fix role generation for contact+person

This commit is contained in:
Michael Hoennig 2022-09-09 09:58:36 +02:00
parent 0fe1f85549
commit 35efa40ebb
4 changed files with 10 additions and 6 deletions

View File

@ -26,7 +26,7 @@ begin
return roleDescriptor('hs_admin_contact', contact.uuid, 'owner'); return roleDescriptor('hs_admin_contact', contact.uuid, 'owner');
end; $$; end; $$;
create or replace function hsAdminContactOwner(contact hs_admin_contact) create or replace function hsAdminContactAdmin(contact hs_admin_contact)
returns RbacRoleDescriptor returns RbacRoleDescriptor
language plpgsql language plpgsql
strict as $$ strict as $$

View File

@ -26,7 +26,7 @@ begin
return roleDescriptor('hs_admin_person', person.uuid, 'owner'); return roleDescriptor('hs_admin_person', person.uuid, 'owner');
end; $$; end; $$;
create or replace function hsAdminPersonOwner(person hs_admin_person) create or replace function hsAdminPersonAdmin(person hs_admin_person)
returns RbacRoleDescriptor returns RbacRoleDescriptor
language plpgsql language plpgsql
strict as $$ strict as $$

View File

@ -14,6 +14,7 @@ import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest;
import org.springframework.boot.test.mock.mockito.MockBean; import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.ComponentScan;
import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext;
import org.testcontainers.junit.jupiter.Container;
import javax.persistence.EntityManager; import javax.persistence.EntityManager;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -50,6 +51,9 @@ class HsAdminContactRepositoryIntegrationTest extends ContextBasedTest {
@MockBean @MockBean
HttpServletRequest request; HttpServletRequest request;
@Container
Container postgres;
@Nested @Nested
class CreateContact { class CreateContact {
@ -104,13 +108,13 @@ class HsAdminContactRepositoryIntegrationTest extends ContextBasedTest {
// then // then
final var roles = roleRepo.findAll(); final var roles = roleRepo.findAll();
assertThat(roleNamesOf(roles)).containsAll(List.of( assertThat(roleNamesOf(roles)).containsAll(List.of(
"hs_admin_contact#anothernewcontact.admin", "hs_admin_contact#anothernewcontact.owner",
"hs_admin_contact#anothernewcontact.tenant")); "hs_admin_contact#anothernewcontact.tenant"));
assertThat(roles.size()).as("invalid number of roles created") assertThat(roles.size()).as("invalid number of roles created")
.isEqualTo(initialRoleCount + 2); .isEqualTo(initialRoleCount + 2);
final var grants = grantRepo.findAll(); final var grants = grantRepo.findAll();
assertThat(grantDisplaysOf(grants)).containsAll(List.of( assertThat(grantDisplaysOf(grants)).containsAll(List.of(
"{ grant assumed role hs_admin_contact#anothernewcontact.admin to user drew@hostsharing.org by role global#global.admin }")); "{ grant assumed role hs_admin_contact#anothernewcontact.owner to user drew@hostsharing.org by role global#global.admin }"));
assertThat(grants.size()).as("invalid number of grants created") assertThat(grants.size()).as("invalid number of grants created")
.isEqualTo(initialGrantCount + 1); .isEqualTo(initialGrantCount + 1);
} }

View File

@ -104,13 +104,13 @@ class HsAdminPersonRepositoryIntegrationTest extends ContextBasedTest {
// then // then
final var roles = roleRepo.findAll(); final var roles = roleRepo.findAll();
assertThat(roleNamesOf(roles)).containsAll(List.of( assertThat(roleNamesOf(roles)).containsAll(List.of(
"hs_admin_person#anothernewperson.admin", "hs_admin_person#anothernewperson.owner",
"hs_admin_person#anothernewperson.tenant")); "hs_admin_person#anothernewperson.tenant"));
assertThat(roles.size()).as("invalid number of roles created") assertThat(roles.size()).as("invalid number of roles created")
.isEqualTo(initialRoleCount + 2); .isEqualTo(initialRoleCount + 2);
final var grants = grantRepo.findAll(); final var grants = grantRepo.findAll();
assertThat(grantDisplaysOf(grants)).containsAll(List.of( assertThat(grantDisplaysOf(grants)).containsAll(List.of(
"{ grant assumed role hs_admin_person#anothernewperson.admin to user drew@hostsharing.org by role global#global.admin }")); "{ grant assumed role hs_admin_person#anothernewperson.owner to user drew@hostsharing.org by role global#global.admin }"));
assertThat(grants.size()).as("invalid number of grants created") assertThat(grants.size()).as("invalid number of grants created")
.isEqualTo(initialGrantCount + 1); .isEqualTo(initialGrantCount + 1);
} }