, final String assumedRoles,
final UUID contactUuid) { final UUID contactUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = contactRepo.findByUuid(contactUuid); final var result = contactRepo.findByUuid(contactUuid);
if (result.isEmpty()) { if (result.isEmpty()) {
@ -89,7 +90,7 @@ public class HsOfficeContactController implements HsOfficeContactsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID contactUuid) { final UUID contactUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = contactRepo.deleteByUuid(contactUuid); final var result = contactRepo.deleteByUuid(contactUuid);
if (result == 0) { if (result == 0) {
@ -107,7 +108,7 @@ public class HsOfficeContactController implements HsOfficeContactsApi {
final UUID contactUuid, final UUID contactUuid,
final HsOfficeContactPatchResource body) { final HsOfficeContactPatchResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = contactRepo.findByUuid(contactUuid).orElseThrow(); final var current = contactRepo.findByUuid(contactUuid).orElseThrow();

View File

@ -21,6 +21,7 @@ import java.util.UUID;
import java.util.function.BiConsumer; import java.util.function.BiConsumer;
import static java.lang.String.join; import static java.lang.String.join;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
import static net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeCoopAssetsTransactionTypeResource.*; import static net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeCoopAssetsTransactionTypeResource.*;
@RestController @RestController
@ -43,7 +44,7 @@ public class HsOfficeCoopAssetsTransactionController implements HsOfficeCoopAsse
final UUID membershipUuid, final UUID membershipUuid,
final @DateTimeFormat(iso = ISO.DATE) LocalDate fromValueDate, final @DateTimeFormat(iso = ISO.DATE) LocalDate fromValueDate,
final @DateTimeFormat(iso = ISO.DATE) LocalDate toValueDate) { final @DateTimeFormat(iso = ISO.DATE) LocalDate toValueDate) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange( final var entities = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange(
membershipUuid, membershipUuid,
@ -61,7 +62,7 @@ public class HsOfficeCoopAssetsTransactionController implements HsOfficeCoopAsse
final String assumedRoles, final String assumedRoles,
final HsOfficeCoopAssetsTransactionInsertResource requestBody) { final HsOfficeCoopAssetsTransactionInsertResource requestBody) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
validate(requestBody); validate(requestBody);
final var entityToSave = mapper.map(requestBody, HsOfficeCoopAssetsTransactionEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER); final var entityToSave = mapper.map(requestBody, HsOfficeCoopAssetsTransactionEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER);
@ -82,7 +83,7 @@ public class HsOfficeCoopAssetsTransactionController implements HsOfficeCoopAsse
public ResponseEntity<HsOfficeCoopAssetsTransactionResource> getCoopAssetTransactionByUuid( public ResponseEntity<HsOfficeCoopAssetsTransactionResource> getCoopAssetTransactionByUuid(
final String currentUser, final String assumedRoles, final UUID assetTransactionUuid) { final String currentUser, final String assumedRoles, final UUID assetTransactionUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = coopAssetsTransactionRepo.findByUuid(assetTransactionUuid); final var result = coopAssetsTransactionRepo.findByUuid(assetTransactionUuid);
if (result.isEmpty()) { if (result.isEmpty()) {

View File

@ -22,6 +22,7 @@ import java.util.UUID;
import java.util.function.BiConsumer; import java.util.function.BiConsumer;
import static java.lang.String.join; import static java.lang.String.join;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
import static net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeCoopSharesTransactionTypeResource.CANCELLATION; import static net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeCoopSharesTransactionTypeResource.CANCELLATION;
import static net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeCoopSharesTransactionTypeResource.SUBSCRIPTION; import static net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeCoopSharesTransactionTypeResource.SUBSCRIPTION;
@ -45,7 +46,7 @@ public class HsOfficeCoopSharesTransactionController implements HsOfficeCoopShar
final UUID membershipUuid, final UUID membershipUuid,
final @DateTimeFormat(iso = ISO.DATE) LocalDate fromValueDate, final @DateTimeFormat(iso = ISO.DATE) LocalDate fromValueDate,
final @DateTimeFormat(iso = ISO.DATE) LocalDate toValueDate) { final @DateTimeFormat(iso = ISO.DATE) LocalDate toValueDate) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange( final var entities = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(
membershipUuid, membershipUuid,
@ -63,7 +64,7 @@ public class HsOfficeCoopSharesTransactionController implements HsOfficeCoopShar
final String assumedRoles, final String assumedRoles,
final HsOfficeCoopSharesTransactionInsertResource requestBody) { final HsOfficeCoopSharesTransactionInsertResource requestBody) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
validate(requestBody); validate(requestBody);
final var entityToSave = mapper.map(requestBody, HsOfficeCoopSharesTransactionEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER); final var entityToSave = mapper.map(requestBody, HsOfficeCoopSharesTransactionEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER);
@ -84,7 +85,7 @@ public class HsOfficeCoopSharesTransactionController implements HsOfficeCoopShar
public ResponseEntity<HsOfficeCoopSharesTransactionResource> getCoopShareTransactionByUuid( public ResponseEntity<HsOfficeCoopSharesTransactionResource> getCoopShareTransactionByUuid(
final String currentUser, final String assumedRoles, final UUID shareTransactionUuid) { final String currentUser, final String assumedRoles, final UUID shareTransactionUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = coopSharesTransactionRepo.findByUuid(shareTransactionUuid); final var result = coopSharesTransactionRepo.findByUuid(shareTransactionUuid);
if (result.isEmpty()) { if (result.isEmpty()) {

View File

@ -22,6 +22,7 @@ import jakarta.persistence.PersistenceContext;
import java.util.List; import java.util.List;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.DEBITOR; import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.DEBITOR;
@RestController @RestController
@ -50,7 +51,7 @@ public class HsOfficeDebitorController implements HsOfficeDebitorsApi {
final String assumedRoles, final String assumedRoles,
final String name, final String name,
final Integer debitorNumber) { final Integer debitorNumber) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = debitorNumber != null final var entities = debitorNumber != null
? debitorRepo.findDebitorByDebitorNumber(debitorNumber) ? debitorRepo.findDebitorByDebitorNumber(debitorNumber)
@ -67,7 +68,7 @@ public class HsOfficeDebitorController implements HsOfficeDebitorsApi {
String assumedRoles, String assumedRoles,
HsOfficeDebitorInsertResource body) { HsOfficeDebitorInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
Validate.isTrue(body.getDebitorRel() == null || body.getDebitorRelUuid() == null, Validate.isTrue(body.getDebitorRel() == null || body.getDebitorRelUuid() == null,
"ERROR: [400] exactly one of debitorRel and debitorRelUuid must be supplied, but found both"); "ERROR: [400] exactly one of debitorRel and debitorRelUuid must be supplied, but found both");
@ -111,7 +112,7 @@ public class HsOfficeDebitorController implements HsOfficeDebitorsApi {
final String assumedRoles, final String assumedRoles,
final UUID debitorUuid) { final UUID debitorUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = debitorRepo.findByUuid(debitorUuid); final var result = debitorRepo.findByUuid(debitorUuid);
if (result.isEmpty()) { if (result.isEmpty()) {
@ -126,7 +127,7 @@ public class HsOfficeDebitorController implements HsOfficeDebitorsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID debitorUuid) { final UUID debitorUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = debitorRepo.deleteByUuid(debitorUuid); final var result = debitorRepo.deleteByUuid(debitorUuid);
if (result == 0) { if (result == 0) {
@ -144,7 +145,7 @@ public class HsOfficeDebitorController implements HsOfficeDebitorsApi {
final UUID debitorUuid, final UUID debitorUuid,
final HsOfficeDebitorPatchResource body) { final HsOfficeDebitorPatchResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = debitorRepo.findByUuid(debitorUuid).orElseThrow(); final var current = debitorRepo.findByUuid(debitorUuid).orElseThrow();

View File

@ -16,6 +16,8 @@ import java.util.List;
import java.util.UUID; import java.util.UUID;
import java.util.function.BiConsumer; import java.util.function.BiConsumer;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
public class HsOfficeMembershipController implements HsOfficeMembershipsApi { public class HsOfficeMembershipController implements HsOfficeMembershipsApi {
@ -36,7 +38,7 @@ public class HsOfficeMembershipController implements HsOfficeMembershipsApi {
final String assumedRoles, final String assumedRoles,
UUID partnerUuid, UUID partnerUuid,
Integer memberNumber) { Integer memberNumber) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = ( memberNumber != null) final var entities = ( memberNumber != null)
? List.of(membershipRepo.findMembershipByMemberNumber(memberNumber)) ? List.of(membershipRepo.findMembershipByMemberNumber(memberNumber))
@ -54,7 +56,7 @@ public class HsOfficeMembershipController implements HsOfficeMembershipsApi {
final String assumedRoles, final String assumedRoles,
final HsOfficeMembershipInsertResource body) { final HsOfficeMembershipInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entityToSave = mapper.map(body, HsOfficeMembershipEntity.class); final var entityToSave = mapper.map(body, HsOfficeMembershipEntity.class);
@ -77,7 +79,7 @@ public class HsOfficeMembershipController implements HsOfficeMembershipsApi {
final String assumedRoles, final String assumedRoles,
final UUID membershipUuid) { final UUID membershipUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = membershipRepo.findByUuid(membershipUuid); final var result = membershipRepo.findByUuid(membershipUuid);
if (result.isEmpty()) { if (result.isEmpty()) {
@ -93,7 +95,7 @@ public class HsOfficeMembershipController implements HsOfficeMembershipsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID membershipUuid) { final UUID membershipUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = membershipRepo.deleteByUuid(membershipUuid); final var result = membershipRepo.deleteByUuid(membershipUuid);
if (result == 0) { if (result == 0) {
@ -111,7 +113,7 @@ public class HsOfficeMembershipController implements HsOfficeMembershipsApi {
final UUID membershipUuid, final UUID membershipUuid,
final HsOfficeMembershipPatchResource body) { final HsOfficeMembershipPatchResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = membershipRepo.findByUuid(membershipUuid).orElseThrow(); final var current = membershipRepo.findByUuid(membershipUuid).orElseThrow();

View File

@ -26,6 +26,7 @@ import jakarta.persistence.PersistenceContext;
import java.util.List; import java.util.List;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.EX_PARTNER; import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.EX_PARTNER;
@RestController @RestController
@ -53,7 +54,7 @@ public class HsOfficePartnerController implements HsOfficePartnersApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final String name) { final String name) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = partnerRepo.findPartnerByOptionalNameLike(name); final var entities = partnerRepo.findPartnerByOptionalNameLike(name);
@ -68,7 +69,7 @@ public class HsOfficePartnerController implements HsOfficePartnersApi {
final String assumedRoles, final String assumedRoles,
final HsOfficePartnerInsertResource body) { final HsOfficePartnerInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entityToSave = createPartnerEntity(body); final var entityToSave = createPartnerEntity(body);
@ -90,7 +91,7 @@ public class HsOfficePartnerController implements HsOfficePartnersApi {
final String assumedRoles, final String assumedRoles,
final UUID partnerUuid) { final UUID partnerUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = partnerRepo.findByUuid(partnerUuid); final var result = partnerRepo.findByUuid(partnerUuid);
if (result.isEmpty()) { if (result.isEmpty()) {
@ -105,7 +106,7 @@ public class HsOfficePartnerController implements HsOfficePartnersApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID partnerUuid) { final UUID partnerUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var partnerToDelete = partnerRepo.findByUuid(partnerUuid); final var partnerToDelete = partnerRepo.findByUuid(partnerUuid);
if (partnerToDelete.isEmpty()) { if (partnerToDelete.isEmpty()) {
@ -127,7 +128,7 @@ public class HsOfficePartnerController implements HsOfficePartnersApi {
final UUID partnerUuid, final UUID partnerUuid,
final HsOfficePartnerPatchResource body) { final HsOfficePartnerPatchResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = partnerRepo.findByUuid(partnerUuid).orElseThrow(); final var current = partnerRepo.findByUuid(partnerUuid).orElseThrow();
final var previousPartnerRel = current.getPartnerRel(); final var previousPartnerRel = current.getPartnerRel();

View File

@ -15,6 +15,8 @@ import org.springframework.web.servlet.mvc.method.annotation.MvcUriComponentsBui
import java.util.List; import java.util.List;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
public class HsOfficePersonController implements HsOfficePersonsApi { public class HsOfficePersonController implements HsOfficePersonsApi {
@ -34,7 +36,7 @@ public class HsOfficePersonController implements HsOfficePersonsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final String label) { final String label) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = personRepo.findPersonByOptionalNameLike(label); final var entities = personRepo.findPersonByOptionalNameLike(label);
@ -49,7 +51,7 @@ public class HsOfficePersonController implements HsOfficePersonsApi {
final String assumedRoles, final String assumedRoles,
final HsOfficePersonInsertResource body) { final HsOfficePersonInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entityToSave = mapper.map(body, HsOfficePersonEntity.class); final var entityToSave = mapper.map(body, HsOfficePersonEntity.class);
@ -71,7 +73,7 @@ public class HsOfficePersonController implements HsOfficePersonsApi {
final String assumedRoles, final String assumedRoles,
final UUID personUuid) { final UUID personUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = personRepo.findByUuid(personUuid); final var result = personRepo.findByUuid(personUuid);
if (result.isEmpty()) { if (result.isEmpty()) {
@ -86,7 +88,7 @@ public class HsOfficePersonController implements HsOfficePersonsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID personUuid) { final UUID personUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = personRepo.deleteByUuid(personUuid); final var result = personRepo.deleteByUuid(personUuid);
if (result == 0) { if (result == 0) {
@ -104,7 +106,7 @@ public class HsOfficePersonController implements HsOfficePersonsApi {
final UUID personUuid, final UUID personUuid,
final HsOfficePersonPatchResource body) { final HsOfficePersonPatchResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = personRepo.findByUuid(personUuid).orElseThrow(); final var current = personRepo.findByUuid(personUuid).orElseThrow();

View File

@ -19,6 +19,7 @@ import java.util.NoSuchElementException;
import java.util.UUID; import java.util.UUID;
import java.util.function.BiConsumer; import java.util.function.BiConsumer;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
@ -49,7 +50,7 @@ public class HsOfficeRelationController implements HsOfficeRelationsApi {
final String assumedRoles, final String assumedRoles,
final UUID personUuid, final UUID personUuid,
final HsOfficeRelationTypeResource relationType) { final HsOfficeRelationTypeResource relationType) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = relationRepo.findRelationRelatedToPersonUuidAndRelationType(personUuid, final var entities = relationRepo.findRelationRelatedToPersonUuidAndRelationType(personUuid,
mapper.map(relationType, HsOfficeRelationType.class)); mapper.map(relationType, HsOfficeRelationType.class));
@ -66,7 +67,7 @@ public class HsOfficeRelationController implements HsOfficeRelationsApi {
final String assumedRoles, final String assumedRoles,
final HsOfficeRelationInsertResource body) { final HsOfficeRelationInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entityToSave = new HsOfficeRelationEntity(); final var entityToSave = new HsOfficeRelationEntity();
entityToSave.setType(HsOfficeRelationType.valueOf(body.getType())); entityToSave.setType(HsOfficeRelationType.valueOf(body.getType()));
@ -100,7 +101,7 @@ public class HsOfficeRelationController implements HsOfficeRelationsApi {
final String assumedRoles, final String assumedRoles,
final UUID relationUuid) { final UUID relationUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = relationRepo.findByUuid(relationUuid); final var result = relationRepo.findByUuid(relationUuid);
if (result.isEmpty()) { if (result.isEmpty()) {
@ -115,7 +116,7 @@ public class HsOfficeRelationController implements HsOfficeRelationsApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID relationUuid) { final UUID relationUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = relationRepo.deleteByUuid(relationUuid); final var result = relationRepo.deleteByUuid(relationUuid);
if (result == 0) { if (result == 0) {
@ -133,7 +134,7 @@ public class HsOfficeRelationController implements HsOfficeRelationsApi {
final UUID relationUuid, final UUID relationUuid,
final HsOfficeRelationPatchResource body) { final HsOfficeRelationPatchResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = relationRepo.findByUuid(relationUuid).orElseThrow(); final var current = relationRepo.findByUuid(relationUuid).orElseThrow();

View File

@ -18,6 +18,7 @@ import java.util.List;
import java.util.UUID; import java.util.UUID;
import java.util.function.BiConsumer; import java.util.function.BiConsumer;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
import static net.hostsharing.hsadminng.mapper.PostgresDateRange.toPostgresDateRange; import static net.hostsharing.hsadminng.mapper.PostgresDateRange.toPostgresDateRange;
@RestController @RestController
@ -42,7 +43,7 @@ public class HsOfficeSepaMandateController implements HsOfficeSepaMandatesApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final String iban) { final String iban) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entities = sepaMandateRepo.findSepaMandateByOptionalIban(iban); final var entities = sepaMandateRepo.findSepaMandateByOptionalIban(iban);
@ -58,7 +59,7 @@ public class HsOfficeSepaMandateController implements HsOfficeSepaMandatesApi {
final String assumedRoles, final String assumedRoles,
final HsOfficeSepaMandateInsertResource body) { final HsOfficeSepaMandateInsertResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var entityToSave = mapper.map(body, HsOfficeSepaMandateEntity.class, SEPA_MANDATE_RESOURCE_TO_ENTITY_POSTMAPPER); final var entityToSave = mapper.map(body, HsOfficeSepaMandateEntity.class, SEPA_MANDATE_RESOURCE_TO_ENTITY_POSTMAPPER);
@ -81,7 +82,7 @@ public class HsOfficeSepaMandateController implements HsOfficeSepaMandatesApi {
final String assumedRoles, final String assumedRoles,
final UUID sepaMandateUuid) { final UUID sepaMandateUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = sepaMandateRepo.findByUuid(sepaMandateUuid); final var result = sepaMandateRepo.findByUuid(sepaMandateUuid);
if (result.isEmpty()) { if (result.isEmpty()) {
@ -97,7 +98,7 @@ public class HsOfficeSepaMandateController implements HsOfficeSepaMandatesApi {
final String currentUser, final String currentUser,
final String assumedRoles, final String assumedRoles,
final UUID sepaMandateUuid) { final UUID sepaMandateUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = sepaMandateRepo.deleteByUuid(sepaMandateUuid); final var result = sepaMandateRepo.deleteByUuid(sepaMandateUuid);
if (result == 0) { if (result == 0) {
@ -115,7 +116,7 @@ public class HsOfficeSepaMandateController implements HsOfficeSepaMandatesApi {
final UUID sepaMandateUuid, final UUID sepaMandateUuid,
final HsOfficeSepaMandatePatchResource body) { final HsOfficeSepaMandatePatchResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = sepaMandateRepo.findByUuid(sepaMandateUuid).orElseThrow(); final var current = sepaMandateRepo.findByUuid(sepaMandateUuid).orElseThrow();

View File

@ -67,7 +67,7 @@ public class InsertTriggerGenerator {
declare declare
row ${rawSuperTable}; row ${rawSuperTable};
begin begin
call defineContext('create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows'); call defineContext('PROD', 'create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows');
FOR row IN SELECT * FROM ${rawSuperTable} FOR row IN SELECT * FROM ${rawSuperTable}
${whenCondition} ${whenCondition}

View File

@ -15,6 +15,8 @@ import jakarta.persistence.PersistenceContext;
import java.util.List; import java.util.List;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
public class RbacGrantController implements RbacGrantsApi { public class RbacGrantController implements RbacGrantsApi {
@ -38,7 +40,7 @@ public class RbacGrantController implements RbacGrantsApi {
final UUID grantedRoleUuid, final UUID grantedRoleUuid,
final UUID granteeUserUuid) { final UUID granteeUserUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var id = new RbacGrantId(granteeUserUuid, grantedRoleUuid); final var id = new RbacGrantId(granteeUserUuid, grantedRoleUuid);
final var result = rbacGrantRepository.findById(id); final var result = rbacGrantRepository.findById(id);
@ -54,7 +56,7 @@ public class RbacGrantController implements RbacGrantsApi {
final String currentUser, final String currentUser,
final String assumedRoles) { final String assumedRoles) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
return ResponseEntity.ok(mapper.mapList(rbacGrantRepository.findAll(), RbacGrantResource.class)); return ResponseEntity.ok(mapper.mapList(rbacGrantRepository.findAll(), RbacGrantResource.class));
} }
@ -66,7 +68,7 @@ public class RbacGrantController implements RbacGrantsApi {
final String assumedRoles, final String assumedRoles,
final RbacGrantResource body) { final RbacGrantResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var granted = rbacGrantRepository.save(mapper.map(body, RbacGrantEntity.class)); final var granted = rbacGrantRepository.save(mapper.map(body, RbacGrantEntity.class));
em.flush(); em.flush();
@ -88,7 +90,7 @@ public class RbacGrantController implements RbacGrantsApi {
final UUID grantedRoleUuid, final UUID grantedRoleUuid,
final UUID granteeUserUuid) { final UUID granteeUserUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
rbacGrantRepository.deleteByRbacGrantId(new RbacGrantId(granteeUserUuid, grantedRoleUuid)); rbacGrantRepository.deleteByRbacGrantId(new RbacGrantId(granteeUserUuid, grantedRoleUuid));

View File

@ -11,6 +11,8 @@ import org.springframework.web.bind.annotation.RestController;
import java.util.List; import java.util.List;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
public class RbacRoleController implements RbacRolesApi { public class RbacRoleController implements RbacRolesApi {
@ -29,7 +31,7 @@ public class RbacRoleController implements RbacRolesApi {
final String currentUser, final String currentUser,
final String assumedRoles) { final String assumedRoles) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final List<RbacRoleEntity> result = rbacRoleRepository.findAll(); final List<RbacRoleEntity> result = rbacRoleRepository.findAll();

View File

@ -14,6 +14,8 @@ import org.springframework.web.servlet.mvc.method.annotation.MvcUriComponentsBui
import java.util.List; import java.util.List;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
public class RbacUserController implements RbacUsersApi { public class RbacUserController implements RbacUsersApi {
@ -31,7 +33,7 @@ public class RbacUserController implements RbacUsersApi {
public ResponseEntity<RbacUserResource> createUser( public ResponseEntity<RbacUserResource> createUser(
final RbacUserResource body final RbacUserResource body
) { ) {
context.define(null); context.define(PROD, null);
if (body.getUuid() == null) { if (body.getUuid() == null) {
body.setUuid(UUID.randomUUID()); body.setUuid(UUID.randomUUID());
@ -53,7 +55,7 @@ public class RbacUserController implements RbacUsersApi {
final String assumedRoles, final String assumedRoles,
final UUID userUuid final UUID userUuid
) { ) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
rbacUserRepository.deleteByUuid(userUuid); rbacUserRepository.deleteByUuid(userUuid);
@ -67,7 +69,7 @@ public class RbacUserController implements RbacUsersApi {
final String assumedRoles, final String assumedRoles,
final UUID userUuid) { final UUID userUuid) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = rbacUserRepository.findByUuid(userUuid); final var result = rbacUserRepository.findByUuid(userUuid);
if (result == null) { if (result == null) {
@ -83,7 +85,7 @@ public class RbacUserController implements RbacUsersApi {
final String assumedRoles, final String assumedRoles,
final String userName final String userName
) { ) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
return ResponseEntity.ok(mapper.mapList(rbacUserRepository.findByOptionalNameLike(userName), RbacUserResource.class)); return ResponseEntity.ok(mapper.mapList(rbacUserRepository.findByOptionalNameLike(userName), RbacUserResource.class));
} }
@ -95,7 +97,7 @@ public class RbacUserController implements RbacUsersApi {
final String assumedRoles, final String assumedRoles,
final UUID userUuid final UUID userUuid
) { ) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
return ResponseEntity.ok(mapper.mapList( return ResponseEntity.ok(mapper.mapList(
rbacUserRepository.findPermissionsOfUserByUuid(userUuid), rbacUserRepository.findPermissionsOfUserByUuid(userUuid),

View File

@ -14,6 +14,8 @@ import jakarta.persistence.EntityManager;
import jakarta.persistence.PersistenceContext; import jakarta.persistence.PersistenceContext;
import java.util.List; import java.util.List;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
public class TestCustomerController implements TestCustomersApi { public class TestCustomerController implements TestCustomersApi {
@ -36,7 +38,7 @@ public class TestCustomerController implements TestCustomersApi {
String assumedRoles, String assumedRoles,
String prefix String prefix
) { ) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = testCustomerRepository.findCustomerByOptionalPrefixLike(prefix); final var result = testCustomerRepository.findCustomerByOptionalPrefixLike(prefix);
@ -50,7 +52,7 @@ public class TestCustomerController implements TestCustomersApi {
final String assumedRoles, final String assumedRoles,
final TestCustomerResource customer) { final TestCustomerResource customer) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var saved = testCustomerRepository.save(mapper.map(customer, TestCustomerEntity.class)); final var saved = testCustomerRepository.save(mapper.map(customer, TestCustomerEntity.class));
final var uri = final var uri =

View File

@ -14,6 +14,8 @@ import org.springframework.web.bind.annotation.RestController;
import java.util.List; import java.util.List;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.PROD;
@RestController @RestController
public class TestPackageController implements TestPackagesApi { public class TestPackageController implements TestPackagesApi {
@ -33,7 +35,7 @@ public class TestPackageController implements TestPackagesApi {
String assumedRoles, String assumedRoles,
String name String name
) { ) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var result = testPackageRepository.findAllByOptionalNameLike(name); final var result = testPackageRepository.findAllByOptionalNameLike(name);
return ResponseEntity.ok(mapper.mapList(result, TestPackageResource.class)); return ResponseEntity.ok(mapper.mapList(result, TestPackageResource.class));
@ -47,7 +49,7 @@ public class TestPackageController implements TestPackagesApi {
final UUID packageUuid, final UUID packageUuid,
final TestPackageUpdateResource body) { final TestPackageUpdateResource body) {
context.define(currentUser, assumedRoles); context.define(PROD, currentUser, assumedRoles);
final var current = testPackageRepository.findByUuid(packageUuid); final var current = testPackageRepository.findByUuid(packageUuid);
OptionalFromJson.of(body.getDescription()).ifPresent(current::setDescription); OptionalFromJson.of(body.getDescription()).ifPresent(current::setDescription);

View File

@ -5,11 +5,23 @@
--changeset context-DEFINE:1 endDelimiter:--// --changeset context-DEFINE:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/**
Determines the purpose and therefore the life span of an RbacObject.
*/
CREATE TYPE RbacObjectScope AS ENUM (
'BASE', -- initial data which needs to be kept in production systems
'TEST', -- initial test data created via Liquibase, should be removed in production systems
'TEMP', -- temporary test data created by test scripts, should be removed in production systems
'PROD' -- production data which was added after system initialization
);
/* /*
Callback which is called after the context has been (re-) defined. Callback which is called after the context has been (re-) defined.
This function will be overwritten by later changesets. This function will be overwritten by later changesets.
*/ */
create procedure contextDefined( create procedure contextDefined(
currentScope RbacObjectScope,
currentTask varchar(127), currentTask varchar(127),
currentRequest text, currentRequest text,
currentUser varchar(63), currentUser varchar(63),
@ -23,6 +35,7 @@ end; $$;
Defines the transaction context. Defines the transaction context.
*/ */
create or replace procedure defineContext( create or replace procedure defineContext(
currentScope RbacObjectScope,
currentTask varchar(127), currentTask varchar(127),
currentRequest text = null, currentRequest text = null,
currentUser varchar(63) = null, currentUser varchar(63) = null,
@ -30,6 +43,8 @@ create or replace procedure defineContext(
) )
language plpgsql as $$ language plpgsql as $$
begin begin
execute format('set local hsadminng.currentScope to %L', currentScope);
currentTask := coalesce(currentTask, ''); currentTask := coalesce(currentTask, '');
assert length(currentTask) <= 127, FORMAT('currentTask must not be longer than 127 characters: "%s"', currentTask); assert length(currentTask) <= 127, FORMAT('currentTask must not be longer than 127 characters: "%s"', currentTask);
assert length(currentTask) >= 12, FORMAT('currentTask must be at least 12 characters long: "%s""', currentTask); assert length(currentTask) >= 12, FORMAT('currentTask must be at least 12 characters long: "%s""', currentTask);
@ -46,7 +61,35 @@ begin
assert length(assumedRoles) <= 1023, FORMAT('assumedRoles must not be longer than 1023 characters: "%s"', assumedRoles); assert length(assumedRoles) <= 1023, FORMAT('assumedRoles must not be longer than 1023 characters: "%s"', assumedRoles);
execute format('set local hsadminng.assumedRoles to %L', assumedRoles); execute format('set local hsadminng.assumedRoles to %L', assumedRoles);
call contextDefined(currentTask, currentRequest, currentUser, assumedRoles); call contextDefined(currentScope, currentTask, currentRequest, currentUser, assumedRoles);
end; $$;
--//
-- ============================================================================
--changeset context-CURRENT-SCOPE:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Returns the current scope as set via defineContext(...) to `hsadminng.currentScope`.
Raises exception if not set.
*/
create or replace function currentScope()
returns RbacObjectScope
stable -- leakproof
language plpgsql as $$
declare
currentScope varchar;
begin
begin
currentScope := current_setting('hsadminng.currentScope');
exception
when others then
currentScope := null;
end;
if (currentScope is null or currentScope = '') then
raise exception '[401] currentScope must be defined, please call `defineContext(...)`';
end if;
return currentScope::RbacObjectScope;
end; $$; end; $$;
--// --//
@ -55,7 +98,7 @@ end; $$;
--changeset context-CURRENT-TASK:1 endDelimiter:--// --changeset context-CURRENT-TASK:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/* /*
Returns the current task as set by `hsadminng.currentTask`. Returns the current task as set set via defineContext(...) to `hsadminng.currentTask`.
Raises exception if not set. Raises exception if not set.
*/ */
create or replace function currentTask() create or replace function currentTask()

View File

@ -91,13 +91,17 @@ $$;
-- ============================================================================ -- ============================================================================
--changeset rbac-base-OBJECT:1 endDelimiter:--// --changeset rbac-base-OBJECT:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/*
/*
Represents database row under RBAC control within the RBAC-system.
The actual row resists in the database table referenced by `objectTable`.
*/ */
create table RbacObject create table RbacObject
( (
uuid uuid primary key default uuid_generate_v4(), uuid uuid primary key default uuid_generate_v4(),
serialId serial, -- TODO: we might want to remove this once test data deletion works properly scope RbacObjectScope not null,
serialId serial, -- only set for TEMP scope to clean up temp test data in reverse order
objectTable varchar(64) not null, objectTable varchar(64) not null,
unique (objectTable, uuid) unique (objectTable, uuid)
); );
@ -120,18 +124,21 @@ create or replace function insertRelatedRbacObject()
strict as $$ strict as $$
declare declare
objectUuid uuid; objectUuid uuid;
scope RbacObjectScope;
begin begin
scope := currentScope();
if TG_OP = 'INSERT' then if TG_OP = 'INSERT' then
if NEW.uuid is null then if NEW.uuid is null then
insert insert
into RbacObject (objectTable) into RbacObject (scope, objectTable)
values (TG_TABLE_NAME) values (scope, TG_TABLE_NAME)
returning uuid into objectUuid; returning uuid into objectUuid;
NEW.uuid = objectUuid; NEW.uuid = objectUuid;
else else
insert insert
into RbacObject (uuid, objectTable) into RbacObject (uuid, scope, objectTable)
values (NEW.uuid, TG_TABLE_NAME) values (NEW.uuid, scope, TG_TABLE_NAME)
returning uuid into objectUuid; returning uuid into objectUuid;
end if; end if;
return NEW; return NEW;

View File

@ -85,6 +85,7 @@ end; $$;
This function will be overwritten by later changesets. This function will be overwritten by later changesets.
*/ */
create or replace procedure contextDefined( create or replace procedure contextDefined(
currentScope RbacObjectScope,
currentTask varchar(127), currentTask varchar(127),
currentRequest text, currentRequest text,
currentUser varchar(63), currentUser varchar(63),
@ -94,6 +95,8 @@ create or replace procedure contextDefined(
declare declare
currentUserUuid uuid; currentUserUuid uuid;
begin begin
execute format('set local hsadminng.currentScope to %L', currentScope);
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
execute format('set local hsadminng.currentRequest to %L', currentRequest); execute format('set local hsadminng.currentRequest to %L', currentRequest);

View File

@ -94,9 +94,9 @@ $$;
A single row to be referenced as a global object. A single row to be referenced as a global object.
*/ */
begin transaction; begin transaction;
call defineContext('initializing table "global"', null, null, null); call defineContext('BASE'::RbacObjectScope, 'initializing table "global"', null, null, null);
insert insert
into RbacObject (objecttable) values ('global'); into RbacObject (scope, objecttable) values (currentScope(), 'global');
insert insert
into Global (uuid, name) values ((select uuid from RbacObject where objectTable = 'global'), 'global'); into Global (uuid, name) values ((select uuid from RbacObject where objectTable = 'global'), 'global');
commit; commit;
@ -118,7 +118,7 @@ select 'global', (select uuid from RbacObject where objectTable = 'global'), 'AD
$$; $$;
begin transaction; begin transaction;
call defineContext('creating role:global#global:ADMIN', null, null, null); call defineContext('BASE'::RbacObjectScope, 'creating role:global#global:ADMIN', null, null, null);
select createRole(globalAdmin()); select createRole(globalAdmin());
commit; commit;
--// --//
@ -139,7 +139,7 @@ select 'global', (select uuid from RbacObject where objectTable = 'global'), 'GU
$$; $$;
begin transaction; begin transaction;
call defineContext('creating role:global#global:guest', null, null, null); call defineContext('BASE'::RbacObjectScope, 'creating role:global#global:guest', null, null, null);
select createRole(globalGuest()); select createRole(globalGuest());
commit; commit;
--// --//
@ -155,7 +155,7 @@ do language plpgsql $$
declare declare
admins uuid ; admins uuid ;
begin begin
call defineContext('creating fake test-realm admin users', null, null, null); call defineContext('TEST'::RbacObjectScope, 'creating fake test-realm admin users', null, null, null);
admins = findRoleId(globalAdmin()); admins = findRoleId(globalAdmin());
call grantRoleToUserUnchecked(admins, admins, createRbacUser('superuser-alex@hostsharing.net')); call grantRoleToUserUnchecked(admins, admins, createRbacUser('superuser-alex@hostsharing.net'));
@ -179,13 +179,13 @@ do language plpgsql $$
declare declare
userName varchar; userName varchar;
begin begin
call defineContext('testing currentUserUuid', null, 'superuser-fran@hostsharing.net', null); call defineContext('TEST'::RbacObjectScope, 'testing currentUserUuid', null, 'superuser-fran@hostsharing.net', null);
select userName from RbacUser where uuid = currentUserUuid() into userName; select userName from RbacUser where uuid = currentUserUuid() into userName;
if userName <> 'superuser-fran@hostsharing.net' then if userName <> 'superuser-fran@hostsharing.net' then
raise exception 'setting or fetching initial currentUser failed, got: %', userName; raise exception 'setting or fetching initial currentUser failed, got: %', userName;
end if; end if;
call defineContext('testing currentUserUuid', null, 'superuser-alex@hostsharing.net', null); call defineContext('TEST'::RbacObjectScope, 'testing currentUserUuid', null, 'superuser-alex@hostsharing.net', null);
select userName from RbacUser where uuid = currentUserUuid() into userName; select userName from RbacUser where uuid = currentUserUuid() into userName;
if userName = 'superuser-alex@hostsharing.net' then if userName = 'superuser-alex@hostsharing.net' then
raise exception 'currentUser should not change in one transaction, but did change, got: %', userName; raise exception 'currentUser should not change in one transaction, but did change, got: %', userName;

View File

@ -89,7 +89,7 @@ do language plpgsql $$
declare declare
row global; row global;
begin begin
call defineContext('create INSERT INTO test_customer permissions for pre-exising global rows'); call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO test_customer permissions for pre-exising global rows');
FOR row IN SELECT * FROM global FOR row IN SELECT * FROM global
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -32,7 +32,7 @@ declare
newCust test_customer; newCust test_customer;
begin begin
currentTask = 'creating RBAC test customer #' || custReference || '/' || custPrefix; currentTask = 'creating RBAC test customer #' || custReference || '/' || custPrefix;
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN'); call defineContext('TEST'::RbacObjectScope, currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
custRowId = uuid_generate_v4(); custRowId = uuid_generate_v4();

View File

@ -154,7 +154,7 @@ do language plpgsql $$
declare declare
row test_customer; row test_customer;
begin begin
call defineContext('create INSERT INTO test_package permissions for pre-exising test_customer rows'); call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO test_package permissions for pre-exising test_customer rows');
FOR row IN SELECT * FROM test_customer FOR row IN SELECT * FROM test_customer
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -26,7 +26,7 @@ begin
custAdminUser = 'customer-admin@' || cust.prefix || '.example.com'; custAdminUser = 'customer-admin@' || cust.prefix || '.example.com';
custAdminRole = 'test_customer#' || cust.prefix || ':ADMIN'; custAdminRole = 'test_customer#' || cust.prefix || ':ADMIN';
call defineContext(currentTask, null, 'superuser-fran@hostsharing.net', custAdminRole); call defineContext('TEST'::RbacObjectScope, currentTask, null, 'superuser-fran@hostsharing.net', custAdminRole);
raise notice 'task: % by % as %', currentTask, custAdminUser, custAdminRole; raise notice 'task: % by % as %', currentTask, custAdminUser, custAdminRole;
insert insert

View File

@ -153,7 +153,7 @@ do language plpgsql $$
declare declare
row test_package; row test_package;
begin begin
call defineContext('create INSERT INTO test_domain permissions for pre-exising test_package rows'); call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO test_domain permissions for pre-exising test_package rows');
FOR row IN SELECT * FROM test_package FOR row IN SELECT * FROM test_package
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -24,7 +24,7 @@ begin
currentTask = 'creating RBAC test domain #' || t || ' for package ' || pac.name || ' #' || pac.uuid; currentTask = 'creating RBAC test domain #' || t || ' for package ' || pac.name || ' #' || pac.uuid;
raise notice 'task: %', currentTask; raise notice 'task: %', currentTask;
pacAdmin = 'pac-admin-' || pac.name || '@' || pac.custPrefix || '.example.com'; pacAdmin = 'pac-admin-' || pac.name || '@' || pac.custPrefix || '.example.com';
call defineContext(currentTask, null, pacAdmin, null); call defineContext('TEST'::RbacObjectScope, currentTask, null, pacAdmin, null);
insert insert
into test_domain (name, packageUuid) into test_domain (name, packageUuid)

View File

@ -40,7 +40,8 @@ ALTER TABLE hs_office_contact_legacy_id
--changeset hs-office-contact-MIGRATION-insert:1 endDelimiter:--// --changeset hs-office-contact-MIGRATION-insert:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CALL defineContext('schema-migration'); -- at this point only contact rows in scope TEST exist
CALL defineContext('TEST'::RbacObjectScope, 'schema-migration');
INSERT INTO hs_office_contact_legacy_id(uuid, contact_id) INSERT INTO hs_office_contact_legacy_id(uuid, contact_id)
SELECT uuid, nextVal('hs_office_contact_legacy_id_seq') FROM hs_office_contact; SELECT uuid, nextVal('hs_office_contact_legacy_id_seq') FROM hs_office_contact;
--/ --/

View File

@ -19,9 +19,9 @@ begin
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
emailAddr = 'contact-admin@' || cleanIdentifier(contLabel) || '.example.com'; emailAddr = 'contact-admin@' || cleanIdentifier(contLabel) || '.example.com';
call defineContext(currentTask); call defineContext('TEST'::RbacObjectScope, currentTask);
perform createRbacUser(emailAddr); perform createRbacUser(emailAddr);
call defineContext(currentTask, null, emailAddr); call defineContext('TEST'::RbacObjectScope, currentTask, null, emailAddr);
postalAddr := E'Vorname Nachname\nStraße Hnr\nPLZ Stadt'; postalAddr := E'Vorname Nachname\nStraße Hnr\nPLZ Stadt';

View File

@ -23,9 +23,9 @@ begin
fullName := concat_ws(', ', newTradeName, newFamilyName, newGivenName); fullName := concat_ws(', ', newTradeName, newFamilyName, newGivenName);
currentTask = 'creating person test-data ' || fullName; currentTask = 'creating person test-data ' || fullName;
emailAddr = 'person-' || left(cleanIdentifier(fullName), 32) || '@example.com'; emailAddr = 'person-' || left(cleanIdentifier(fullName), 32) || '@example.com';
call defineContext(currentTask); call defineContext('TEST'::RbacObjectScope, currentTask);
perform createRbacUser(emailAddr); perform createRbacUser(emailAddr);
call defineContext(currentTask, null, emailAddr); call defineContext('TEST'::RbacObjectScope, currentTask, null, emailAddr);
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
raise notice 'creating test person: % by %', fullName, emailAddr; raise notice 'creating test person: % by %', fullName, emailAddr;

View File

@ -163,7 +163,8 @@ do language plpgsql $$
declare declare
row hs_office_person; row hs_office_person;
begin begin
call defineContext('create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows'); -- at this point, all existing relation rows are in scope TEST
call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows');
FOR row IN SELECT * FROM hs_office_person FOR row IN SELECT * FROM hs_office_person
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -25,7 +25,7 @@ declare
begin begin
idName := cleanIdentifier( anchorPersonName || '-' || holderPersonName); idName := cleanIdentifier( anchorPersonName || '-' || holderPersonName);
currentTask := 'creating relation test-data ' || idName; currentTask := 'creating relation test-data ' || idName;
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN'); call defineContext('TEST'::RbacObjectScope, currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
select p.* select p.*

View File

@ -166,7 +166,8 @@ do language plpgsql $$
declare declare
row global; row global;
begin begin
call defineContext('create INSERT INTO hs_office_partner permissions for pre-exising global rows'); -- global rows are in scope BASE, therefore also this is run in scope BASE
call defineContext('BASE'::RbacObjectScope, 'create INSERT INTO hs_office_partner permissions for pre-exising global rows');
FOR row IN SELECT * FROM global FOR row IN SELECT * FROM global
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -70,7 +70,8 @@ do language plpgsql $$
declare declare
row global; row global;
begin begin
call defineContext('create INSERT INTO hs_office_partner_details permissions for pre-exising global rows'); -- at this point, all existing partner rows are in scope TEST
call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO hs_office_partner_details permissions for pre-exising global rows');
FOR row IN SELECT * FROM global FOR row IN SELECT * FROM global
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -39,7 +39,8 @@ ALTER TABLE hs_office_partner_legacy_id
--changeset hs-office-partner-MIGRATION-insert:1 endDelimiter:--// --changeset hs-office-partner-MIGRATION-insert:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CALL defineContext('schema-migration'); -- at this point, only partner rows in scope TEST exist
CALL defineContext('TEST'::RbacObjectScope, 'schema-migration');
INSERT INTO hs_office_partner_legacy_id(uuid, bp_id) INSERT INTO hs_office_partner_legacy_id(uuid, bp_id)
SELECT uuid, nextVal('hs_office_partner_legacy_id_seq') FROM hs_office_partner; SELECT uuid, nextVal('hs_office_partner_legacy_id_seq') FROM hs_office_partner;
--/ --/

View File

@ -24,7 +24,7 @@ declare
begin begin
idName := cleanIdentifier( partnerPersonName|| '-' || contactLabel); idName := cleanIdentifier( partnerPersonName|| '-' || contactLabel);
currentTask := 'creating partner test-data ' || idName; currentTask := 'creating partner test-data ' || idName;
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN'); call defineContext('TEST'::RbacObjectScope, currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
select p.* from hs_office_person p select p.* from hs_office_person p

View File

@ -18,9 +18,9 @@ begin
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
emailAddr = 'bankaccount-admin@' || cleanIdentifier(givenHolder) || '.example.com'; emailAddr = 'bankaccount-admin@' || cleanIdentifier(givenHolder) || '.example.com';
call defineContext(currentTask); call defineContext('TEST'::RbacObjectScope, currentTask);
perform createRbacUser(emailAddr); perform createRbacUser(emailAddr);
call defineContext(currentTask, null, emailAddr); call defineContext('TEST'::RbacObjectScope, currentTask, null, emailAddr);
raise notice 'creating test bankaccount: %', givenHolder; raise notice 'creating test bankaccount: %', givenHolder;
insert insert

View File

@ -139,7 +139,8 @@ do language plpgsql $$
declare declare
row global; row global;
begin begin
call defineContext('create INSERT INTO hs_office_debitor permissions for pre-exising global rows'); -- at this point, all existing debitor rows are in scope TEST
call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO hs_office_debitor permissions for pre-exising global rows');
FOR row IN SELECT * FROM global FOR row IN SELECT * FROM global
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -23,7 +23,7 @@ declare
begin begin
idName := cleanIdentifier( forPartnerPersonName|| '-' || forBillingContactLabel); idName := cleanIdentifier( forPartnerPersonName|| '-' || forBillingContactLabel);
currentTask := 'creating debitor test-data ' || idName; currentTask := 'creating debitor test-data ' || idName;
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN'); call defineContext('TEST'::RbacObjectScope, currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
select debitorRel.uuid select debitorRel.uuid

View File

@ -114,7 +114,8 @@ do language plpgsql $$
declare declare
row hs_office_relation; row hs_office_relation;
begin begin
call defineContext('create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows'); -- at this point, all existing sepamandate rows are in scope TEST
call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows');
FOR row IN SELECT * FROM hs_office_relation FOR row IN SELECT * FROM hs_office_relation
WHERE type = 'DEBITOR' WHERE type = 'DEBITOR'

View File

@ -41,7 +41,8 @@ ALTER TABLE hs_office_sepamandate_legacy_id
--changeset hs-office-sepamandate-MIGRATION-insert:1 endDelimiter:--// --changeset hs-office-sepamandate-MIGRATION-insert:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CALL defineContext('schema-migration'); -- at this point, all existing sepamandate rows are in scope TEST
CALL defineContext('TEST'::RbacObjectScope, 'schema-migration');
INSERT INTO hs_office_sepamandate_legacy_id(uuid, sepa_mandate_id) INSERT INTO hs_office_sepamandate_legacy_id(uuid, sepa_mandate_id)
SELECT uuid, nextVal('hs_office_sepamandate_legacy_id_seq') FROM hs_office_sepamandate; SELECT uuid, nextVal('hs_office_sepamandate_legacy_id_seq') FROM hs_office_sepamandate;
--/ --/

View File

@ -20,7 +20,7 @@ declare
relatedBankAccount hs_office_bankAccount; relatedBankAccount hs_office_bankAccount;
begin begin
currentTask := 'creating SEPA-mandate test-data ' || forPartnerNumber::text || forDebitorSuffix::text; currentTask := 'creating SEPA-mandate test-data ' || forPartnerNumber::text || forDebitorSuffix::text;
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN'); call defineContext('TEST'::RbacObjectScope, currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
select debitor.* into relatedDebitor select debitor.* into relatedDebitor

View File

@ -101,7 +101,8 @@ do language plpgsql $$
declare declare
row global; row global;
begin begin
call defineContext('create INSERT INTO hs_office_membership permissions for pre-exising global rows'); -- at this point, all existing membership rows are in scope TEST
call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO hs_office_membership permissions for pre-exising global rows');
FOR row IN SELECT * FROM global FOR row IN SELECT * FROM global
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -19,7 +19,7 @@ begin
currentTask := 'creating Membership test-data ' || currentTask := 'creating Membership test-data ' ||
'P-' || forPartnerNumber::text || 'P-' || forPartnerNumber::text ||
'M-...' || newMemberNumberSuffix; 'M-...' || newMemberNumberSuffix;
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN'); call defineContext('TEST'::RbacObjectScope, currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
select partner.* from hs_office_partner partner select partner.* from hs_office_partner partner

View File

@ -77,7 +77,8 @@ do language plpgsql $$
declare declare
row hs_office_membership; row hs_office_membership;
begin begin
call defineContext('create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows'); -- at this point, all existing coopshares rows are in scope TEST
call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows');
FOR row IN SELECT * FROM hs_office_membership FOR row IN SELECT * FROM hs_office_membership
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -40,7 +40,8 @@ ALTER TABLE hs_office_coopsharestransaction_legacy_id
--changeset hs-office-coopshares-MIGRATION-insert:1 endDelimiter:--// --changeset hs-office-coopshares-MIGRATION-insert:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CALL defineContext('schema-migration'); -- at this point, all existing coopshares rows are in scope TEST
CALL defineContext('TEST'::RbacObjectScope, 'schema-migration');
INSERT INTO hs_office_coopsharestransaction_legacy_id(uuid, member_share_id) INSERT INTO hs_office_coopsharestransaction_legacy_id(uuid, member_share_id)
SELECT uuid, nextVal('hs_office_coopsharestransaction_legacy_id_seq') FROM hs_office_coopsharestransaction; SELECT uuid, nextVal('hs_office_coopsharestransaction_legacy_id_seq') FROM hs_office_coopsharestransaction;
--/ --/

View File

@ -22,7 +22,7 @@ begin
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
SET CONSTRAINTS ALL DEFERRED; SET CONSTRAINTS ALL DEFERRED;
call defineContext(currentTask); call defineContext('TEST'::RbacObjectScope, currentTask);
select m.uuid select m.uuid
from hs_office_membership m from hs_office_membership m
join hs_office_partner p on p.uuid = m.partneruuid join hs_office_partner p on p.uuid = m.partneruuid

View File

@ -77,7 +77,8 @@ do language plpgsql $$
declare declare
row hs_office_membership; row hs_office_membership;
begin begin
call defineContext('create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows'); -- at this point, all existing coopassettransaction rows are in scope TEST
call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows');
FOR row IN SELECT * FROM hs_office_membership FOR row IN SELECT * FROM hs_office_membership
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -40,7 +40,8 @@ ALTER TABLE hs_office_coopassetstransaction_legacy_id
--changeset hs-office-coopassets-MIGRATION-insert:1 endDelimiter:--// --changeset hs-office-coopassets-MIGRATION-insert:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CALL defineContext('schema-migration'); -- at this point, all existing coopassettransaction rows are in scope TEST
CALL defineContext('TEST'::RbacObjectScope, 'schema-migration');
INSERT INTO hs_office_coopassetstransaction_legacy_id(uuid, member_asset_id) INSERT INTO hs_office_coopassetstransaction_legacy_id(uuid, member_asset_id)
SELECT uuid, nextVal('hs_office_coopassetstransaction_legacy_id_seq') FROM hs_office_coopassetstransaction; SELECT uuid, nextVal('hs_office_coopassetstransaction_legacy_id_seq') FROM hs_office_coopassetstransaction;
--/ --/

View File

@ -22,7 +22,7 @@ begin
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
SET CONSTRAINTS ALL DEFERRED; SET CONSTRAINTS ALL DEFERRED;
call defineContext(currentTask); call defineContext('TEST'::RbacObjectScope, currentTask);
select m.uuid select m.uuid
from hs_office_membership m from hs_office_membership m
join hs_office_partner p on p.uuid = m.partneruuid join hs_office_partner p on p.uuid = m.partneruuid

View File

@ -110,7 +110,8 @@ do language plpgsql $$
declare declare
row hs_office_relation; row hs_office_relation;
begin begin
call defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_office_relation rows'); -- at this point, all existing booking_item rows are in scope TEST
call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO hs_booking_item permissions for pre-exising hs_office_relation rows');
FOR row IN SELECT * FROM hs_office_relation FOR row IN SELECT * FROM hs_office_relation
WHERE type = 'DEBITOR' WHERE type = 'DEBITOR'

View File

@ -18,7 +18,7 @@ declare
relatedDebitor hs_office_debitor; relatedDebitor hs_office_debitor;
begin begin
currentTask := 'creating booking-item test-data ' || givenPartnerNumber::text || givenDebitorSuffix; currentTask := 'creating booking-item test-data ' || givenPartnerNumber::text || givenDebitorSuffix;
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN'); call defineContext('TEST'::RbacObjectScope, currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
select debitor.* into relatedDebitor select debitor.* into relatedDebitor

View File

@ -103,7 +103,8 @@ do language plpgsql $$
declare declare
row hs_booking_item; row hs_booking_item;
begin begin
call defineContext('create INSERT INTO hs_hosting_asset permissions for pre-exising hs_booking_item rows'); -- at this point, all existing hosting_asset rows are in scope TEST
call defineContext('TEST'::RbacObjectScope, 'create INSERT INTO hs_hosting_asset permissions for pre-exising hs_booking_item rows');
FOR row IN SELECT * FROM hs_booking_item FOR row IN SELECT * FROM hs_booking_item
-- unconditional for all rows in that table -- unconditional for all rows in that table

View File

@ -21,7 +21,7 @@ declare
managedServerUuid uuid; managedServerUuid uuid;
begin begin
currentTask := 'creating hosting-asset test-data ' || givenPartnerNumber::text || givenDebitorSuffix; currentTask := 'creating hosting-asset test-data ' || givenPartnerNumber::text || givenDebitorSuffix;
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN'); call defineContext('TEST'::RbacObjectScope, currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
select debitor.* into relatedDebitor select debitor.* into relatedDebitor

View File

@ -21,6 +21,7 @@ import java.util.Map;
import java.util.UUID; import java.util.UUID;
import static java.util.Map.entry; import static java.util.Map.entry;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.matchesRegex; import static org.hamcrest.Matchers.matchesRegex;
@ -111,7 +112,7 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void globalAdmin_canAddBookingItem() { void globalAdmin_canAddBookingItem() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(1000111).get(0); final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(1000111).get(0);
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -155,7 +156,7 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void globalAdmin_canGetArbitraryBookingItem() { void globalAdmin_canGetArbitraryBookingItem() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBookingItemUuid = bookingItemRepo.findAll().stream() final var givenBookingItemUuid = bookingItemRepo.findAll().stream()
.filter(bi -> bi.getDebitor().getDebitorNumber() == 1000111) .filter(bi -> bi.getDebitor().getDebitorNumber() == 1000111)
.filter(item -> item.getCaption().equals("some CloudServer")) .filter(item -> item.getCaption().equals("some CloudServer"))
@ -182,7 +183,7 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void normalUser_canNotGetUnrelatedBookingItem() { void normalUser_canNotGetUnrelatedBookingItem() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBookingItemUuid = bookingItemRepo.findAll().stream() final var givenBookingItemUuid = bookingItemRepo.findAll().stream()
.filter(bi -> bi.getDebitor().getDebitorNumber() == 1000212) .filter(bi -> bi.getDebitor().getDebitorNumber() == 1000212)
.map(HsBookingItemEntity::getUuid) .map(HsBookingItemEntity::getUuid)
@ -200,7 +201,7 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void debitorAgentUser_canGetRelatedBookingItem() { void debitorAgentUser_canGetRelatedBookingItem() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBookingItemUuid = bookingItemRepo.findAll().stream() final var givenBookingItemUuid = bookingItemRepo.findAll().stream()
.filter(bi -> bi.getDebitor().getDebitorNumber() == 1000313) .filter(bi -> bi.getDebitor().getDebitorNumber() == 1000313)
.filter(item -> item.getCaption().equals("some CloudServer")) .filter(item -> item.getCaption().equals("some CloudServer"))
@ -269,7 +270,7 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
""")); // @formatter:on """)); // @formatter:on
// finally, the bookingItem is actually updated // finally, the bookingItem is actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(bookingItemRepo.findByUuid(givenBookingItem.getUuid())).isPresent().get() assertThat(bookingItemRepo.findByUuid(givenBookingItem.getUuid())).isPresent().get()
.matches(mandate -> { .matches(mandate -> {
assertThat(mandate.getDebitor().toString()).isEqualTo("debitor(D-1000111: rel(anchor='LP First GmbH', type='DEBITOR', holder='LP First GmbH'), fir)"); assertThat(mandate.getDebitor().toString()).isEqualTo("debitor(D-1000111: rel(anchor='LP First GmbH', type='DEBITOR', holder='LP First GmbH'), fir)");
@ -285,7 +286,7 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void globalAdmin_canDeleteArbitraryBookingItem() { void globalAdmin_canDeleteArbitraryBookingItem() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBookingItem = givenSomeTemporaryBookingItemForDebitorNumber(1000111, entry("something", 1)); final var givenBookingItem = givenSomeTemporaryBookingItemForDebitorNumber(1000111, entry("something", 1));
RestAssured // @formatter:off RestAssured // @formatter:off
@ -303,7 +304,7 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void normalUser_canNotDeleteUnrelatedBookingItem() { void normalUser_canNotDeleteUnrelatedBookingItem() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBookingItem = givenSomeTemporaryBookingItemForDebitorNumber(1000111, entry("something", 1)); final var givenBookingItem = givenSomeTemporaryBookingItemForDebitorNumber(1000111, entry("something", 1));
RestAssured // @formatter:off RestAssured // @formatter:off
@ -323,7 +324,7 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
private HsBookingItemEntity givenSomeTemporaryBookingItemForDebitorNumber(final int debitorNumber, private HsBookingItemEntity givenSomeTemporaryBookingItemForDebitorNumber(final int debitorNumber,
final Map.Entry<String, Integer> resources) { final Map.Entry<String, Integer> resources) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(debitorNumber).get(0); final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(debitorNumber).get(0);
final var newBookingItem = HsBookingItemEntity.builder() final var newBookingItem = HsBookingItemEntity.builder()
.uuid(UUID.randomUUID()) .uuid(UUID.randomUUID())

View File

@ -19,6 +19,7 @@ import java.util.Map;
import java.util.UUID; import java.util.UUID;
import static java.util.Map.entry; import static java.util.Map.entry;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.matchesRegex; import static org.hamcrest.Matchers.matchesRegex;
@ -109,7 +110,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void globalAdmin_canAddAsset() { void globalAdmin_canAddAsset() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBookingItem = givenBookingItem("First", "some PrivateCloud"); final var givenBookingItem = givenBookingItem("First", "some PrivateCloud");
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -154,7 +155,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void globalAdmin_canGetArbitraryAsset() { void globalAdmin_canGetArbitraryAsset() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAssetUuid = assetRepo.findAll().stream() final var givenAssetUuid = assetRepo.findAll().stream()
.filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000111) .filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000111)
.filter(item -> item.getCaption().equals("some ManagedServer")) .filter(item -> item.getCaption().equals("some ManagedServer"))
@ -183,7 +184,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void normalUser_canNotGetUnrelatedAsset() { void normalUser_canNotGetUnrelatedAsset() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAssetUuid = assetRepo.findAll().stream() final var givenAssetUuid = assetRepo.findAll().stream()
.filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000212) .filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000212)
.map(HsHostingAssetEntity::getUuid) .map(HsHostingAssetEntity::getUuid)
@ -201,7 +202,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void debitorAgentUser_canGetRelatedAsset() { void debitorAgentUser_canGetRelatedAsset() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAssetUuid = assetRepo.findAll().stream() final var givenAssetUuid = assetRepo.findAll().stream()
.filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000313) .filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000313)
.filter(bi -> bi.getCaption().equals("some ManagedServer")) .filter(bi -> bi.getCaption().equals("some ManagedServer"))
@ -271,7 +272,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
""")); // @formatter:on """)); // @formatter:on
// finally, the asset is actually updated // finally, the asset is actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(assetRepo.findByUuid(givenAsset.getUuid())).isPresent().get() assertThat(assetRepo.findByUuid(givenAsset.getUuid())).isPresent().get()
.matches(asset -> { .matches(asset -> {
assertThat(asset.toString()).isEqualTo("HsHostingAssetEntity(D-1000111:some CloudServer, CLOUD_SERVER, vm2001, some test-asset, { CPU: 4, SSD: 4096, something: 1 })"); assertThat(asset.toString()).isEqualTo("HsHostingAssetEntity(D-1000111:some CloudServer, CLOUD_SERVER, vm2001, some test-asset, { CPU: 4, SSD: 4096, something: 1 })");
@ -285,7 +286,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void globalAdmin_canDeleteArbitraryAsset() { void globalAdmin_canDeleteArbitraryAsset() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAsset = givenSomeTemporaryAssetForDebitorNumber("2002", entry("something", 1)); final var givenAsset = givenSomeTemporaryAssetForDebitorNumber("2002", entry("something", 1));
RestAssured // @formatter:off RestAssured // @formatter:off
@ -303,7 +304,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void normalUser_canNotDeleteUnrelatedAsset() { void normalUser_canNotDeleteUnrelatedAsset() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAsset = givenSomeTemporaryAssetForDebitorNumber("2003", entry("something", 1)); final var givenAsset = givenSomeTemporaryAssetForDebitorNumber("2003", entry("something", 1));
RestAssured // @formatter:off RestAssured // @formatter:off
@ -330,7 +331,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
private HsHostingAssetEntity givenSomeTemporaryAssetForDebitorNumber(final String identifierSuffix, private HsHostingAssetEntity givenSomeTemporaryAssetForDebitorNumber(final String identifierSuffix,
final Map.Entry<String, Integer> resources) { final Map.Entry<String, Integer> resources) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var newAsset = HsHostingAssetEntity.builder() final var newAsset = HsHostingAssetEntity.builder()
.uuid(UUID.randomUUID()) .uuid(UUID.randomUUID())
.bookingItem(givenBookingItem("First", "some CloudServer")) .bookingItem(givenBookingItem("First", "some CloudServer"))

View File

@ -18,6 +18,7 @@ import jakarta.persistence.EntityManager;
import jakarta.persistence.PersistenceContext; import jakarta.persistence.PersistenceContext;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@ -116,7 +117,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_withoutAssumedRole_canAddBankAccount() { void globalAdmin_withoutAssumedRole_canAddBankAccount() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
.given() .given()
@ -154,7 +155,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_withoutAssumedRole_canGetArbitraryBankAccount() { void globalAdmin_withoutAssumedRole_canGetArbitraryBankAccount() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBankAccountUuid = bankAccountRepo.findByOptionalHolderLike("first").get(0).getUuid(); final var givenBankAccountUuid = bankAccountRepo.findByOptionalHolderLike("first").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -175,7 +176,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void normalUser_canNotGetUnrelatedBankAccount() { void normalUser_canNotGetUnrelatedBankAccount() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBankAccountUuid = bankAccountRepo.findByOptionalHolderLike("first").get(0).getUuid(); final var givenBankAccountUuid = bankAccountRepo.findByOptionalHolderLike("first").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -191,7 +192,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
@Disabled("TODO: not implemented yet - also add Accepts annotation when done") @Disabled("TODO: not implemented yet - also add Accepts annotation when done")
void bankaccountAdminUser_canGetRelatedBankAccount() { void bankaccountAdminUser_canGetRelatedBankAccount() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBankAccountUuid = bankAccountRepo.findByOptionalHolderLike("first").get(0).getUuid(); final var givenBankAccountUuid = bankAccountRepo.findByOptionalHolderLike("first").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -219,7 +220,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void patchIsNotImplemented() { void patchIsNotImplemented() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBankAccount = givenSomeTemporaryBankAccountCreatedBy("selfregistered-test-user@hostsharing.org"); final var givenBankAccount = givenSomeTemporaryBankAccountCreatedBy("selfregistered-test-user@hostsharing.org");
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -241,7 +242,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
// @formatter:on // @formatter:on
// and the bankaccount is unchanged // and the bankaccount is unchanged
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(bankAccountRepo.findByUuid(givenBankAccount.getUuid())).isPresent().get() assertThat(bankAccountRepo.findByUuid(givenBankAccount.getUuid())).isPresent().get()
.matches(person -> { .matches(person -> {
assertThat(person.getHolder()).isEqualTo(givenBankAccount.getHolder()); assertThat(person.getHolder()).isEqualTo(givenBankAccount.getHolder());
@ -257,7 +258,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_withoutAssumedRole_canDeleteArbitraryBankAccount() { void globalAdmin_withoutAssumedRole_canDeleteArbitraryBankAccount() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBankAccount = givenSomeTemporaryBankAccountCreatedBy("selfregistered-test-user@hostsharing.org"); final var givenBankAccount = givenSomeTemporaryBankAccountCreatedBy("selfregistered-test-user@hostsharing.org");
RestAssured // @formatter:off RestAssured // @formatter:off
@ -292,7 +293,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void normalUser_canNotDeleteUnrelatedBankAccount() { void normalUser_canNotDeleteUnrelatedBankAccount() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenBankAccount = givenSomeTemporaryBankAccountCreatedBy("selfregistered-test-user@hostsharing.org"); final var givenBankAccount = givenSomeTemporaryBankAccountCreatedBy("selfregistered-test-user@hostsharing.org");
RestAssured // @formatter:off RestAssured // @formatter:off
@ -312,7 +313,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
private HsOfficeBankAccountEntity givenSomeTemporaryBankAccountCreatedBy(final String creatingUser) { private HsOfficeBankAccountEntity givenSomeTemporaryBankAccountCreatedBy(final String creatingUser) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define(creatingUser); context.define(TEMP, creatingUser);
final var newBankAccount = HsOfficeBankAccountEntity.builder() final var newBankAccount = HsOfficeBankAccountEntity.builder()
.holder("temp acc #" + RandomStringUtils.randomAlphabetic(3)) .holder("temp acc #" + RandomStringUtils.randomAlphabetic(3))
.iban("DE93500105179473626226") .iban("DE93500105179473626226")
@ -327,7 +328,7 @@ class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCl
@AfterEach @AfterEach
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
em.createQuery("DELETE FROM HsOfficeBankAccountEntity b WHERE b.holder LIKE 'temp %'").executeUpdate(); em.createQuery("DELETE FROM HsOfficeBankAccountEntity b WHERE b.holder LIKE 'temp %'").executeUpdate();
}); });
} }

View File

@ -22,6 +22,7 @@ import jakarta.persistence.PersistenceContext;
import java.util.Map; import java.util.Map;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@ -95,7 +96,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canAddContact() { void globalAdmin_withoutAssumedRole_canAddContact() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
.given() .given()
@ -133,7 +134,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canGetArbitraryContact() { void globalAdmin_withoutAssumedRole_canGetArbitraryContact() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenContactUuid = contactRepo.findContactByOptionalLabelLike("first").get(0).getUuid(); final var givenContactUuid = contactRepo.findContactByOptionalLabelLike("first").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -154,7 +155,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void normalUser_canNotGetUnrelatedContact() { void normalUser_canNotGetUnrelatedContact() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenContactUuid = contactRepo.findContactByOptionalLabelLike("first").get(0).getUuid(); final var givenContactUuid = contactRepo.findContactByOptionalLabelLike("first").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -169,7 +170,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void contactAdminUser_canGetRelatedContact() { void contactAdminUser_canGetRelatedContact() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenContactUuid = contactRepo.findContactByOptionalLabelLike("first").get(0).getUuid(); final var givenContactUuid = contactRepo.findContactByOptionalLabelLike("first").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -201,7 +202,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canPatchAllPropertiesOfArbitraryContact() { void globalAdmin_withoutAssumedRole_canPatchAllPropertiesOfArbitraryContact() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org"); final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org");
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -234,7 +235,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
// @formatter:on // @formatter:on
// finally, the contact is actually updated // finally, the contact is actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
assertThat(contactRepo.findByUuid(givenContact.getUuid())).isPresent().get() assertThat(contactRepo.findByUuid(givenContact.getUuid())).isPresent().get()
.matches(person -> { .matches(person -> {
assertThat(person.getLabel()).isEqualTo("Temp patched contact"); assertThat(person.getLabel()).isEqualTo("Temp patched contact");
@ -248,7 +249,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canPatchPartialPropertiesOfArbitraryContact() { void globalAdmin_withoutAssumedRole_canPatchPartialPropertiesOfArbitraryContact() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org"); final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org");
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -296,7 +297,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canDeleteArbitraryContact() { void globalAdmin_withoutAssumedRole_canDeleteArbitraryContact() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org"); final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org");
RestAssured // @formatter:off RestAssured // @formatter:off
@ -331,7 +332,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void normalUser_canNotDeleteUnrelatedContact() { void normalUser_canNotDeleteUnrelatedContact() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org"); final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org");
RestAssured // @formatter:off RestAssured // @formatter:off
@ -351,7 +352,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
private HsOfficeContactEntity givenSomeTemporaryContactCreatedBy(final String creatingUser) { private HsOfficeContactEntity givenSomeTemporaryContactCreatedBy(final String creatingUser) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define(creatingUser); context.define(TEMP, creatingUser, null);
final var newContact = HsOfficeContactEntity.builder() final var newContact = HsOfficeContactEntity.builder()
.uuid(UUID.randomUUID()) .uuid(UUID.randomUUID())
.label("Temp from " + Context.getCallerMethodNameFromStackFrame(1) ) .label("Temp from " + Context.getCallerMethodNameFromStackFrame(1) )
@ -368,7 +369,7 @@ class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanu
@AfterEach @AfterEach
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
em.createQuery("DELETE FROM HsOfficeContactEntity c WHERE c.label LIKE 'Temp %'").executeUpdate(); em.createQuery("DELETE FROM HsOfficeContactEntity c WHERE c.label LIKE 'Temp %'").executeUpdate();
}).assertSuccessful(); }).assertSuccessful();
} }

View File

@ -22,6 +22,7 @@ import java.math.BigDecimal;
import java.time.LocalDate; import java.time.LocalDate;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.hs.office.coopassets.HsOfficeCoopAssetsTransactionType.DEPOSIT; import static net.hostsharing.hsadminng.hs.office.coopassets.HsOfficeCoopAssetsTransactionType.DEPOSIT;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
@ -75,7 +76,7 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canFindCoopAssetsTransactionsByMemberNumber() { void globalAdmin_canFindCoopAssetsTransactionsByMemberNumber() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000202); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000202);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -138,7 +139,7 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canFindCoopAssetsTransactionsByMembershipUuidAndDateRange() { void globalAdmin_canFindCoopAssetsTransactionsByMembershipUuidAndDateRange() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000202); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000202);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -171,7 +172,7 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canAddCoopAssetsTransaction() { void globalAdmin_canAddCoopAssetsTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101);
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -216,11 +217,11 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canAddCoopAssetsAdjustmentTransaction() { void globalAdmin_canAddCoopAssetsAdjustmentTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101);
final var givenTransaction = jpaAttempt.transacted(() -> { final var givenTransaction = jpaAttempt.transacted(() -> {
// TODO.impl: introduce something like transactedAsSuperuser / transactedAs("...", ...) // TODO.impl: introduce something like transactedAsSuperuser / transactedAs("...", ...)
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
return coopAssetsTransactionRepo.save(HsOfficeCoopAssetsTransactionEntity.builder() return coopAssetsTransactionRepo.save(HsOfficeCoopAssetsTransactionEntity.builder()
.transactionType(DEPOSIT) .transactionType(DEPOSIT)
.valueDate(LocalDate.of(2022, 10, 20)) .valueDate(LocalDate.of(2022, 10, 20))
@ -284,7 +285,7 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canNotCancelMoreAssetsThanCurrentlySubscribed() { void globalAdmin_canNotCancelMoreAssetsThanCurrentlySubscribed() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -322,7 +323,7 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_withoutAssumedRole_canGetArbitraryCoopAssetTransaction() { void globalAdmin_withoutAssumedRole_canGetArbitraryCoopAssetTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenCoopAssetTransactionUuid = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange( final var givenCoopAssetTransactionUuid = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange(
null, null,
LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15),
@ -345,7 +346,7 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void normalUser_canNotGetUnrelatedCoopAssetTransaction() { void normalUser_canNotGetUnrelatedCoopAssetTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenCoopAssetTransactionUuid = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange( final var givenCoopAssetTransactionUuid = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange(
null, null,
LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15),
@ -362,7 +363,7 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void partnerPersonUser_canGetRelatedCoopAssetTransaction() { void partnerPersonUser_canGetRelatedCoopAssetTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenCoopAssetTransactionUuid = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange( final var givenCoopAssetTransactionUuid = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange(
null, null,
LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15),
@ -390,7 +391,7 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
@AfterEach @AfterEach
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
// HsOfficeCoopAssetsTransactionEntity respectively hs_office_coopassetstransaction_rv // HsOfficeCoopAssetsTransactionEntity respectively hs_office_coopassetstransaction_rv
// cannot be deleted at all, but the underlying table record can be deleted. // cannot be deleted at all, but the underlying table record can be deleted.
em.createNativeQuery("delete from hs_office_coopassetstransaction where reference like 'temp %'") em.createNativeQuery("delete from hs_office_coopassetstransaction where reference like 'temp %'")

View File

@ -22,6 +22,7 @@ import jakarta.persistence.PersistenceContext;
import java.time.LocalDate; import java.time.LocalDate;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@ -54,7 +55,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
@AfterEach @AfterEach
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
// HsOfficeCoopSharesTransactionEntity respectively hs_office_coopsharestransaction_rv // HsOfficeCoopSharesTransactionEntity respectively hs_office_coopsharestransaction_rv
// cannot be deleted at all, but the underlying table record can be deleted. // cannot be deleted at all, but the underlying table record can be deleted.
em.createNativeQuery("delete from hs_office_coopsharestransaction where reference like 'temp %'").executeUpdate(); em.createNativeQuery("delete from hs_office_coopsharestransaction where reference like 'temp %'").executeUpdate();
@ -82,7 +83,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canFindCoopSharesTransactionsByMemberNumber() { void globalAdmin_canFindCoopSharesTransactionsByMemberNumber() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000202); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000202);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -137,7 +138,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canFindCoopSharesTransactionsByMembershipUuidAndDateRange() { void globalAdmin_canFindCoopSharesTransactionsByMembershipUuidAndDateRange() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000202); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000202);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -162,7 +163,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canAddCoopSharesTransaction() { void globalAdmin_canAddCoopSharesTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101);
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -193,11 +194,11 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canAddCoopSharesAdjustmentTransaction() { void globalAdmin_canAddCoopSharesAdjustmentTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101);
final var givenTransaction = jpaAttempt.transacted(() -> { final var givenTransaction = jpaAttempt.transacted(() -> {
// TODO.impl: introduce something like transactedAsSuperuser / transactedAs("...", ...) // TODO.impl: introduce something like transactedAsSuperuser / transactedAs("...", ...)
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
return coopSharesTransactionRepo.save(HsOfficeCoopSharesTransactionEntity.builder() return coopSharesTransactionRepo.save(HsOfficeCoopSharesTransactionEntity.builder()
.transactionType(HsOfficeCoopSharesTransactionType.SUBSCRIPTION) .transactionType(HsOfficeCoopSharesTransactionType.SUBSCRIPTION)
.valueDate(LocalDate.of(2022, 10, 20)) .valueDate(LocalDate.of(2022, 10, 20))
@ -261,7 +262,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_canNotCancelMoreSharesThanCurrentlySubscribed() { void globalAdmin_canNotCancelMoreSharesThanCurrentlySubscribed() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101); final var givenMembership = membershipRepo.findMembershipByMemberNumber(1000101);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -289,7 +290,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void globalAdmin_withoutAssumedRole_canGetArbitraryCoopShareTransaction() { void globalAdmin_withoutAssumedRole_canGetArbitraryCoopShareTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenCoopShareTransactionUuid = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid(); final var givenCoopShareTransactionUuid = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -302,7 +303,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void normalUser_canNotGetUnrelatedCoopShareTransaction() { void normalUser_canNotGetUnrelatedCoopShareTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenCoopShareTransactionUuid = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid(); final var givenCoopShareTransactionUuid = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -311,7 +312,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
@Test @Test
void partnerPersonUser_canGetRelatedCoopShareTransaction() { void partnerPersonUser_canGetRelatedCoopShareTransaction() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenCoopShareTransactionUuid = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid(); final var givenCoopShareTransactionUuid = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off

View File

@ -26,6 +26,7 @@ import jakarta.persistence.EntityManager;
import jakarta.persistence.PersistenceContext; import jakarta.persistence.PersistenceContext;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.DEBITOR; import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.DEBITOR;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
@ -266,14 +267,14 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canAddDebitorWithBankAccount() { void globalAdmin_withoutAssumedRole_canAddDebitorWithBankAccount() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Third").get(0); final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Third").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0);
final var givenBankAccount = bankAccountRepo.findByOptionalHolderLike("Fourth").get(0); final var givenBankAccount = bankAccountRepo.findByOptionalHolderLike("Fourth").get(0);
final var givenBillingPerson = personRepo.findPersonByOptionalNameLike("Fourth").get(0); final var givenBillingPerson = personRepo.findPersonByOptionalNameLike("Fourth").get(0);
final var givenDebitorRelUUid = jpaAttempt.transacted(() -> { final var givenDebitorRelUUid = jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
return relRepo.save(HsOfficeRelationEntity.builder() return relRepo.save(HsOfficeRelationEntity.builder()
.type(DEBITOR) .type(DEBITOR)
.anchor(givenPartner.getPartnerRel().getHolder()) .anchor(givenPartner.getPartnerRel().getHolder())
@ -323,7 +324,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_canAddDebitorWithoutJustRequiredData() { void globalAdmin_canAddDebitorWithoutJustRequiredData() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Third").get(0); final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Third").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0);
@ -375,7 +376,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_canNotAddDebitor_ifContactDoesNotExist() { void globalAdmin_canNotAddDebitor_ifContactDoesNotExist() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Third").get(0); final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Third").get(0);
final var givenContactUuid = UUID.fromString("00000000-0000-0000-0000-000000000000"); final var givenContactUuid = UUID.fromString("00000000-0000-0000-0000-000000000000");
@ -412,7 +413,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_canNotAddDebitor_ifDebitorRelDoesNotExist() { void globalAdmin_canNotAddDebitor_ifDebitorRelDoesNotExist() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitorRelUuid = UUID.fromString("00000000-0000-0000-0000-000000000000"); final var givenDebitorRelUuid = UUID.fromString("00000000-0000-0000-0000-000000000000");
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0);
@ -444,7 +445,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canGetArbitraryDebitor() { void globalAdmin_withoutAssumedRole_canGetArbitraryDebitor() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitorUuid = debitorRepo.findDebitorByOptionalNameLike("First").get(0).getUuid(); final var givenDebitorUuid = debitorRepo.findDebitorByOptionalNameLike("First").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -505,7 +506,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void normalUser_canNotGetUnrelatedDebitor() { void normalUser_canNotGetUnrelatedDebitor() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitorUuid = debitorRepo.findDebitorByOptionalNameLike("First").get(0).getUuid(); final var givenDebitorUuid = debitorRepo.findDebitorByOptionalNameLike("First").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -520,7 +521,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void contactAdminUser_canGetRelatedDebitorExceptRefundBankAccount() { void contactAdminUser_canGetRelatedDebitorExceptRefundBankAccount() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitorUuid = debitorRepo.findDebitorByOptionalNameLike("first contact").get(0).getUuid(); final var givenDebitorUuid = debitorRepo.findDebitorByOptionalNameLike("first contact").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -549,7 +550,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canPatchArbitraryDebitor() { void globalAdmin_withoutAssumedRole_canPatchArbitraryDebitor() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitor = givenSomeTemporaryDebitor(); final var givenDebitor = givenSomeTemporaryDebitor();
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0);
@ -614,7 +615,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
// @formatter:on // @formatter:on
// finally, the debitor is actually updated // finally, the debitor is actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
assertThat(debitorRepo.findByUuid(givenDebitor.getUuid())).isPresent().get() assertThat(debitorRepo.findByUuid(givenDebitor.getUuid())).isPresent().get()
.matches(debitor -> { .matches(debitor -> {
assertThat(debitor.getDebitorRel().getHolder().getTradeName()) assertThat(debitor.getDebitorRel().getHolder().getTradeName())
@ -630,7 +631,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void theContactOwner_canNotPatchARelatedDebitor() { void theContactOwner_canNotPatchARelatedDebitor() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitor = givenSomeTemporaryDebitor(); final var givenDebitor = givenSomeTemporaryDebitor();
// @formatter:on // @formatter:on
@ -660,7 +661,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canDeleteArbitraryDebitor() { void globalAdmin_withoutAssumedRole_canDeleteArbitraryDebitor() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitor = givenSomeTemporaryDebitor(); final var givenDebitor = givenSomeTemporaryDebitor();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -678,7 +679,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void contactAdminUser_canNotDeleteRelatedDebitor() { void contactAdminUser_canNotDeleteRelatedDebitor() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitor = givenSomeTemporaryDebitor(); final var givenDebitor = givenSomeTemporaryDebitor();
assertThat(givenDebitor.getDebitorRel().getContact().getLabel()).isEqualTo("fourth contact"); assertThat(givenDebitor.getDebitorRel().getContact().getLabel()).isEqualTo("fourth contact");
@ -697,7 +698,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void normalUser_canNotDeleteUnrelatedDebitor() { void normalUser_canNotDeleteUnrelatedDebitor() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitor = givenSomeTemporaryDebitor(); final var givenDebitor = givenSomeTemporaryDebitor();
assertThat(givenDebitor.getDebitorRel().getContact().getLabel()).isEqualTo("fourth contact"); assertThat(givenDebitor.getDebitorRel().getContact().getLabel()).isEqualTo("fourth contact");
@ -717,7 +718,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
private HsOfficeDebitorEntity givenSomeTemporaryDebitor() { private HsOfficeDebitorEntity givenSomeTemporaryDebitor() {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Fourth").get(0); final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Fourth").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth contact").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth contact").get(0);
final var newDebitor = HsOfficeDebitorEntity.builder() final var newDebitor = HsOfficeDebitorEntity.builder()
@ -743,7 +744,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
@AfterEach @AfterEach
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var count = em.createQuery( final var count = em.createQuery(
"DELETE FROM HsOfficeDebitorEntity d WHERE d.debitorNumberSuffix >= " + LOWEST_TEMP_DEBITOR_SUFFIX) "DELETE FROM HsOfficeDebitorEntity d WHERE d.debitorNumberSuffix >= " + LOWEST_TEMP_DEBITOR_SUFFIX)
.executeUpdate(); .executeUpdate();

View File

@ -22,6 +22,7 @@ import jakarta.persistence.PersistenceContext;
import java.time.LocalDate; import java.time.LocalDate;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.hs.office.membership.HsOfficeMembershipStatus.ACTIVE; import static net.hostsharing.hsadminng.hs.office.membership.HsOfficeMembershipStatus.ACTIVE;
import static net.hostsharing.hsadminng.hs.office.membership.HsOfficeMembershipStatus.CANCELLED; import static net.hostsharing.hsadminng.hs.office.membership.HsOfficeMembershipStatus.CANCELLED;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
@ -108,7 +109,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@Test @Test
void globalAdmin_canViewMembershipsByPartnerUuid() { void globalAdmin_canViewMembershipsByPartnerUuid() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var partner = partnerRepo.findPartnerByPartnerNumber(10001); final var partner = partnerRepo.findPartnerByPartnerNumber(10001);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -171,7 +172,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@Test @Test
void globalAdmin_canAddMembership() { void globalAdmin_canAddMembership() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Third").get(0); final var givenPartner = partnerRepo.findPartnerByOptionalNameLike("Third").get(0);
final var givenMemberSuffix = TEMP_MEMBER_NUMBER_SUFFIX; final var givenMemberSuffix = TEMP_MEMBER_NUMBER_SUFFIX;
final var expectedMemberNumber = Integer.parseInt(givenPartner.getPartnerNumber() + TEMP_MEMBER_NUMBER_SUFFIX); final var expectedMemberNumber = Integer.parseInt(givenPartner.getPartnerNumber() + TEMP_MEMBER_NUMBER_SUFFIX);
@ -216,7 +217,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@Test @Test
void globalAdmin_canGetArbitraryMembership() { void globalAdmin_canGetArbitraryMembership() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembershipUuid = membershipRepo.findMembershipByMemberNumber(1000101).getUuid(); final var givenMembershipUuid = membershipRepo.findMembershipByMemberNumber(1000101).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -242,7 +243,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@Test @Test
void normalUser_canNotGetUnrelatedMembership() { void normalUser_canNotGetUnrelatedMembership() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembershipUuid = membershipRepo.findMembershipByMemberNumber(1000101).getUuid(); final var givenMembershipUuid = membershipRepo.findMembershipByMemberNumber(1000101).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -257,7 +258,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@Test @Test
void parnerRelAgent_canGetRelatedMembership() { void parnerRelAgent_canGetRelatedMembership() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembershipUuid = membershipRepo.findMembershipByMemberNumber(1000303).getUuid(); final var givenMembershipUuid = membershipRepo.findMembershipByMemberNumber(1000303).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -289,7 +290,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@Test @Test
void globalAdmin_canPatchValidToOfArbitraryMembership() { void globalAdmin_canPatchValidToOfArbitraryMembership() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = givenSomeTemporaryMembershipBessler("First"); final var givenMembership = givenSomeTemporaryMembershipBessler("First");
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -332,7 +333,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
// given // given
final var givenPartnerAdmin = "hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH:ADMIN"; final var givenPartnerAdmin = "hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH:ADMIN";
context.define("superuser-alex@hostsharing.net", givenPartnerAdmin); context.define(TEMP, "superuser-alex@hostsharing.net", givenPartnerAdmin);
final var givenMembership = givenSomeTemporaryMembershipBessler("First"); final var givenMembership = givenSomeTemporaryMembershipBessler("First");
// when // when
@ -368,7 +369,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@Test @Test
void globalAdmin_canDeleteArbitraryMembership() { void globalAdmin_canDeleteArbitraryMembership() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = givenSomeTemporaryMembershipBessler("First"); final var givenMembership = givenSomeTemporaryMembershipBessler("First");
RestAssured // @formatter:off RestAssured // @formatter:off
@ -386,7 +387,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@Test @Test
void partnerAgentUser_canNotDeleteRelatedMembership() { void partnerAgentUser_canNotDeleteRelatedMembership() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = givenSomeTemporaryMembershipBessler("First"); final var givenMembership = givenSomeTemporaryMembershipBessler("First");
RestAssured // @formatter:off RestAssured // @formatter:off
@ -405,7 +406,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@Test @Test
void normalUser_canNotDeleteUnrelatedMembership() { void normalUser_canNotDeleteUnrelatedMembership() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenMembership = givenSomeTemporaryMembershipBessler("First"); final var givenMembership = givenSomeTemporaryMembershipBessler("First");
RestAssured // @formatter:off RestAssured // @formatter:off
@ -424,7 +425,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
private HsOfficeMembershipEntity givenSomeTemporaryMembershipBessler(final String partnerName) { private HsOfficeMembershipEntity givenSomeTemporaryMembershipBessler(final String partnerName) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenPartner = partnerRepo.findPartnerByOptionalNameLike(partnerName).get(0); final var givenPartner = partnerRepo.findPartnerByOptionalNameLike(partnerName).get(0);
final var newMembership = HsOfficeMembershipEntity.builder() final var newMembership = HsOfficeMembershipEntity.builder()
.uuid(UUID.randomUUID()) .uuid(UUID.randomUUID())
@ -442,7 +443,7 @@ class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCle
@AfterEach @AfterEach
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var query = em.createQuery( final var query = em.createQuery(
"DELETE FROM HsOfficeMembershipEntity m WHERE m.memberNumberSuffix >= '%s'" "DELETE FROM HsOfficeMembershipEntity m WHERE m.memberNumberSuffix >= '%s'"
.formatted(TEMP_MEMBER_NUMBER_SUFFIX) .formatted(TEMP_MEMBER_NUMBER_SUFFIX)

View File

@ -20,6 +20,7 @@ import org.springframework.transaction.annotation.Transactional;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.EX_PARTNER; import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.EX_PARTNER;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
@ -88,7 +89,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canAddPartner() { void globalAdmin_withoutAssumedRole_canAddPartner() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenMandantPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").stream().findFirst().orElseThrow(); final var givenMandantPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").stream().findFirst().orElseThrow();
final var givenPerson = personRepo.findPersonByOptionalNameLike("Third").stream().findFirst().orElseThrow(); final var givenPerson = personRepo.findPersonByOptionalNameLike("Third").stream().findFirst().orElseThrow();
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").stream().findFirst().orElseThrow(); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").stream().findFirst().orElseThrow();
@ -148,7 +149,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_canNotAddPartner_ifContactDoesNotExist() { void globalAdmin_canNotAddPartner_ifContactDoesNotExist() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenMandantPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").get(0); final var givenMandantPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").get(0);
final var givenPerson = personRepo.findPersonByOptionalNameLike("Third").get(0); final var givenPerson = personRepo.findPersonByOptionalNameLike("Third").get(0);
@ -186,7 +187,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_canNotAddPartner_ifPersonDoesNotExist() { void globalAdmin_canNotAddPartner_ifPersonDoesNotExist() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var mandantPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").get(0); final var mandantPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0);
@ -228,7 +229,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canGetArbitraryPartner() { void globalAdmin_withoutAssumedRole_canGetArbitraryPartner() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var partners = partnerRepo.findAll(); final var partners = partnerRepo.findAll();
final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("First").get(0).getUuid(); final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("First").get(0).getUuid();
@ -261,7 +262,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void normalUser_canNotGetUnrelatedPartner() { void normalUser_canNotGetUnrelatedPartner() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("First").get(0).getUuid(); final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("First").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -276,7 +277,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void contactAdminUser_canGetRelatedPartner() { void contactAdminUser_canGetRelatedPartner() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("first contact").get(0).getUuid(); final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("first contact").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -306,7 +307,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canPatchAllPropertiesOfArbitraryPartner() { void globalAdmin_withoutAssumedRole_canPatchAllPropertiesOfArbitraryPartner() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPartner = givenSomeTemporaryPartnerBessler(20011); final var givenPartner = givenSomeTemporaryPartnerBessler(20011);
final var givenPartnerRel = givenSomeTemporaryPartnerRel("Third OHG", "third contact"); final var givenPartnerRel = givenSomeTemporaryPartnerRel("Third OHG", "third contact");
@ -355,7 +356,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
// @formatter:on // @formatter:on
// finally, the partner is actually updated // finally, the partner is actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(partnerRepo.findByUuid(givenPartner.getUuid())).isPresent().get() assertThat(partnerRepo.findByUuid(givenPartner.getUuid())).isPresent().get()
.matches(partner -> { .matches(partner -> {
assertThat(partner.getPartnerNumber()).isEqualTo(givenPartner.getPartnerNumber()); assertThat(partner.getPartnerNumber()).isEqualTo(givenPartner.getPartnerNumber());
@ -373,7 +374,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void patchingThePartnerRelCreatesExPartnerRel() { void patchingThePartnerRelCreatesExPartnerRel() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPartner = givenSomeTemporaryPartnerBessler(20011); final var givenPartner = givenSomeTemporaryPartnerBessler(20011);
final var givenPartnerRel = givenSomeTemporaryPartnerRel("Third OHG", "third contact"); final var givenPartnerRel = givenSomeTemporaryPartnerRel("Third OHG", "third contact");
@ -394,7 +395,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
// @formatter:on // @formatter:on
// then the partner got actually updated // then the partner got actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(partnerRepo.findByUuid(givenPartner.getUuid())).isPresent().get() assertThat(partnerRepo.findByUuid(givenPartner.getUuid())).isPresent().get()
.matches(partner -> { .matches(partner -> {
assertThat(partner.getPartnerRel().getHolder().getTradeName()).isEqualTo("Third OHG"); assertThat(partner.getPartnerRel().getHolder().getTradeName()).isEqualTo("Third OHG");
@ -412,7 +413,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canPatchPartialPropertiesOfArbitraryPartner() { void globalAdmin_withoutAssumedRole_canPatchPartialPropertiesOfArbitraryPartner() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPartner = givenSomeTemporaryPartnerBessler(20012); final var givenPartner = givenSomeTemporaryPartnerBessler(20012);
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -460,7 +461,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void globalAdmin_withoutAssumedRole_canDeleteArbitraryPartner() { void globalAdmin_withoutAssumedRole_canDeleteArbitraryPartner() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPartner = givenSomeTemporaryPartnerBessler(20013); final var givenPartner = givenSomeTemporaryPartnerBessler(20013);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -479,7 +480,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void contactAdminUser_canNotDeleteRelatedPartner() { void contactAdminUser_canNotDeleteRelatedPartner() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPartner = givenSomeTemporaryPartnerBessler(20014); final var givenPartner = givenSomeTemporaryPartnerBessler(20014);
assertThat(givenPartner.getPartnerRel().getContact().getLabel()).isEqualTo("fourth contact"); assertThat(givenPartner.getPartnerRel().getContact().getLabel()).isEqualTo("fourth contact");
@ -498,7 +499,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
@Test @Test
void normalUser_canNotDeleteUnrelatedPartner() { void normalUser_canNotDeleteUnrelatedPartner() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPartner = givenSomeTemporaryPartnerBessler(20015); final var givenPartner = givenSomeTemporaryPartnerBessler(20015);
assertThat(givenPartner.getPartnerRel().getContact().getLabel()).isEqualTo("fourth contact"); assertThat(givenPartner.getPartnerRel().getContact().getLabel()).isEqualTo("fourth contact");
@ -520,7 +521,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
final String partnerHolderName, final String partnerHolderName,
final String contactName) { final String contactName) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenMandantPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").stream().findFirst().orElseThrow(); final var givenMandantPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").stream().findFirst().orElseThrow();
final var givenPerson = personRepo.findPersonByOptionalNameLike(partnerHolderName).stream().findFirst().orElseThrow(); final var givenPerson = personRepo.findPersonByOptionalNameLike(partnerHolderName).stream().findFirst().orElseThrow();
final var givenContact = contactRepo.findContactByOptionalLabelLike(contactName).stream().findFirst().orElseThrow(); final var givenContact = contactRepo.findContactByOptionalLabelLike(contactName).stream().findFirst().orElseThrow();
@ -536,7 +537,7 @@ class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanu
} }
private HsOfficePartnerEntity givenSomeTemporaryPartnerBessler(final Integer partnerNumber) { private HsOfficePartnerEntity givenSomeTemporaryPartnerBessler(final Integer partnerNumber) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var partnerRel = em.merge(givenSomeTemporaryPartnerRel("Erben Bessler", "fourth contact")); final var partnerRel = em.merge(givenSomeTemporaryPartnerRel("Erben Bessler", "fourth contact"));
final var newPartner = HsOfficePartnerEntity.builder() final var newPartner = HsOfficePartnerEntity.builder()

View File

@ -19,6 +19,7 @@ import jakarta.persistence.EntityManager;
import jakarta.persistence.PersistenceContext; import jakarta.persistence.PersistenceContext;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@ -111,7 +112,7 @@ class HsOfficePersonControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void globalAdmin_canGetArbitraryPerson() { void globalAdmin_canGetArbitraryPerson() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPersonUuid = personRepo.findPersonByOptionalNameLike("Erben").get(0).getUuid(); final var givenPersonUuid = personRepo.findPersonByOptionalNameLike("Erben").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -133,7 +134,7 @@ class HsOfficePersonControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void normalUser_canNotGetUnrelatedPerson() { void normalUser_canNotGetUnrelatedPerson() {
final var givenPersonUuid = jpaAttempt.transacted(() -> { final var givenPersonUuid = jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
return personRepo.findPersonByOptionalNameLike("Erben").get(0).getUuid(); return personRepo.findPersonByOptionalNameLike("Erben").get(0).getUuid();
}).returnedValue(); }).returnedValue();
@ -150,7 +151,7 @@ class HsOfficePersonControllerAcceptanceTest extends ContextBasedTestWithCleanup
@Test @Test
void personOwnerUser_canGetRelatedPerson() { void personOwnerUser_canGetRelatedPerson() {
final var givenPersonUuid = jpaAttempt.transacted(() -> { final var givenPersonUuid = jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
return personRepo.findPersonByOptionalNameLike("Erben").get(0).getUuid(); return personRepo.findPersonByOptionalNameLike("Erben").get(0).getUuid();
}).returnedValue(); }).returnedValue();
@ -209,7 +210,7 @@ class HsOfficePersonControllerAcceptanceTest extends ContextBasedTestWithCleanup
// @formatter:on // @formatter:on
// finally, the person is actually updated // finally, the person is actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(personRepo.findByUuid(givenPerson.getUuid())).isPresent().get() assertThat(personRepo.findByUuid(givenPerson.getUuid())).isPresent().get()
.matches(person -> { .matches(person -> {
assertThat(person.getPersonType()).isEqualTo(HsOfficePersonType.UNINCORPORATED_FIRM); assertThat(person.getPersonType()).isEqualTo(HsOfficePersonType.UNINCORPORATED_FIRM);
@ -249,7 +250,7 @@ class HsOfficePersonControllerAcceptanceTest extends ContextBasedTestWithCleanup
// @formatter:on // @formatter:on
// finally, the person is actually updated // finally, the person is actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(personRepo.findByUuid(givenPerson.getUuid())).isPresent().get() assertThat(personRepo.findByUuid(givenPerson.getUuid())).isPresent().get()
.matches(person -> { .matches(person -> {
assertThat(person.getPersonType()).isEqualTo(givenPerson.getPersonType()); assertThat(person.getPersonType()).isEqualTo(givenPerson.getPersonType());
@ -280,7 +281,7 @@ class HsOfficePersonControllerAcceptanceTest extends ContextBasedTestWithCleanup
// then the given person is gone // then the given person is gone
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(personRepo.findByUuid(givenPerson.getUuid())).isEmpty(); assertThat(personRepo.findByUuid(givenPerson.getUuid())).isEmpty();
} }
@ -316,14 +317,14 @@ class HsOfficePersonControllerAcceptanceTest extends ContextBasedTestWithCleanup
// @formatter:on // @formatter:on
// then the given person is still there // then the given person is still there
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(personRepo.findByUuid(givenPerson.getUuid())).isNotEmpty(); assertThat(personRepo.findByUuid(givenPerson.getUuid())).isNotEmpty();
} }
} }
private HsOfficePersonEntity givenSomeTemporaryPersonCreatedBy(final String creatingUser) { private HsOfficePersonEntity givenSomeTemporaryPersonCreatedBy(final String creatingUser) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define(creatingUser); context.define(TEMP, creatingUser);
final var newPerson = HsOfficePersonEntity.builder() final var newPerson = HsOfficePersonEntity.builder()
.uuid(UUID.randomUUID()) .uuid(UUID.randomUUID())
.personType(HsOfficePersonType.LEGAL_PERSON) .personType(HsOfficePersonType.LEGAL_PERSON)
@ -339,7 +340,7 @@ class HsOfficePersonControllerAcceptanceTest extends ContextBasedTestWithCleanup
@AfterEach @AfterEach
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
em.createQuery(""" em.createQuery("""
DELETE FROM HsOfficePersonEntity p DELETE FROM HsOfficePersonEntity p
WHERE p.tradeName LIKE 'Temp %' OR p.givenName LIKE 'Temp %' WHERE p.tradeName LIKE 'Temp %' OR p.givenName LIKE 'Temp %'

View File

@ -19,6 +19,7 @@ import org.springframework.transaction.annotation.Transactional;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@ -61,7 +62,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
void globalAdmin_withoutAssumedRoles_canViewAllRelationsOfGivenPersonAndType_ifNoCriteriaGiven() throws JSONException { void globalAdmin_withoutAssumedRoles_canViewAllRelationsOfGivenPersonAndType_ifNoCriteriaGiven() throws JSONException {
// given // given
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").get(0); final var givenPerson = personRepo.findPersonByOptionalNameLike("Hostsharing eG").get(0);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -122,7 +123,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void globalAdmin_withoutAssumedRole_canAddRelation() { void globalAdmin_withoutAssumedRole_canAddRelation() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0); final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0);
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Paul").get(0); final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Paul").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("second").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("second").get(0);
@ -169,7 +170,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void globalAdmin_canNotAddRelation_ifAnchorPersonDoesNotExist() { void globalAdmin_canNotAddRelation_ifAnchorPersonDoesNotExist() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAnchorPersonUuid = GIVEN_NON_EXISTING_HOLDER_PERSON_UUID; final var givenAnchorPersonUuid = GIVEN_NON_EXISTING_HOLDER_PERSON_UUID;
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Smith").get(0); final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Smith").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0);
@ -202,7 +203,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void globalAdmin_canNotAddRelation_ifHolderPersonDoesNotExist() { void globalAdmin_canNotAddRelation_ifHolderPersonDoesNotExist() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0); final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0);
@ -234,7 +235,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void globalAdmin_canNotAddRelation_ifContactDoesNotExist() { void globalAdmin_canNotAddRelation_ifContactDoesNotExist() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0); final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Third").get(0);
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Paul").get(0); final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Paul").get(0);
final var givenContactUuid = UUID.fromString("00000000-0000-0000-0000-000000000000"); final var givenContactUuid = UUID.fromString("00000000-0000-0000-0000-000000000000");
@ -270,7 +271,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void globalAdmin_withoutAssumedRole_canGetArbitraryRelation() { void globalAdmin_withoutAssumedRole_canGetArbitraryRelation() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final UUID givenRelationUuid = findRelation("First", "Firby").getUuid(); final UUID givenRelationUuid = findRelation("First", "Firby").getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -293,7 +294,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void normalUser_canNotGetUnrelatedRelation() { void normalUser_canNotGetUnrelatedRelation() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final UUID givenRelationUuid = findRelation("First", "Firby").getUuid(); final UUID givenRelationUuid = findRelation("First", "Firby").getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -308,7 +309,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void contactAdminUser_canGetRelatedRelation() { void contactAdminUser_canGetRelatedRelation() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenRelation = findRelation("First", "Firby"); final var givenRelation = findRelation("First", "Firby");
assertThat(givenRelation.getContact().getLabel()).isEqualTo("first contact"); assertThat(givenRelation.getContact().getLabel()).isEqualTo("first contact");
@ -350,7 +351,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void globalAdmin_withoutAssumedRole_canPatchContactOfArbitraryRelation() { void globalAdmin_withoutAssumedRole_canPatchContactOfArbitraryRelation() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenRelation = givenSomeTemporaryRelationBessler(); final var givenRelation = givenSomeTemporaryRelationBessler();
assertThat(givenRelation.getContact().getLabel()).isEqualTo("seventh contact"); assertThat(givenRelation.getContact().getLabel()).isEqualTo("seventh contact");
final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("fourth").get(0);
@ -378,7 +379,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
// @formatter:on // @formatter:on
// finally, the relation is actually updated // finally, the relation is actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertThat(relationRepo.findByUuid(givenRelation.getUuid())).isPresent().get() assertThat(relationRepo.findByUuid(givenRelation.getUuid())).isPresent().get()
.matches(rel -> { .matches(rel -> {
assertThat(rel.getAnchor().getTradeName()).contains("Bessler"); assertThat(rel.getAnchor().getTradeName()).contains("Bessler");
@ -395,7 +396,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void globalAdmin_withoutAssumedRole_canDeleteArbitraryRelation() { void globalAdmin_withoutAssumedRole_canDeleteArbitraryRelation() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenRelation = givenSomeTemporaryRelationBessler(); final var givenRelation = givenSomeTemporaryRelationBessler();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -413,7 +414,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void contactAdminUser_canNotDeleteRelatedRelation() { void contactAdminUser_canNotDeleteRelatedRelation() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenRelation = givenSomeTemporaryRelationBessler(); final var givenRelation = givenSomeTemporaryRelationBessler();
assertThat(givenRelation.getContact().getLabel()).isEqualTo("seventh contact"); assertThat(givenRelation.getContact().getLabel()).isEqualTo("seventh contact");
@ -432,7 +433,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
@Test @Test
void normalUser_canNotDeleteUnrelatedRelation() { void normalUser_canNotDeleteUnrelatedRelation() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenRelation = givenSomeTemporaryRelationBessler(); final var givenRelation = givenSomeTemporaryRelationBessler();
assertThat(givenRelation.getContact().getLabel()).isEqualTo("seventh contact"); assertThat(givenRelation.getContact().getLabel()).isEqualTo("seventh contact");
@ -452,7 +453,7 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
private HsOfficeRelationEntity givenSomeTemporaryRelationBessler() { private HsOfficeRelationEntity givenSomeTemporaryRelationBessler() {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Erben Bessler").get(0); final var givenAnchorPerson = personRepo.findPersonByOptionalNameLike("Erben Bessler").get(0);
final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Winkler").get(0); final var givenHolderPerson = personRepo.findPersonByOptionalNameLike("Winkler").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("seventh contact").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("seventh contact").get(0);

View File

@ -24,6 +24,7 @@ import java.time.LocalDate;
import java.util.UUID; import java.util.UUID;
import static java.util.Optional.ofNullable; import static java.util.Optional.ofNullable;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid; import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals; import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@ -105,7 +106,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_canAddSepaMandate() { void globalAdmin_canAddSepaMandate() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike("Third").get(0); final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike("Third").get(0);
final var givenBankAccount = bankAccountRepo.findByIbanOrderByIbanAsc("DE02200505501015871393").get(0); final var givenBankAccount = bankAccountRepo.findByIbanOrderByIbanAsc("DE02200505501015871393").get(0);
@ -147,7 +148,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_canNotAddSepaMandateWhenDebitorUuidIsMissing() { void globalAdmin_canNotAddSepaMandateWhenDebitorUuidIsMissing() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike("Third").get(0); final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike("Third").get(0);
final var givenBankAccount = bankAccountRepo.findByIbanOrderByIbanAsc("DE02200505501015871393").get(0); final var givenBankAccount = bankAccountRepo.findByIbanOrderByIbanAsc("DE02200505501015871393").get(0);
@ -172,7 +173,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_canNotAddSepaMandate_ifBankAccountDoesNotExist() { void globalAdmin_canNotAddSepaMandate_ifBankAccountDoesNotExist() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike("Third").get(0); final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike("Third").get(0);
final var givenBankAccountUuid = UUID.fromString("00000000-0000-0000-0000-000000000000"); final var givenBankAccountUuid = UUID.fromString("00000000-0000-0000-0000-000000000000");
@ -202,7 +203,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_canNotAddSepaMandate_ifPersonDoesNotExist() { void globalAdmin_canNotAddSepaMandate_ifPersonDoesNotExist() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitorUuid = UUID.fromString("00000000-0000-0000-0000-000000000000"); final var givenDebitorUuid = UUID.fromString("00000000-0000-0000-0000-000000000000");
final var givenBankAccount = bankAccountRepo.findByIbanOrderByIbanAsc("DE02200505501015871393").get(0); final var givenBankAccount = bankAccountRepo.findByIbanOrderByIbanAsc("DE02200505501015871393").get(0);
@ -235,7 +236,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_canGetArbitrarySepaMandate() { void globalAdmin_canGetArbitrarySepaMandate() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenSepaMandateUuid = sepaMandateRepo.findSepaMandateByOptionalIban("DE02120300000000202051") final var givenSepaMandateUuid = sepaMandateRepo.findSepaMandateByOptionalIban("DE02120300000000202051")
.get(0) .get(0)
.getUuid(); .getUuid();
@ -265,7 +266,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void normalUser_canNotGetUnrelatedSepaMandate() { void normalUser_canNotGetUnrelatedSepaMandate() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenSepaMandateUuid = sepaMandateRepo.findSepaMandateByOptionalIban("DE02120300000000202051") final var givenSepaMandateUuid = sepaMandateRepo.findSepaMandateByOptionalIban("DE02120300000000202051")
.get(0) .get(0)
.getUuid(); .getUuid();
@ -282,7 +283,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void bankAccountAdminUser_canGetRelatedSepaMandate() { void bankAccountAdminUser_canGetRelatedSepaMandate() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenSepaMandateUuid = sepaMandateRepo.findSepaMandateByOptionalIban("DE02120300000000202051") final var givenSepaMandateUuid = sepaMandateRepo.findSepaMandateByOptionalIban("DE02120300000000202051")
.get(0) .get(0)
.getUuid(); .getUuid();
@ -347,7 +348,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
// @formatter:on // @formatter:on
// finally, the sepaMandate is actually updated // finally, the sepaMandate is actually updated
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
assertThat(sepaMandateRepo.findByUuid(givenSepaMandate.getUuid())).isPresent().get() assertThat(sepaMandateRepo.findByUuid(givenSepaMandate.getUuid())).isPresent().get()
.matches(mandate -> { .matches(mandate -> {
assertThat(mandate.getDebitor().toString()).isEqualTo("debitor(D-1000111: rel(anchor='LP First GmbH', type='DEBITOR', holder='LP First GmbH'), fir)"); assertThat(mandate.getDebitor().toString()).isEqualTo("debitor(D-1000111: rel(anchor='LP First GmbH', type='DEBITOR', holder='LP First GmbH'), fir)");
@ -362,7 +363,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_canPatchJustValidToOfArbitrarySepaMandate() { void globalAdmin_canPatchJustValidToOfArbitrarySepaMandate() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111); final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111);
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -402,7 +403,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_canNotPatchReferenceOfArbitrarySepaMandate() { void globalAdmin_canNotPatchReferenceOfArbitrarySepaMandate() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111); final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111);
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
@ -436,7 +437,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void globalAdmin_canDeleteArbitrarySepaMandate() { void globalAdmin_canDeleteArbitrarySepaMandate() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111); final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -454,7 +455,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void bankAccountAdminUser_canNotDeleteRelatedSepaMandate() { void bankAccountAdminUser_canNotDeleteRelatedSepaMandate() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111); final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -472,7 +473,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@Test @Test
void normalUser_canNotDeleteUnrelatedSepaMandate() { void normalUser_canNotDeleteUnrelatedSepaMandate() {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111); final var givenSepaMandate = givenSomeTemporarySepaMandateForDebitorNumber(1000111);
RestAssured // @formatter:off RestAssured // @formatter:off
@ -491,7 +492,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
private HsOfficeSepaMandateEntity givenSomeTemporarySepaMandateForDebitorNumber(final int debitorNumber) { private HsOfficeSepaMandateEntity givenSomeTemporarySepaMandateForDebitorNumber(final int debitorNumber) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(debitorNumber).get(0); final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(debitorNumber).get(0);
final var bankAccountHolder = ofNullable(givenDebitor.getPartner().getPartnerRel().getHolder().getTradeName()) final var bankAccountHolder = ofNullable(givenDebitor.getPartner().getPartnerRel().getHolder().getTradeName())
.orElse(givenDebitor.getPartner().getPartnerRel().getHolder().getFamilyName()); .orElse(givenDebitor.getPartner().getPartnerRel().getHolder().getFamilyName());
@ -514,7 +515,7 @@ class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCl
@AfterEach @AfterEach
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
final var count = em.createQuery("DELETE FROM HsOfficeSepaMandateEntity s WHERE s.reference like 'temp %'") final var count = em.createQuery("DELETE FROM HsOfficeSepaMandateEntity s WHERE s.reference like 'temp %'")
.executeUpdate(); .executeUpdate();
if (count == 0) { if (count == 0) {

View File

@ -10,6 +10,8 @@ import org.springframework.context.annotation.Import;
import jakarta.persistence.EntityManager; import jakarta.persistence.EntityManager;
import jakarta.persistence.PersistenceContext; import jakarta.persistence.PersistenceContext;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
@Import(RbacGrantsDiagramService.class) @Import(RbacGrantsDiagramService.class)
public abstract class ContextBasedTest { public abstract class ContextBasedTest {
@ -41,7 +43,7 @@ public abstract class ContextBasedTest {
} }
protected void context(final String currentUser, final String assumedRoles) { protected void context(final String currentUser, final String assumedRoles) {
context.define(test.getDisplayName(), null, currentUser, assumedRoles); context.define(TEMP, test.getDisplayName(), null, currentUser, assumedRoles);
} }
protected void context(final String currentUser) { protected void context(final String currentUser) {

View File

@ -14,6 +14,7 @@ import org.springframework.transaction.annotation.Transactional;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@DataJpaTest @DataJpaTest
@ -34,7 +35,7 @@ class ContextIntegrationTests {
@Test @Test
void defineWithoutHttpServletRequestUsesCallStack() { void defineWithoutHttpServletRequestUsesCallStack() {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
assertThat(context.getCurrentTask()) assertThat(context.getCurrentTask())
.isEqualTo("ContextIntegrationTests.defineWithoutHttpServletRequestUsesCallStack"); .isEqualTo("ContextIntegrationTests.defineWithoutHttpServletRequestUsesCallStack");
@ -44,7 +45,7 @@ class ContextIntegrationTests {
@Transactional @Transactional
void defineWithCurrentUserButWithoutAssumedRoles() { void defineWithCurrentUserButWithoutAssumedRoles() {
// when // when
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
// then // then
assertThat(context.getCurrentUser()). assertThat(context.getCurrentUser()).
@ -62,7 +63,7 @@ class ContextIntegrationTests {
void defineWithoutCurrentUserButWithAssumedRoles() { void defineWithoutCurrentUserButWithAssumedRoles() {
// when // when
final var result = jpaAttempt.transacted(() -> final var result = jpaAttempt.transacted(() ->
context.define(null, "test_package#yyy00:ADMIN") context.define(TEMP, null, "test_package#yyy00:ADMIN")
); );
// then // then
@ -75,7 +76,7 @@ class ContextIntegrationTests {
void defineWithUnknownCurrentUser() { void defineWithUnknownCurrentUser() {
// when // when
final var result = jpaAttempt.transacted(() -> final var result = jpaAttempt.transacted(() ->
context.define("unknown@example.org") context.define(TEMP, "unknown@example.org", null)
); );
// then // then
@ -88,7 +89,7 @@ class ContextIntegrationTests {
@Transactional @Transactional
void defineWithCurrentUserAndAssumedRoles() { void defineWithCurrentUserAndAssumedRoles() {
// given // given
context.define("superuser-alex@hostsharing.net", "test_customer#xxx:OWNER;test_customer#yyy:OWNER"); context.define(TEMP, "superuser-alex@hostsharing.net", "test_customer#xxx:OWNER;test_customer#yyy:OWNER");
// when // when
final var currentUser = context.getCurrentUser(); final var currentUser = context.getCurrentUser();
@ -104,7 +105,7 @@ class ContextIntegrationTests {
public void defineContextWithCurrentUserAndAssumeInaccessibleRole() { public void defineContextWithCurrentUserAndAssumeInaccessibleRole() {
// when // when
final var result = jpaAttempt.transacted(() -> final var result = jpaAttempt.transacted(() ->
context.define("customer-admin@xxx.example.com", "test_package#yyy00:ADMIN") context.define(TEMP, "customer-admin@xxx.example.com", "test_package#yyy00:ADMIN")
); );
// then // then

View File

@ -20,6 +20,7 @@ import java.util.Collections;
import java.util.Map; import java.util.Map;
import java.util.stream.Stream; import java.util.stream.Stream;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static org.mockito.ArgumentMatchers.*; import static org.mockito.ArgumentMatchers.*;
import static org.mockito.BDDMockito.given; import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verify;
@ -29,6 +30,7 @@ class ContextUnitTest {
private static final String DEFINE_CONTEXT_QUERY_STRING = """ private static final String DEFINE_CONTEXT_QUERY_STRING = """
call defineContext( call defineContext(
cast(:currentScope as RbacObjectScope),
cast(:currentTask as varchar(127)), cast(:currentTask as varchar(127)),
cast(:currentRequest as text), cast(:currentRequest as text),
cast(:currentUser as varchar(63)), cast(:currentUser as varchar(63)),
@ -57,7 +59,7 @@ class ContextUnitTest {
void registerWithoutHttpServletRequestUsesCallStackForTask() { void registerWithoutHttpServletRequestUsesCallStackForTask() {
given(em.createNativeQuery(any())).willReturn(nativeQuery); given(em.createNativeQuery(any())).willReturn(nativeQuery);
context.define("current-user"); context.define(TEMP, "current-user", null);
verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING); verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING);
verify(nativeQuery).setParameter( verify(nativeQuery).setParameter(
@ -69,7 +71,7 @@ class ContextUnitTest {
void registerWithoutHttpServletRequestUsesEmptyStringForRequest() { void registerWithoutHttpServletRequestUsesEmptyStringForRequest() {
given(em.createNativeQuery(any())).willReturn(nativeQuery); given(em.createNativeQuery(any())).willReturn(nativeQuery);
context.define("current-user"); context.define(TEMP, "current-user", null);
verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING); verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING);
verify(nativeQuery).setParameter("currentRequest", null); verify(nativeQuery).setParameter("currentRequest", null);
@ -114,7 +116,7 @@ class ContextUnitTest {
Map.entry("user-agent", "given-user-agent")), Map.entry("user-agent", "given-user-agent")),
"{}"); "{}");
context.define("current-user"); context.define(TEMP, "current-user", null);
verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING); verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING);
verify(nativeQuery).setParameter("currentTask", "POST http://localhost:9999/api/endpoint"); verify(nativeQuery).setParameter("currentTask", "POST http://localhost:9999/api/endpoint");
@ -128,7 +130,7 @@ class ContextUnitTest {
Map.entry("user-agent", "given-user-agent")), Map.entry("user-agent", "given-user-agent")),
"{}"); "{}");
context.define("current-user"); context.define(TEMP, "current-user", null);
verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING); verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING);
verify(nativeQuery).setParameter("currentRequest", """ verify(nativeQuery).setParameter("currentRequest", """
@ -151,7 +153,7 @@ class ContextUnitTest {
Map.entry("user-agent", "given-user-agent")), Map.entry("user-agent", "given-user-agent")),
"{}"); "{}");
context.define("current-user"); context.define(TEMP, "current-user", null);
verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING); verify(em).createNativeQuery(DEFINE_CONTEXT_QUERY_STRING);
verify(nativeQuery).setParameter(eq("currentTask"), argThat((String t) -> t.length() == 127)); verify(nativeQuery).setParameter(eq("currentTask"), argThat((String t) -> t.length() == 127));

View File

@ -19,6 +19,7 @@ import java.util.EnumSet;
import java.util.UUID; import java.util.UUID;
import static java.lang.String.join; import static java.lang.String.join;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@DataJpaTest @DataJpaTest
@ -45,7 +46,7 @@ class RbacGrantsDiagramServiceIntegrationTest extends ContextBasedTestWithCleanu
} }
protected void context(final String currentUser, final String assumedRoles) { protected void context(final String currentUser, final String assumedRoles) {
context.define(test.getDisplayName(), null, currentUser, assumedRoles); context.define(TEMP, test.getDisplayName(), null, currentUser, assumedRoles);
} }
protected void context(final String currentUser) { protected void context(final String currentUser) {

View File

@ -15,6 +15,7 @@ import jakarta.persistence.EntityManager;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import java.util.List; import java.util.List;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static net.hostsharing.hsadminng.rbac.test.JpaAttempt.attempt; import static net.hostsharing.hsadminng.rbac.test.JpaAttempt.attempt;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@ -58,7 +59,7 @@ class RbacRoleRepositoryIntegrationTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllRbacRoles() { public void globalAdmin_withoutAssumedRole_canViewAllRbacRoles() {
// given // given
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
// when // when
final var result = rbacRoleRepository.findAll(); final var result = rbacRoleRepository.findAll();
@ -69,20 +70,20 @@ class RbacRoleRepositoryIntegrationTest {
@Test @Test
public void globalAdmin_withAssumedglobalAdminRole_canViewAllRbacRoles() { public void globalAdmin_withAssumedglobalAdminRole_canViewAllRbacRoles() {
given: // given
context.define("superuser-alex@hostsharing.net", "global#global:ADMIN"); context.define(TEMP, "superuser-alex@hostsharing.net", "global#global:ADMIN");
// when // when
final var result = rbacRoleRepository.findAll(); final var result = rbacRoleRepository.findAll();
then: // then
allTheseRbacRolesAreReturned(result, ALL_TEST_DATA_ROLES); allTheseRbacRolesAreReturned(result, ALL_TEST_DATA_ROLES);
} }
@Test @Test
public void customerAdmin_withoutAssumedRole_canViewOnlyItsOwnRbacRole() { public void customerAdmin_withoutAssumedRole_canViewOnlyItsOwnRbacRole() {
// given: // given:
context.define("customer-admin@xxx.example.com"); context.define(TEMP, "customer-admin@xxx.example.com", null);
// when: // when:
final var result = rbacRoleRepository.findAll(); final var result = rbacRoleRepository.findAll();
@ -121,7 +122,7 @@ class RbacRoleRepositoryIntegrationTest {
@Test @Test
public void customerAdmin_withAssumedOwnedPackageAdminRole_canViewOnlyItsOwnRbacRole() { public void customerAdmin_withAssumedOwnedPackageAdminRole_canViewOnlyItsOwnRbacRole() {
context.define("customer-admin@xxx.example.com", "test_package#xxx00:ADMIN"); context.define(TEMP, "customer-admin@xxx.example.com", "test_package#xxx00:ADMIN");
final var result = rbacRoleRepository.findAll(); final var result = rbacRoleRepository.findAll();
@ -138,7 +139,7 @@ class RbacRoleRepositoryIntegrationTest {
@Test @Test
void anonymousUser_withoutAssumedRole_cannotViewAnyRbacRoles() { void anonymousUser_withoutAssumedRole_cannotViewAnyRbacRoles() {
context.define(null); context.define(TEMP, null);
final var result = attempt( final var result = attempt(
em, em,
@ -155,7 +156,7 @@ class RbacRoleRepositoryIntegrationTest {
@Test @Test
void customerAdmin_withoutAssumedRole_canFindItsOwnRolesByName() { void customerAdmin_withoutAssumedRole_canFindItsOwnRolesByName() {
context.define("customer-admin@xxx.example.com"); context.define(TEMP, "customer-admin@xxx.example.com", null);
final var result = rbacRoleRepository.findByRoleName("test_customer#xxx:ADMIN"); final var result = rbacRoleRepository.findByRoleName("test_customer#xxx:ADMIN");
@ -167,7 +168,7 @@ class RbacRoleRepositoryIntegrationTest {
@Test @Test
void customerAdmin_withoutAssumedRole_canNotFindAlienRolesByName() { void customerAdmin_withoutAssumedRole_canNotFindAlienRolesByName() {
context.define("customer-admin@xxx.example.com"); context.define(TEMP, "customer-admin@xxx.example.com", null);
final var result = rbacRoleRepository.findByRoleName("test_customer#bbb:ADMIN"); final var result = rbacRoleRepository.findByRoleName("test_customer#bbb:ADMIN");

View File

@ -14,6 +14,7 @@ import org.springframework.transaction.annotation.Transactional;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.*; import static org.hamcrest.Matchers.*;
@ -65,7 +66,7 @@ class RbacUserControllerAcceptanceTest {
// finally, the user can view its own record // finally, the user can view its own record
final var newUserUuid = UUID.fromString( final var newUserUuid = UUID.fromString(
location.substring(location.lastIndexOf('/') + 1)); location.substring(location.lastIndexOf('/') + 1));
context.define("new-user@example.com"); context.define(TEMP, "new-user@example.com", null);
assertThat(rbacUserRepository.findByUuid(newUserUuid)) assertThat(rbacUserRepository.findByUuid(newUserUuid))
.extracting(RbacUserEntity::getName).isEqualTo("new-user@example.com"); .extracting(RbacUserEntity::getName).isEqualTo("new-user@example.com");
} }
@ -436,7 +437,7 @@ class RbacUserControllerAcceptanceTest {
RbacUserEntity findRbacUserByName(final String userName) { RbacUserEntity findRbacUserByName(final String userName) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net", null);
return rbacUserRepository.findByName(userName); return rbacUserRepository.findByName(userName);
}).returnedValue(); }).returnedValue();
} }
@ -444,7 +445,7 @@ class RbacUserControllerAcceptanceTest {
RbacUserEntity givenANewUser() { RbacUserEntity givenANewUser() {
final var givenUserName = "test-user-" + System.currentTimeMillis() + "@example.com"; final var givenUserName = "test-user-" + System.currentTimeMillis() + "@example.com";
final var givenUser = jpaAttempt.transacted(() -> { final var givenUser = jpaAttempt.transacted(() -> {
context.define(null); context.define(TEMP, null);
return rbacUserRepository.create(new RbacUserEntity(UUID.randomUUID(), givenUserName)); return rbacUserRepository.create(new RbacUserEntity(UUID.randomUUID(), givenUserName));
}).assumeSuccessful().returnedValue(); }).assumeSuccessful().returnedValue();
assertThat(rbacUserRepository.findByName(givenUser.getName())).isNotNull(); assertThat(rbacUserRepository.findByName(givenUser.getName())).isNotNull();

View File

@ -1,5 +1,6 @@
package net.hostsharing.hsadminng.rbac.test; package net.hostsharing.hsadminng.rbac.test;
import net.hostsharing.hsadminng.context.Context;
import net.hostsharing.hsadminng.rbac.context.ContextBasedTest; import net.hostsharing.hsadminng.rbac.context.ContextBasedTest;
import net.hostsharing.hsadminng.rbac.rbacobject.RbacObject; import net.hostsharing.hsadminng.rbac.rbacobject.RbacObject;
import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantEntity; import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantEntity;
@ -12,7 +13,6 @@ import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.TestInfo; import org.junit.jupiter.api.TestInfo;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.Repository; import org.springframework.data.repository.Repository;
import jakarta.persistence.*; import jakarta.persistence.*;
@ -21,6 +21,7 @@ import java.util.*;
import static java.lang.System.out; import static java.lang.System.out;
import static java.util.Comparator.comparing; import static java.util.Comparator.comparing;
import static java.util.stream.Collectors.toSet; import static java.util.stream.Collectors.toSet;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static org.apache.commons.collections4.SetUtils.difference; import static org.apache.commons.collections4.SetUtils.difference;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@ -45,7 +46,6 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
private TreeMap<UUID, Class<? extends RbacObject>> entitiesToCleanup = new TreeMap<>(); private TreeMap<UUID, Class<? extends RbacObject>> entitiesToCleanup = new TreeMap<>();
private static Long latestIntialTestDataSerialId;
private static boolean countersInitialized = false; private static boolean countersInitialized = false;
private static boolean initialTestDataValidated = false; private static boolean initialTestDataValidated = false;
private static Long initialRbacObjectCount = null; private static Long initialRbacObjectCount = null;
@ -99,7 +99,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
final UUID uuid = UUID.fromString(o.split(":")[1]); final UUID uuid = UUID.fromString(o.split(":")[1]);
final var exception = jpaAttempt.transacted(() -> { final var exception = jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
em.remove(em.getReference(entityClass, uuid)); em.remove(em.getReference(entityClass, uuid));
out.println("DELETING new " + entityClass.getSimpleName() + "#" + uuid + " SUCCEEDED"); out.println("DELETING new " + entityClass.getSimpleName() + "#" + uuid + " SUCCEEDED");
}).caughtException(); }).caughtException();
@ -115,10 +115,6 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
void retrieveInitialTestData(final TestInfo testInfo) { void retrieveInitialTestData(final TestInfo testInfo) {
out.println(ContextBasedTestWithCleanup.class.getSimpleName() + ".retrieveInitialTestData"); out.println(ContextBasedTestWithCleanup.class.getSimpleName() + ".retrieveInitialTestData");
if (latestIntialTestDataSerialId == null ) {
latestIntialTestDataSerialId = rbacObjectRepo.findLatestSerialId();
}
if (initialRbacObjects != null){ if (initialRbacObjects != null){
assertNoNewRbacObjectsRolesAndGrantsLeaked(); assertNoNewRbacObjectsRolesAndGrantsLeaked();
} }
@ -126,7 +122,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
initialTestDataValidated = false; initialTestDataValidated = false;
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
if (initialRbacObjects == null) { if (initialRbacObjects == null) {
initialRbacObjects = allRbacObjects(); initialRbacObjects = allRbacObjects();
@ -177,7 +173,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
private void cleanupTemporaryTestData() { private void cleanupTemporaryTestData() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
entitiesToCleanup.reversed().forEach((uuid, entityClass) -> { entitiesToCleanup.reversed().forEach((uuid, entityClass) -> {
final var rvTableName = entityClass.getAnnotation(Table.class).name(); final var rvTableName = entityClass.getAnnotation(Table.class).name();
if ( !rvTableName.endsWith("_rv") ) { if ( !rvTableName.endsWith("_rv") ) {
@ -193,7 +189,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
private long assertNoNewRbacObjectsRolesAndGrantsLeaked() { private long assertNoNewRbacObjectsRolesAndGrantsLeaked() {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net"); context.define(TEMP, "superuser-alex@hostsharing.net");
assertEqual(initialRbacObjects, allRbacObjects()); assertEqual(initialRbacObjects, allRbacObjects());
if (DETAILED_BUT_SLOW_CHECK) { if (DETAILED_BUT_SLOW_CHECK) {
assertEqual(initialRbacRoles, allRbacRoles()); assertEqual(initialRbacRoles, allRbacRoles());
@ -215,11 +211,11 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
private void deleteLeakedRbacObjects() { private void deleteLeakedRbacObjects() {
jpaAttempt.transacted(() -> rbacObjectRepo.findAll()).returnedValue().stream() jpaAttempt.transacted(() -> rbacObjectRepo.findAll()).returnedValue().stream()
.filter(o -> o.serialId > latestIntialTestDataSerialId) .filter(o -> o.scope == TEMP)
.sorted(comparing(o -> o.serialId)) .sorted(comparing(o -> o.serialId))
.forEach(o -> { .forEach(o -> {
final var exception = jpaAttempt.transacted(() -> { final var exception = jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
em.createNativeQuery("DELETE FROM " + o.objectTable + " WHERE uuid=:uuid") em.createNativeQuery("DELETE FROM " + o.objectTable + " WHERE uuid=:uuid")
.setParameter("uuid", o.uuid) .setParameter("uuid", o.uuid)
@ -244,7 +240,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
@NotNull @NotNull
private Set<String> allRbacGrants() { private Set<String> allRbacGrants() {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
return rbacGrantRepo.findAll().stream() return rbacGrantRepo.findAll().stream()
.map(RbacGrantEntity::toDisplay) .map(RbacGrantEntity::toDisplay)
.collect(toSet()); .collect(toSet());
@ -254,7 +250,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
@NotNull @NotNull
private Set<String> allRbacRoles() { private Set<String> allRbacRoles() {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
return rbacRoleRepo.findAll().stream() return rbacRoleRepo.findAll().stream()
.map(RbacRoleEntity::getRoleName) .map(RbacRoleEntity::getRoleName)
.collect(toSet()); .collect(toSet());
@ -264,7 +260,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
@NotNull @NotNull
private Set<String> allRbacObjects() { private Set<String> allRbacObjects() {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
return rbacObjectRepo.findAll().stream() return rbacObjectRepo.findAll().stream()
.map(RbacObjectEntity::toString) .map(RbacObjectEntity::toString)
.collect(toSet()); .collect(toSet());
@ -299,9 +295,6 @@ interface RbacObjectRepository extends Repository<RbacObjectEntity, UUID> {
long count(); long count();
List<RbacObjectEntity> findAll(); List<RbacObjectEntity> findAll();
@Query("SELECT max(r.serialId) FROM RbacObjectEntity r")
Long findLatestSerialId();
} }
@Entity @Entity
@ -312,6 +305,10 @@ class RbacObjectEntity {
@GeneratedValue @GeneratedValue
UUID uuid; UUID uuid;
@Column(name = "scope")
@Enumerated(EnumType.STRING)
Context.Scope scope;
@Column(name = "serialid") @Column(name = "serialid")
long serialId; long serialId;
@ -320,6 +317,6 @@ class RbacObjectEntity {
@Override @Override
public String toString() { public String toString() {
return objectTable + ":" + uuid + ":" + serialId; return objectTable + ":" + uuid + ":" + scope;
} }
} }

View File

@ -18,6 +18,7 @@ import jakarta.persistence.EntityManager;
import jakarta.persistence.PersistenceContext; import jakarta.persistence.PersistenceContext;
import java.util.UUID; import java.util.UUID;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.CoreMatchers.containsString; import static org.hamcrest.CoreMatchers.containsString;
import static org.hamcrest.Matchers.*; import static org.hamcrest.Matchers.*;
@ -148,7 +149,7 @@ class TestCustomerControllerAcceptanceTest {
// finally, the new customer can be viewed by its own admin // finally, the new customer can be viewed by its own admin
final var newUserUuid = UUID.fromString( final var newUserUuid = UUID.fromString(
location.substring(location.lastIndexOf('/') + 1)); location.substring(location.lastIndexOf('/') + 1));
context.define("superuser-fran@hostsharing.net", "test_customer#uuu:ADMIN"); context.define(TEMP, "superuser-fran@hostsharing.net", "test_customer#uuu:ADMIN");
assertThat(testCustomerRepository.findByUuid(newUserUuid)) assertThat(testCustomerRepository.findByUuid(newUserUuid))
.hasValueSatisfying(c -> assertThat(c.getPrefix()).isEqualTo("uuu")); .hasValueSatisfying(c -> assertThat(c.getPrefix()).isEqualTo("uuu"));
} }
@ -179,7 +180,7 @@ class TestCustomerControllerAcceptanceTest {
// @formatter:on // @formatter:on
// finally, the new customer was not created // finally, the new customer was not created
context.define("superuser-fran@hostsharing.net"); context.define(TEMP, "superuser-fran@hostsharing.net", null);
assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0); assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0);
} }
@ -208,7 +209,7 @@ class TestCustomerControllerAcceptanceTest {
// @formatter:on // @formatter:on
// finally, the new customer was not created // finally, the new customer was not created
context.define("superuser-fran@hostsharing.net"); context.define(TEMP, "superuser-fran@hostsharing.net", null);
assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0); assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0);
} }
@ -236,7 +237,7 @@ class TestCustomerControllerAcceptanceTest {
@AfterEach @AfterEach
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define(TEMP, "superuser-alex@hostsharing.net", null);
em.createQuery("DELETE FROM TestCustomerEntity c WHERE c.reference < 99900").executeUpdate(); em.createQuery("DELETE FROM TestCustomerEntity c WHERE c.reference < 99900").executeUpdate();
}).assertSuccessful(); }).assertSuccessful();
} }

View File

@ -16,6 +16,7 @@ import org.springframework.transaction.annotation.Transactional;
import java.util.UUID; import java.util.UUID;
import static java.lang.String.format; import static java.lang.String.format;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.is;
@ -188,7 +189,7 @@ class TestPackageControllerAcceptanceTest {
} }
String getDescriptionOfPackage(final String packageName) { String getDescriptionOfPackage(final String packageName) {
context.define("superuser-alex@hostsharing.net","test_customer#xxx:ADMIN"); context.define(TEMP, "superuser-alex@hostsharing.net","test_customer#xxx:ADMIN");
return testPackageRepository.findAllByOptionalNameLike(packageName).get(0).getDescription(); return testPackageRepository.findAllByOptionalNameLike(packageName).get(0).getDescription();
} }
} }

View File

@ -16,6 +16,7 @@ import jakarta.persistence.PersistenceContext;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import java.util.List; import java.util.List;
import static net.hostsharing.hsadminng.context.Context.Scope.TEMP;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@DataJpaTest @DataJpaTest
@ -41,7 +42,7 @@ class TestPackageRepositoryIntegrationTest extends ContextBasedTest {
public void globalAdmin_withoutAssumedRole_canNotViewAnyPackages_becauseThoseGrantsAreNotAssumed() { public void globalAdmin_withoutAssumedRole_canNotViewAnyPackages_becauseThoseGrantsAreNotAssumed() {
// given // given
// alex is not just global-admin but lso the creating user, thus we use fran // alex is not just global-admin but lso the creating user, thus we use fran
context.define("superuser-fran@hostsharing.net"); context.define(TEMP, "superuser-fran@hostsharing.net", null);
// when // when
final var result = testPackageRepository.findAllByOptionalNameLike(null); final var result = testPackageRepository.findAllByOptionalNameLike(null);
@ -52,20 +53,20 @@ class TestPackageRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withAssumedglobalAdminRole__canNotViewAnyPackages_becauseThoseGrantsAreNotAssumed() { public void globalAdmin_withAssumedglobalAdminRole__canNotViewAnyPackages_becauseThoseGrantsAreNotAssumed() {
given: // given
context.define("superuser-alex@hostsharing.net", "global#global:ADMIN"); context.define(TEMP, "superuser-alex@hostsharing.net", "global#global:ADMIN");
// when // when
final var result = testPackageRepository.findAllByOptionalNameLike(null); final var result = testPackageRepository.findAllByOptionalNameLike(null);
then: // then
noPackagesAreReturned(result); noPackagesAreReturned(result);
} }
@Test @Test
public void customerAdmin_withoutAssumedRole_canViewOnlyItsOwnPackages() { public void customerAdmin_withoutAssumedRole_canViewOnlyItsOwnPackages() {
// given: // given:
context.define("customer-admin@xxx.example.com"); context.define(TEMP, "customer-admin@xxx.example.com", null);
// when: // when:
final var result = testPackageRepository.findAllByOptionalNameLike(null); final var result = testPackageRepository.findAllByOptionalNameLike(null);
@ -76,7 +77,7 @@ class TestPackageRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void customerAdmin_withAssumedOwnedPackageAdminRole_canViewOnlyItsOwnPackages() { public void customerAdmin_withAssumedOwnedPackageAdminRole_canViewOnlyItsOwnPackages() {
context.define("customer-admin@xxx.example.com", "test_package#xxx00:ADMIN"); context.define(TEMP, "customer-admin@xxx.example.com", "test_package#xxx00:ADMIN");
final var result = testPackageRepository.findAllByOptionalNameLike(null); final var result = testPackageRepository.findAllByOptionalNameLike(null);
@ -123,7 +124,7 @@ class TestPackageRepositoryIntegrationTest extends ContextBasedTest {
} }
private void globalAdminWithAssumedRole(final String assumedRoles) { private void globalAdminWithAssumedRole(final String assumedRoles) {
context.define("superuser-alex@hostsharing.net", assumedRoles); context.define(TEMP, "superuser-alex@hostsharing.net", assumedRoles);
} }
void noPackagesAreReturned(final List<TestPackageEntity> actualResult) { void noPackagesAreReturned(final List<TestPackageEntity> actualResult) {