diff --git a/README.md b/README.md index f6c7c481..aeeb960c 100644 --- a/README.md +++ b/README.md @@ -66,18 +66,18 @@ If you have at least Docker, the Java JDK and Gradle installed in appropriate ve # the following command should return a JSON array with just all customers: curl \ -H 'current-user: mike@example.org' \ - http://localhost:8080/api/test-customers + http://localhost:8080/api/test/customers # the following command should return a JSON array with just all packages visible for the admin of the customer yyy: curl \ -H 'current-user: mike@example.org' -H 'assumed-roles: test_customer#yyy.admin' \ - http://localhost:8080/api/test-packages + http://localhost:8080/api/test/packages # add a new customer curl \ -H 'current-user: mike@example.org' -H "Content-Type: application/json" \ -d '{ "prefix":"ttt", "reference":80001, "adminUserName":"admin@ttt.example.com" }' \ - -X POST http://localhost:8080/api/test-customers + -X POST http://localhost:8080/api/test/customers If you wonder who 'mike@example.org' and 'sven@example.org' are and where the data comes from: Mike and Sven are just example global admin accounts as part of the example data which is automatically inserted in Testcontainers and Development environments. diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantController.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantController.java index d1eff5a4..ecd0f260 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantController.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantController.java @@ -73,7 +73,7 @@ public class RbacGrantController implements RbacgrantsApi { final var uri = MvcUriComponentsBuilder.fromController(getClass()) - .path("/api/rbac-grants/{roleUuid}") + .path("/api/rbac/grants/{roleUuid}") .buildAndExpand(body.getGrantedRoleUuid()) .toUri(); return ResponseEntity.created(uri).body(map(granted, RbacGrantResource.class)); diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserController.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserController.java index 0a1dc775..77507b50 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserController.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserController.java @@ -39,7 +39,7 @@ public class RbacUserController implements RbacusersApi { rbacUserRepository.create(saved); final var uri = MvcUriComponentsBuilder.fromController(getClass()) - .path("/api/rbac-users/{id}") + .path("/api/rbac/users/{id}") .buildAndExpand(saved.getUuid()) .toUri(); return ResponseEntity.created(uri).body(map(saved, RbacUserResource.class)); diff --git a/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java b/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java index deb2ca3c..cff9ef30 100644 --- a/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java +++ b/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java @@ -56,7 +56,7 @@ public class TestCustomerController implements TestCustomersApi { final var uri = MvcUriComponentsBuilder.fromController(getClass()) - .path("/api/test-customers/{id}") + .path("/api/test/customers/{id}") .buildAndExpand(customer.getUuid()) .toUri(); return ResponseEntity.created(uri).body(map(saved, TestCustomerResource.class)); diff --git a/src/main/resources/api-definition.yaml b/src/main/resources/api-definition.yaml index 46988e83..79d18d40 100644 --- a/src/main/resources/api-definition.yaml +++ b/src/main/resources/api-definition.yaml @@ -10,35 +10,37 @@ paths: # RBAC - /api/rbac-users: + /api/rbac/users: $ref: "./api-definition/rbac-users.yaml" - /api/rbac-users/{userUuid}/permissions: + /api/rbac/users/{userUuid}/permissions: $ref: "./api-definition/rbac-users-with-id-permissions.yaml" - /api/rbac-users/{userUuid}: + /api/rbac/users/{userUuid}: $ref: "./api-definition/rbac-users-with-uuid.yaml" - /api/rbac-roles: + /api/rbac/roles: $ref: "./api-definition/rbac-roles.yaml" - /api/rbac-grants: + /api/rbac/grants: $ref: "./api-definition/rbac-grants.yaml" - /api/rbac-grants/{grantedRoleUuid}/{granteeUserUuid}: + /api/rbac/grants/{grantedRoleUuid}/{granteeUserUuid}: $ref: "./api-definition/rbac-grants-with-id.yaml" - # HS - /api/test-customers: + # Test-Entities for RBAC + + /api/test/customers: $ref: "./api-definition/test-customers.yaml" - /api/test-packages: + /api/test/packages: $ref: "./api-definition/test-packages.yaml" - /api/test-packages/{packageUUID}: + /api/test/packages/{packageUUID}: $ref: "./api-definition/test-packages-uuid.yaml" + # Other /api/ping: diff --git a/src/main/resources/api-mappings.yaml b/src/main/resources/api-mappings.yaml index 9e7539f5..583a74fc 100644 --- a/src/main/resources/api-mappings.yaml +++ b/src/main/resources/api-mappings.yaml @@ -12,5 +12,5 @@ map: - type: string:uuid => java.util.UUID paths: - /api/test-packages/{packageUUID}: + /api/test/packages/{packageUUID}: null: org.openapitools.jackson.nullable.JsonNullable diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java index 1486d40b..c7ab5a34 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java @@ -68,7 +68,7 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { .header("current-user", "mike@example.org") .port(port) .when() - .get("http://localhost/api/rbac-grants") + .get("http://localhost/api/rbac/grants") .then().log().all().assertThat() .statusCode(200) .contentType("application/json") @@ -120,7 +120,7 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { .header("assumed-roles", "test_package#yyy00.admin") .port(port) .when() - .get("http://localhost/api/rbac-grants") + .get("http://localhost/api/rbac/grants") .then().log().all().assertThat() .statusCode(200) .contentType("application/json") @@ -143,7 +143,7 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { .header("current-user", "pac-admin-yyy00@yyy.example.com") .port(port) .when() - .get("http://localhost/api/rbac-grants") + .get("http://localhost/api/rbac/grants") .then().log().all().assertThat() .statusCode(200) .contentType("application/json") @@ -406,7 +406,7 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { ) .port(port) .when() - .post("http://localhost/api/rbac-grants") + .post("http://localhost/api/rbac/grants") .then().log().all(); // @formatter:on } } @@ -442,7 +442,7 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { ) .port(port) .when() - .delete("http://localhost/api/rbac-grants/%s/%s".formatted( + .delete("http://localhost/api/rbac/grants/%s/%s".formatted( grantedRole.getUuid(), granteeUser.getUuid() )) .then().log().all(); // @formatter:on @@ -467,7 +467,7 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { .header("assumed-roles", currentSubject.assumedRole) .port(port) .when() - .get("http://localhost/api/rbac-grants/%s/%s".formatted( + .get("http://localhost/api/rbac/grants/%s/%s".formatted( grantedRole.getUuid(), granteeUser.getUuid() )) .then().log().all(); diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerAcceptanceTest.java index 296a7bf3..f332fbd0 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerAcceptanceTest.java @@ -46,7 +46,7 @@ class RbacRoleControllerAcceptanceTest { .header("current-user", "mike@example.org") .port(port) .when() - .get("http://localhost/api/rbac-roles") + .get("http://localhost/api/rbac/roles") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -73,7 +73,7 @@ class RbacRoleControllerAcceptanceTest { .header("assumed-roles", "test_package#yyy00.admin") .port(port) .when() - .get("http://localhost/api/rbac-roles") + .get("http://localhost/api/rbac/roles") .then() .log().body() .assertThat() @@ -97,7 +97,7 @@ class RbacRoleControllerAcceptanceTest { .header("current-user", "pac-admin-zzz00@zzz.example.com") .port(port) .when() - .get("http://localhost/api/rbac-roles") + .get("http://localhost/api/rbac/roles") .then().assertThat() .statusCode(200) .contentType("application/json") diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerRestTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerRestTest.java index 6d0aadb9..599a708a 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerRestTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerRestTest.java @@ -36,7 +36,7 @@ class RbacRoleControllerRestTest { // when mockMvc.perform(MockMvcRequestBuilders - .get("/api/rbac-roles") + .get("/api/rbac/roles") .header("current-user", "mike@example.org") .accept(MediaType.APPLICATION_JSON)) diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerAcceptanceTest.java index 13e4edf6..aff07c51 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerAcceptanceTest.java @@ -59,7 +59,7 @@ class RbacUserControllerAcceptanceTest { """) .port(port) .when() - .post("http://localhost/api/rbac-users") + .post("http://localhost/api/rbac/users") .then().assertThat() .statusCode(201) .contentType(ContentType.JSON) @@ -91,7 +91,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "mike@example.org") .port(port) .when() - .get("http://localhost/api/rbac-users/" + givenUser.getUuid()) + .get("http://localhost/api/rbac/users/" + givenUser.getUuid()) .then().log().body().assertThat() .statusCode(200) .contentType("application/json") @@ -111,7 +111,7 @@ class RbacUserControllerAcceptanceTest { .header("assumed-roles", "test_customer#yyy.admin") .port(port) .when() - .get("http://localhost/api/rbac-users/" + givenUser.getUuid()) + .get("http://localhost/api/rbac/users/" + givenUser.getUuid()) .then().log().body().assertThat() .statusCode(200) .contentType("application/json") @@ -130,7 +130,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "customer-admin@yyy.example.com") .port(port) .when() - .get("http://localhost/api/rbac-users/" + givenUser.getUuid()) + .get("http://localhost/api/rbac/users/" + givenUser.getUuid()) .then().log().body().assertThat() .statusCode(200) .contentType("application/json") @@ -149,7 +149,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "customer-admin@xxx.example.com") .port(port) .when() - .get("http://localhost/api/rbac-users/" + givenUser.getUuid()) + .get("http://localhost/api/rbac/users/" + givenUser.getUuid()) .then().log().body().assertThat() .statusCode(404); // @formatter:on @@ -169,7 +169,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "mike@example.org") .port(port) .when() - .get("http://localhost/api/rbac-users") + .get("http://localhost/api/rbac/users") .then().log().body().assertThat() .statusCode(200) .contentType("application/json") @@ -195,7 +195,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "mike@example.org") .port(port) .when() - .get("http://localhost/api/rbac-users?name=pac-admin-zzz0") + .get("http://localhost/api/rbac/users?name=pac-admin-zzz0") .then().log().body().assertThat() .statusCode(200) .contentType("application/json") @@ -217,7 +217,7 @@ class RbacUserControllerAcceptanceTest { .header("assumed-roles", "test_customer#yyy.admin") .port(port) .when() - .get("http://localhost/api/rbac-users") + .get("http://localhost/api/rbac/users") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -239,7 +239,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "customer-admin@yyy.example.com") .port(port) .when() - .get("http://localhost/api/rbac-users") + .get("http://localhost/api/rbac/users") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -261,7 +261,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "pac-admin-xxx01@xxx.example.com") .port(port) .when() - .get("http://localhost/api/rbac-users") + .get("http://localhost/api/rbac/users") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -285,7 +285,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "mike@example.org") .port(port) .when() - .get("http://localhost/api/rbac-users/" + givenUser.getUuid() + "/permissions") + .get("http://localhost/api/rbac/users/" + givenUser.getUuid() + "/permissions") .then().log().body().assertThat() .statusCode(200) .contentType("application/json") @@ -320,7 +320,7 @@ class RbacUserControllerAcceptanceTest { .header("assumed-roles", "test_package#yyy00.admin") .port(port) .when() - .get("http://localhost/api/rbac-users/" + givenUser.getUuid() + "/permissions") + .get("http://localhost/api/rbac/users/" + givenUser.getUuid() + "/permissions") .then().log().body().assertThat() .statusCode(200) .contentType("application/json") @@ -354,7 +354,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "pac-admin-yyy00@yyy.example.com") .port(port) .when() - .get("http://localhost/api/rbac-users/" + givenUser.getUuid() + "/permissions") + .get("http://localhost/api/rbac/users/" + givenUser.getUuid() + "/permissions") .then().log().body().assertThat() .statusCode(200) .contentType("application/json") @@ -388,7 +388,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "pac-admin-yyy00@yyy.example.com") .port(port) .when() - .get("http://localhost/api/rbac-users/" + givenUser.getUuid() + "/permissions") + .get("http://localhost/api/rbac/users/" + givenUser.getUuid() + "/permissions") .then().log().body().assertThat() .statusCode(200) .contentType("application/json") @@ -413,7 +413,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", givenUser.getName()) .port(port) .when() - .delete("http://localhost/api/rbac-users/" + givenUser.getUuid()) + .delete("http://localhost/api/rbac/users/" + givenUser.getUuid()) .then().log().all().assertThat() .statusCode(204); // @formatter:on @@ -435,7 +435,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "customer-admin@xxx.example.com") .port(port) .when() - .delete("http://localhost/api/rbac-users/" + givenUser.getUuid()) + .delete("http://localhost/api/rbac/users/" + givenUser.getUuid()) .then().log().all().assertThat() // that user cannot even see other users, thus the system won't even try to delete .statusCode(204); @@ -458,7 +458,7 @@ class RbacUserControllerAcceptanceTest { .header("current-user", "mike@example.org") .port(port) .when() - .delete("http://localhost/api/rbac-users/" + givenUser.getUuid()) + .delete("http://localhost/api/rbac/users/" + givenUser.getUuid()) .then().log().all().assertThat() .statusCode(204); // @formatter:on diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerRestTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerRestTest.java index b0939994..aba023ab 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerRestTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerRestTest.java @@ -35,7 +35,7 @@ class RbacUserControllerRestTest { // when mockMvc.perform(MockMvcRequestBuilders - .post("/api/rbac-users") + .post("/api/rbac/users") .contentType(MediaType.APPLICATION_JSON) .content(""" { @@ -56,7 +56,7 @@ class RbacUserControllerRestTest { void createUserGeneratesRandomUuidIfNotGiven() throws Exception { // when mockMvc.perform(MockMvcRequestBuilders - .post("/api/rbac-users") + .post("/api/rbac/users") .contentType(MediaType.APPLICATION_JSON) .content("{}") .accept(MediaType.APPLICATION_JSON)) diff --git a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java index 8f9950ad..a388d58b 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java @@ -45,7 +45,7 @@ class TestCustomerControllerAcceptanceTest { .header("current-user", "mike@example.org") .port(port) .when() - .get("http://localhost/api/test-customers") + .get("http://localhost/api/test/customers") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -63,7 +63,7 @@ class TestCustomerControllerAcceptanceTest { .header("current-user", "mike@example.org") .port(port) .when() - .get("http://localhost/api/test-customers?prefix=y") + .get("http://localhost/api/test/customers?prefix=y") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -80,7 +80,7 @@ class TestCustomerControllerAcceptanceTest { .header("assumed-roles", "test_customer#yyy.admin") .port(port) .when() - .get("http://localhost/api/test-customers") + .get("http://localhost/api/test/customers") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -96,7 +96,7 @@ class TestCustomerControllerAcceptanceTest { .header("current-user", "customer-admin@yyy.example.com") .port(port) .when() - .get("http://localhost/api/test-customers") + .get("http://localhost/api/test/customers") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -125,7 +125,7 @@ class TestCustomerControllerAcceptanceTest { """) .port(port) .when() - .post("http://localhost/api/test-customers") + .post("http://localhost/api/test/customers") .then().assertThat() .statusCode(201) .contentType(ContentType.JSON) @@ -160,7 +160,7 @@ class TestCustomerControllerAcceptanceTest { """.formatted(givenUuid)) .port(port) .when() - .post("http://localhost/api/test-customers") + .post("http://localhost/api/test/customers") .then().assertThat() .statusCode(201) .contentType(ContentType.JSON) @@ -196,7 +196,7 @@ class TestCustomerControllerAcceptanceTest { """) .port(port) .when() - .post("http://localhost/api/test-customers") + .post("http://localhost/api/test/customers") .then().assertThat() .statusCode(403) .contentType(ContentType.JSON) @@ -225,7 +225,7 @@ class TestCustomerControllerAcceptanceTest { """) .port(port) .when() - .post("http://localhost/api/test-customers") + .post("http://localhost/api/test/customers") .then().assertThat() .statusCode(403) .contentType(ContentType.JSON) diff --git a/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageControllerAcceptanceTest.java index 42925a6a..ab480d05 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageControllerAcceptanceTest.java @@ -47,7 +47,7 @@ class TestPackageControllerAcceptanceTest { .header("assumed-roles", "test_customer#xxx.admin") .port(port) .when() - .get("http://localhost/api/test-packages") + .get("http://localhost/api/test/packages") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -69,7 +69,7 @@ class TestPackageControllerAcceptanceTest { .header("assumed-roles", "test_customer#xxx.admin") .port(port) .when() - .get("http://localhost/api/test-packages?name=xxx01") + .get("http://localhost/api/test/packages?name=xxx01") .then().assertThat() .statusCode(200) .contentType("application/json") @@ -103,7 +103,7 @@ class TestPackageControllerAcceptanceTest { """, randomDescription)) .port(port) .when() - .patch("http://localhost/api/test-packages/{uuidOfPackage}", getUuidOfPackage("xxx00")) + .patch("http://localhost/api/test/packages/{uuidOfPackage}", getUuidOfPackage("xxx00")) .then() .assertThat() .statusCode(200) @@ -133,7 +133,7 @@ class TestPackageControllerAcceptanceTest { """) .port(port) .when() - .patch("http://localhost/api/test-packages/{uuidOfPackage}", getUuidOfPackage("xxx01")) + .patch("http://localhost/api/test/packages/{uuidOfPackage}", getUuidOfPackage("xxx01")) .then() .assertThat() .statusCode(200) @@ -158,7 +158,7 @@ class TestPackageControllerAcceptanceTest { .body("{}") .port(port) .when() - .patch("http://localhost/api/test-packages/{uuidOfPackage}", getUuidOfPackage("xxx02")) + .patch("http://localhost/api/test/packages/{uuidOfPackage}", getUuidOfPackage("xxx02")) .then().assertThat() .statusCode(200) .contentType("application/json") @@ -176,7 +176,7 @@ class TestPackageControllerAcceptanceTest { .header("assumed-roles", "test_customer#xxx.admin") .port(port) .when() - .get("http://localhost/api/test-packages?name={packageName}", packageName) + .get("http://localhost/api/test/packages?name={packageName}", packageName) .then() .statusCode(200) .contentType("application/json")