fix role generation for contact+person

This commit is contained in:
Michael Hoennig 2022-09-09 09:58:36 +02:00
parent 0fe1f85549
commit 35efa40ebb
4 changed files with 10 additions and 6 deletions

View File

@ -26,7 +26,7 @@ begin
return roleDescriptor('hs_admin_contact', contact.uuid, 'owner');
end; $$;
create or replace function hsAdminContactOwner(contact hs_admin_contact)
create or replace function hsAdminContactAdmin(contact hs_admin_contact)
returns RbacRoleDescriptor
language plpgsql
strict as $$

View File

@ -26,7 +26,7 @@ begin
return roleDescriptor('hs_admin_person', person.uuid, 'owner');
end; $$;
create or replace function hsAdminPersonOwner(person hs_admin_person)
create or replace function hsAdminPersonAdmin(person hs_admin_person)
returns RbacRoleDescriptor
language plpgsql
strict as $$

View File

@ -14,6 +14,7 @@ import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.test.annotation.DirtiesContext;
import org.testcontainers.junit.jupiter.Container;
import javax.persistence.EntityManager;
import javax.servlet.http.HttpServletRequest;
@ -50,6 +51,9 @@ class HsAdminContactRepositoryIntegrationTest extends ContextBasedTest {
@MockBean
HttpServletRequest request;
@Container
Container postgres;
@Nested
class CreateContact {
@ -104,13 +108,13 @@ class HsAdminContactRepositoryIntegrationTest extends ContextBasedTest {
// then
final var roles = roleRepo.findAll();
assertThat(roleNamesOf(roles)).containsAll(List.of(
"hs_admin_contact#anothernewcontact.admin",
"hs_admin_contact#anothernewcontact.owner",
"hs_admin_contact#anothernewcontact.tenant"));
assertThat(roles.size()).as("invalid number of roles created")
.isEqualTo(initialRoleCount + 2);
final var grants = grantRepo.findAll();
assertThat(grantDisplaysOf(grants)).containsAll(List.of(
"{ grant assumed role hs_admin_contact#anothernewcontact.admin to user drew@hostsharing.org by role global#global.admin }"));
"{ grant assumed role hs_admin_contact#anothernewcontact.owner to user drew@hostsharing.org by role global#global.admin }"));
assertThat(grants.size()).as("invalid number of grants created")
.isEqualTo(initialGrantCount + 1);
}

View File

@ -104,13 +104,13 @@ class HsAdminPersonRepositoryIntegrationTest extends ContextBasedTest {
// then
final var roles = roleRepo.findAll();
assertThat(roleNamesOf(roles)).containsAll(List.of(
"hs_admin_person#anothernewperson.admin",
"hs_admin_person#anothernewperson.owner",
"hs_admin_person#anothernewperson.tenant"));
assertThat(roles.size()).as("invalid number of roles created")
.isEqualTo(initialRoleCount + 2);
final var grants = grantRepo.findAll();
assertThat(grantDisplaysOf(grants)).containsAll(List.of(
"{ grant assumed role hs_admin_person#anothernewperson.admin to user drew@hostsharing.org by role global#global.admin }"));
"{ grant assumed role hs_admin_person#anothernewperson.owner to user drew@hostsharing.org by role global#global.admin }"));
assertThat(grants.size()).as("invalid number of grants created")
.isEqualTo(initialGrantCount + 1);
}