prefix alex+fran with superuser- to make tests easier to understand

This commit is contained in:
Michael Hoennig 2022-09-14 09:56:22 +02:00
parent a3d2dd3db1
commit 3fa02d4a10
21 changed files with 137 additions and 136 deletions

View File

@ -72,21 +72,21 @@ If you have at least Docker, the Java JDK and Gradle installed in appropriate ve
# the following command should return a JSON array with just all customers: # the following command should return a JSON array with just all customers:
curl \ curl \
-H 'current-user: alex@hostsharing.net' \ -H 'current-user: superuser-alex@hostsharing.net' \
http://localhost:8080/api/test/customers http://localhost:8080/api/test/customers
# the following command should return a JSON array with just all packages visible for the admin of the customer yyy: # the following command should return a JSON array with just all packages visible for the admin of the customer yyy:
curl \ curl \
-H 'current-user: alex@hostsharing.net' -H 'assumed-roles: test_customer#yyy.admin' \ -H 'current-user: superuser-alex@hostsharing.net' -H 'assumed-roles: test_customer#yyy.admin' \
http://localhost:8080/api/test/packages http://localhost:8080/api/test/packages
# add a new customer # add a new customer
curl \ curl \
-H 'current-user: alex@hostsharing.net' -H "Content-Type: application/json" \ -H 'current-user: superuser-alex@hostsharing.net' -H "Content-Type: application/json" \
-d '{ "prefix":"ttt", "reference":80001, "adminUserName":"admin@ttt.example.com" }' \ -d '{ "prefix":"ttt", "reference":80001, "adminUserName":"admin@ttt.example.com" }' \
-X POST http://localhost:8080/api/test/customers -X POST http://localhost:8080/api/test/customers
If you wonder who 'alex@hostsharing.net' and 'fran@hostsharing.net' are and where the data comes from: If you wonder who 'superuser-alex@hostsharing.net' and 'superuser-fran@hostsharing.net' are and where the data comes from:
Mike and Sven are just example global admin accounts as part of the example data which is automatically inserted in Testcontainers and Development environments. Mike and Sven are just example global admin accounts as part of the example data which is automatically inserted in Testcontainers and Development environments.
Also try for example 'admin@xxx.example.com' or 'unknown@example.org'. Also try for example 'admin@xxx.example.com' or 'unknown@example.org'.

View File

@ -9,10 +9,10 @@ select isGranted(findRoleId('test_package#aaa00.owner'), findRoleId('administrat
-- call grantRoleToRole(findRoleId('administrators'), findRoleId('test_package#aaa00.owner')); -- call grantRoleToRole(findRoleId('administrators'), findRoleId('test_package#aaa00.owner'));
select count(*) select count(*)
FROM queryAllPermissionsOfSubjectIdForObjectUuids(findRbacUser('fran@hostsharing.net'), FROM queryAllPermissionsOfSubjectIdForObjectUuids(findRbacUser('superuser-fran@hostsharing.net'),
ARRAY(select uuid from customer where reference < 1100000)); ARRAY(select uuid from customer where reference < 1100000));
select count(*) select count(*)
FROM queryAllPermissionsOfSubjectId(findRbacUser('fran@hostsharing.net')); FROM queryAllPermissionsOfSubjectId(findRbacUser('superuser-fran@hostsharing.net'));
select * select *
FROM queryAllPermissionsOfSubjectId(findRbacUser('alex@example.com')); FROM queryAllPermissionsOfSubjectId(findRbacUser('alex@example.com'));
select * select *
@ -33,7 +33,7 @@ $$
userId uuid; userId uuid;
result bool; result bool;
BEGIN BEGIN
userId = findRbacUser('alex@hostsharing.net'); userId = findRbacUser('superuser-alex@hostsharing.net');
result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'add-package'), userId)); result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'add-package'), userId));
IF (result) THEN IF (result) THEN
RAISE EXCEPTION 'expected permission NOT to be granted, but it is'; RAISE EXCEPTION 'expected permission NOT to be granted, but it is';

View File

@ -38,7 +38,7 @@ CREATE OR REPLACE RULE "_RETURN" AS
SELECT * FROM customer WHERE isPermissionGrantedToSubject(findPermissionId('test_customer', id, 'view'), currentUserUuid()); SELECT * FROM customer WHERE isPermissionGrantedToSubject(findPermissionId('test_customer', id, 'view'), currentUserUuid());
SELECT * from cust_view LIMIT 10; SELECT * from cust_view LIMIT 10;
select queryAllPermissionsOfSubjectId(findRbacUser('alex@hostsharing.net')); select queryAllPermissionsOfSubjectId(findRbacUser('superuser-alex@hostsharing.net'));
-- access control via view-rule with join to recursive permissions - really fast (38ms for 1 million rows) -- access control via view-rule with join to recursive permissions - really fast (38ms for 1 million rows)
SET SESSION SESSION AUTHORIZATION DEFAULT; SET SESSION SESSION AUTHORIZATION DEFAULT;
@ -73,7 +73,7 @@ GRANT ALL PRIVILEGES ON cust_view TO restricted;
SET SESSION SESSION AUTHORIZATION restricted; SET SESSION SESSION AUTHORIZATION restricted;
-- SET hsadminng.currentUser TO 'alex@example.com'; -- SET hsadminng.currentUser TO 'alex@example.com';
SET hsadminng.currentUser TO 'alex@hostsharing.net'; SET hsadminng.currentUser TO 'superuser-alex@hostsharing.net';
-- SET hsadminng.currentUser TO 'aaaaouq@example.com'; -- SET hsadminng.currentUser TO 'aaaaouq@example.com';
SELECT * from cust_view where reference=1144150; SELECT * from cust_view where reference=1144150;

View File

@ -122,9 +122,10 @@ do language plpgsql $$
call defineContext('creating fake test-realm admin users', null, null, null); call defineContext('creating fake test-realm admin users', null, null, null);
admins = findRoleId(globalAdmin()); admins = findRoleId(globalAdmin());
call grantRoleToUserUnchecked(admins, admins, createRbacUser('alex@hostsharing.net')); call grantRoleToUserUnchecked(admins, admins, createRbacUser('superuser-alex@hostsharing.net'));
call grantRoleToUserUnchecked(admins, admins, createRbacUser('fran@hostsharing.net')); call grantRoleToUserUnchecked(admins, admins, createRbacUser('superuser-fran@hostsharing.net'));
perform createRbacUser('drew@hostsharing.org'); perform createRbacUser('selfregistered-user-drew@hostsharing.org');
perform createRbacUser('selfregistered-test-user@hostsharing.org');
end; end;
$$; $$;
--// --//
@ -142,15 +143,15 @@ do language plpgsql $$
declare declare
userName varchar; userName varchar;
begin begin
call defineContext('testing currentUserUuid', null, 'fran@hostsharing.net', null); call defineContext('testing currentUserUuid', null, 'superuser-fran@hostsharing.net', null);
select userName from RbacUser where uuid = currentUserUuid() into userName; select userName from RbacUser where uuid = currentUserUuid() into userName;
if userName <> 'fran@hostsharing.net' then if userName <> 'superuser-fran@hostsharing.net' then
raise exception 'setting or fetching initial currentUser failed, got: %', userName; raise exception 'setting or fetching initial currentUser failed, got: %', userName;
end if; end if;
call defineContext('testing currentUserUuid', null, 'alex@hostsharing.net', null); call defineContext('testing currentUserUuid', null, 'superuser-alex@hostsharing.net', null);
select userName from RbacUser where uuid = currentUserUuid() into userName; select userName from RbacUser where uuid = currentUserUuid() into userName;
if userName = 'alex@hostsharing.net' then if userName = 'superuser-alex@hostsharing.net' then
raise exception 'currentUser should not change in one transaction, but did change, got: %', userName; raise exception 'currentUser should not change in one transaction, but did change, got: %', userName;
end if; end if;
end; $$; end; $$;

View File

@ -30,7 +30,7 @@ declare
custAdminName varchar; custAdminName varchar;
begin begin
currentTask = 'creating RBAC test customer #' || custReference || '/' || custPrefix; currentTask = 'creating RBAC test customer #' || custReference || '/' || custPrefix;
call defineContext(currentTask, null, 'alex@hostsharing.net', 'global#global.admin'); call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global.admin');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
custRowId = uuid_generate_v4(); custRowId = uuid_generate_v4();

View File

@ -18,7 +18,7 @@ declare
begin begin
idName := cleanIdentifier( personTradeName|| '-' || contactLabel); idName := cleanIdentifier( personTradeName|| '-' || contactLabel);
currentTask := 'creating RBAC test partner ' || idName; currentTask := 'creating RBAC test partner ' || idName;
call defineContext(currentTask, null, 'alex@hostsharing.net', 'global#global.admin'); call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global.admin');
execute format('set local hsadminng.currentTask to %L', currentTask); execute format('set local hsadminng.currentTask to %L', currentTask);
select p.* from hs_office_person p where p.tradeName = personTradeName into relatedPerson; select p.* from hs_office_person p where p.tradeName = personTradeName into relatedPerson;

View File

@ -31,7 +31,7 @@ class ContextIntegrationTests {
@Test @Test
void defineWithoutHttpServletRequestUsesCallStack() { void defineWithoutHttpServletRequestUsesCallStack() {
context.define("alex@hostsharing.net", null); context.define("superuser-alex@hostsharing.net", null);
assertThat(context.getCurrentTask()) assertThat(context.getCurrentTask())
.isEqualTo("ContextIntegrationTests.defineWithoutHttpServletRequestUsesCallStack"); .isEqualTo("ContextIntegrationTests.defineWithoutHttpServletRequestUsesCallStack");
@ -41,11 +41,11 @@ class ContextIntegrationTests {
@Transactional @Transactional
void defineWithCurrentUserButWithoutAssumedRoles() { void defineWithCurrentUserButWithoutAssumedRoles() {
// when // when
context.define("alex@hostsharing.net"); context.define("superuser-alex@hostsharing.net");
// then // then
assertThat(context.getCurrentUser()). assertThat(context.getCurrentUser()).
isEqualTo("alex@hostsharing.net"); isEqualTo("superuser-alex@hostsharing.net");
assertThat(context.getCurrentUserUUid()).isNotNull(); assertThat(context.getCurrentUserUUid()).isNotNull();
@ -85,11 +85,11 @@ class ContextIntegrationTests {
@Transactional @Transactional
void defineWithCurrentUserAndAssumedRoles() { void defineWithCurrentUserAndAssumedRoles() {
// given // given
context.define("alex@hostsharing.net", "test_customer#xxx.owner;test_customer#yyy.owner"); context.define("superuser-alex@hostsharing.net", "test_customer#xxx.owner;test_customer#yyy.owner");
// when // when
final var currentUser = context.getCurrentUser(); final var currentUser = context.getCurrentUser();
assertThat(currentUser).isEqualTo("alex@hostsharing.net"); assertThat(currentUser).isEqualTo("superuser-alex@hostsharing.net");
// then // then
assertThat(context.getAssumedRoles()) assertThat(context.getAssumedRoles())

View File

@ -61,7 +61,7 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canCreateNewContact() { public void globalAdmin_withoutAssumedRole_canCreateNewContact() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var count = contactRepo.count(); final var count = contactRepo.count();
// when // when
@ -79,7 +79,7 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void arbitraryUser_canCreateNewContact() { public void arbitraryUser_canCreateNewContact() {
// given // given
context("drew@hostsharing.org"); context("selfregistered-user-drew@hostsharing.org");
final var count = contactRepo.count(); final var count = contactRepo.count();
// when // when
@ -96,7 +96,7 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void createsAndGrantsRoles() { public void createsAndGrantsRoles() {
// given // given
context("drew@hostsharing.org"); context("selfregistered-user-drew@hostsharing.org");
final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll()); final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll()); final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
@ -121,7 +121,7 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
"{ grant perm * on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.owner by system and assume }", "{ grant perm * on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.owner by system and assume }",
"{ grant role hs_office_contact#anothernewcontact.admin to role hs_office_contact#anothernewcontact.owner by system and assume }", "{ grant role hs_office_contact#anothernewcontact.admin to role hs_office_contact#anothernewcontact.owner by system and assume }",
"{ grant perm view on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.tenant by system and assume }", "{ grant perm view on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.tenant by system and assume }",
"{ grant role hs_office_contact#anothernewcontact.owner to user drew@hostsharing.org by global#global.admin and assume }" "{ grant role hs_office_contact#anothernewcontact.owner to user selfregistered-user-drew@hostsharing.org by global#global.admin and assume }"
)); ));
} }
@ -137,7 +137,7 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllContacts() { public void globalAdmin_withoutAssumedRole_canViewAllContacts() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
// when // when
final var result = contactRepo.findContactByOptionalLabelLike(null); final var result = contactRepo.findContactByOptionalLabelLike(null);
@ -149,10 +149,10 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void arbitraryUser_canViewOnlyItsOwnContact() { public void arbitraryUser_canViewOnlyItsOwnContact() {
// given: // given:
final var givenContact = givenSomeTemporaryContact("drew@hostsharing.org"); final var givenContact = givenSomeTemporaryContact("selfregistered-user-drew@hostsharing.org");
// when: // when:
context("drew@hostsharing.org"); context("selfregistered-user-drew@hostsharing.org");
final var result = contactRepo.findContactByOptionalLabelLike(null); final var result = contactRepo.findContactByOptionalLabelLike(null);
// then: // then:
@ -166,7 +166,7 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllContacts() { public void globalAdmin_withoutAssumedRole_canViewAllContacts() {
// given // given
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
// when // when
final var result = contactRepo.findContactByOptionalLabelLike("second"); final var result = contactRepo.findContactByOptionalLabelLike("second");
@ -178,10 +178,10 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void arbitraryUser_withoutAssumedRole_canViewOnlyItsOwnContact() { public void arbitraryUser_withoutAssumedRole_canViewOnlyItsOwnContact() {
// given: // given:
final var givenContact = givenSomeTemporaryContact("drew@hostsharing.org"); final var givenContact = givenSomeTemporaryContact("selfregistered-user-drew@hostsharing.org");
// when: // when:
context("drew@hostsharing.org"); context("selfregistered-user-drew@hostsharing.org");
final var result = contactRepo.findContactByOptionalLabelLike(givenContact.getLabel()); final var result = contactRepo.findContactByOptionalLabelLike(givenContact.getLabel());
// then: // then:
@ -195,19 +195,19 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canDeleteAnyContact() { public void globalAdmin_withoutAssumedRole_canDeleteAnyContact() {
// given // given
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
final var givenContact = givenSomeTemporaryContact("drew@hostsharing.org"); final var givenContact = givenSomeTemporaryContact("selfregistered-user-drew@hostsharing.org");
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
contactRepo.deleteByUuid(givenContact.getUuid()); contactRepo.deleteByUuid(givenContact.getUuid());
}); });
// then // then
result.assertSuccessful(); result.assertSuccessful();
assertThat(jpaAttempt.transacted(() -> { assertThat(jpaAttempt.transacted(() -> {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
return contactRepo.findContactByOptionalLabelLike(givenContact.getLabel()); return contactRepo.findContactByOptionalLabelLike(givenContact.getLabel());
}).assertSuccessful().returnedValue()).hasSize(0); }).assertSuccessful().returnedValue()).hasSize(0);
} }
@ -215,18 +215,18 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void arbitraryUser_withoutAssumedRole_canDeleteAContactCreatedByItself() { public void arbitraryUser_withoutAssumedRole_canDeleteAContactCreatedByItself() {
// given // given
final var givenContact = givenSomeTemporaryContact("drew@hostsharing.org"); final var givenContact = givenSomeTemporaryContact("selfregistered-user-drew@hostsharing.org");
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("drew@hostsharing.org", null); context("selfregistered-user-drew@hostsharing.org", null);
contactRepo.deleteByUuid(givenContact.getUuid()); contactRepo.deleteByUuid(givenContact.getUuid());
}); });
// then // then
result.assertSuccessful(); result.assertSuccessful();
assertThat(jpaAttempt.transacted(() -> { assertThat(jpaAttempt.transacted(() -> {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
return contactRepo.findContactByOptionalLabelLike(givenContact.getLabel()); return contactRepo.findContactByOptionalLabelLike(givenContact.getLabel());
}).assertSuccessful().returnedValue()).hasSize(0); }).assertSuccessful().returnedValue()).hasSize(0);
} }
@ -234,10 +234,10 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void deletingAContactAlsoDeletesRelatedRolesAndGrants() { public void deletingAContactAlsoDeletesRelatedRolesAndGrants() {
// given // given
context("drew@hostsharing.org", null); context("selfregistered-user-drew@hostsharing.org", null);
final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll()); final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll()); final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
final var givenContact = givenSomeTemporaryContact("drew@hostsharing.org"); final var givenContact = givenSomeTemporaryContact("selfregistered-user-drew@hostsharing.org");
assumeThat(rawRoleRepo.findAll().size()).as("unexpected number of roles created") assumeThat(rawRoleRepo.findAll().size()).as("unexpected number of roles created")
.isEqualTo(initialRoleNames.size() + 3); .isEqualTo(initialRoleNames.size() + 3);
assumeThat(rawGrantRepo.findAll().size()).as("unexpected number of grants created") assumeThat(rawGrantRepo.findAll().size()).as("unexpected number of grants created")
@ -245,7 +245,7 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("drew@hostsharing.org", null); context("selfregistered-user-drew@hostsharing.org", null);
return contactRepo.deleteByUuid(givenContact.getUuid()); return contactRepo.deleteByUuid(givenContact.getUuid());
}); });
@ -272,7 +272,7 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
@AfterEach @AfterEach
void cleanup() { void cleanup() {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
final var result = contactRepo.findContactByOptionalLabelLike("some temporary contact"); final var result = contactRepo.findContactByOptionalLabelLike("some temporary contact");
result.forEach(tempPerson -> { result.forEach(tempPerson -> {
System.out.println("DELETING temporary contact: " + tempPerson.getLabel()); System.out.println("DELETING temporary contact: " + tempPerson.getLabel());

View File

@ -59,7 +59,7 @@ class HsOfficePartnerControllerAcceptanceTest {
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/hs/office/partners") .get("http://localhost/api/hs/office/partners")
@ -120,7 +120,7 @@ class HsOfficePartnerControllerAcceptanceTest {
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body(jsonObject(NEW_PARTNER_JSON_WITHOUT_UUID) .body(jsonObject(NEW_PARTNER_JSON_WITHOUT_UUID)
.with("uuid", givenUUID.toString()).toString()) .with("uuid", givenUUID.toString()).toString())
@ -141,7 +141,7 @@ class HsOfficePartnerControllerAcceptanceTest {
final var newUserUuid = UUID.fromString( final var newUserUuid = UUID.fromString(
location.substring(location.lastIndexOf('/') + 1)); location.substring(location.lastIndexOf('/') + 1));
assertThat(newUserUuid).isEqualTo(givenUUID); assertThat(newUserUuid).isEqualTo(givenUUID);
context.define("alex@hostsharing.net"); context.define("superuser-alex@hostsharing.net");
assertThat(partnerRepo.findByUuid(newUserUuid)) assertThat(partnerRepo.findByUuid(newUserUuid))
.hasValueSatisfying(c -> assertThat(c.getPerson().getTradeName()).isEqualTo("Test Corp.")); .hasValueSatisfying(c -> assertThat(c.getPerson().getTradeName()).isEqualTo("Test Corp."));
} }
@ -151,7 +151,7 @@ class HsOfficePartnerControllerAcceptanceTest {
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body(NEW_PARTNER_JSON_WITHOUT_UUID) .body(NEW_PARTNER_JSON_WITHOUT_UUID)
.port(port) .port(port)
@ -179,12 +179,12 @@ class HsOfficePartnerControllerAcceptanceTest {
@Test @Test
void globalAdmin_withoutAssumedRole_canGetArbitraryPartner() { void globalAdmin_withoutAssumedRole_canGetArbitraryPartner() {
context.define("alex@hostsharing.net"); context.define("superuser-alex@hostsharing.net");
final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("First").get(0).getUuid(); final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("First").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/hs/office/partners/" + givenPartnerUuid) .get("http://localhost/api/hs/office/partners/" + givenPartnerUuid)
@ -202,12 +202,12 @@ class HsOfficePartnerControllerAcceptanceTest {
@Test @Test
@Accepts({ "Partner:X(Access Control)" }) @Accepts({ "Partner:X(Access Control)" })
void normalUser_canNotGetUnrelatedPartner() { void normalUser_canNotGetUnrelatedPartner() {
context.define("alex@hostsharing.net"); context.define("superuser-alex@hostsharing.net");
final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("First").get(0).getUuid(); final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("First").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-user", "drew@hostsharing.org") .header("current-user", "selfregistered-user-drew@hostsharing.org")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/hs/office/partners/" + givenPartnerUuid) .get("http://localhost/api/hs/office/partners/" + givenPartnerUuid)
@ -218,7 +218,7 @@ class HsOfficePartnerControllerAcceptanceTest {
@Test @Test
@Accepts({ "Partner:X(Access Control)" }) @Accepts({ "Partner:X(Access Control)" })
void contactAdminUser_canGetRelatedPartner() { void contactAdminUser_canGetRelatedPartner() {
context.define("alex@hostsharing.net"); context.define("superuser-alex@hostsharing.net");
final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("first contact").get(0).getUuid(); final var givenPartnerUuid = partnerRepo.findPartnerByOptionalNameLike("first contact").get(0).getUuid();
RestAssured // @formatter:off RestAssured // @formatter:off
@ -248,7 +248,7 @@ class HsOfficePartnerControllerAcceptanceTest {
void cleanup() { void cleanup() {
tempPartnerUuids.forEach(uuid -> { tempPartnerUuids.forEach(uuid -> {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("alex@hostsharing.net", null); context.define("superuser-alex@hostsharing.net", null);
System.out.println("DELETING temporary partner: " + uuid); System.out.println("DELETING temporary partner: " + uuid);
final var count = partnerRepo.deleteByUuid(uuid); final var count = partnerRepo.deleteByUuid(uuid);
assertThat(count).isGreaterThan(0); assertThat(count).isGreaterThan(0);

View File

@ -69,7 +69,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void testHostsharingAdmin_withoutAssumedRole_canCreateNewPartner() { public void testHostsharingAdmin_withoutAssumedRole_canCreateNewPartner() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var count = partnerRepo.count(); final var count = partnerRepo.count();
final var givenPerson = personRepo.findPersonByOptionalNameLike("First Impressions GmbH").get(0); final var givenPerson = personRepo.findPersonByOptionalNameLike("First Impressions GmbH").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("first contact").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("first contact").get(0);
@ -94,7 +94,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void createsAndGrantsRoles() { public void createsAndGrantsRoles() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll()); final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll()); final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
@ -142,7 +142,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllPartners() { public void globalAdmin_withoutAssumedRole_canViewAllPartners() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
// when // when
final var result = partnerRepo.findPartnerByOptionalNameLike(null); final var result = partnerRepo.findPartnerByOptionalNameLike(null);
@ -170,7 +170,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllPartners() { public void globalAdmin_withoutAssumedRole_canViewAllPartners() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
// when // when
final var result = partnerRepo.findPartnerByOptionalNameLike("Ostfriesische"); final var result = partnerRepo.findPartnerByOptionalNameLike("Ostfriesische");
@ -186,19 +186,19 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canDeleteAnyPartner() { public void globalAdmin_withoutAssumedRole_canDeleteAnyPartner() {
// given // given
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
final var givenPartner = givenSomeTemporaryPartnerBessler(); final var givenPartner = givenSomeTemporaryPartnerBessler();
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
partnerRepo.deleteByUuid(givenPartner.getUuid()); partnerRepo.deleteByUuid(givenPartner.getUuid());
}); });
// then // then
result.assertSuccessful(); result.assertSuccessful();
assertThat(jpaAttempt.transacted(() -> { assertThat(jpaAttempt.transacted(() -> {
context("fran@hostsharing.net", null); context("superuser-fran@hostsharing.net", null);
return partnerRepo.findByUuid(givenPartner.getUuid()); return partnerRepo.findByUuid(givenPartner.getUuid());
}).assertSuccessful().returnedValue()).isEmpty(); }).assertSuccessful().returnedValue()).isEmpty();
} }
@ -206,7 +206,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void nonGlobalAdmin_canNotDeleteTheirRelatedPartner() { public void nonGlobalAdmin_canNotDeleteTheirRelatedPartner() {
// given // given
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
final var givenPartner = toCleanup(givenSomeTemporaryPartnerBessler()); final var givenPartner = toCleanup(givenSomeTemporaryPartnerBessler());
// when // when
@ -222,7 +222,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
JpaSystemException.class, JpaSystemException.class,
"[403] User person-ErbenBesslerMelBessler@example.com not allowed to delete partner"); "[403] User person-ErbenBesslerMelBessler@example.com not allowed to delete partner");
assertThat(jpaAttempt.transacted(() -> { assertThat(jpaAttempt.transacted(() -> {
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
return partnerRepo.findByUuid(givenPartner.getUuid()); return partnerRepo.findByUuid(givenPartner.getUuid());
}).assertSuccessful().returnedValue()).isPresent(); // still there }).assertSuccessful().returnedValue()).isPresent(); // still there
} }
@ -230,7 +230,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void deletingAPartnerAlsoDeletesRelatedRolesAndGrants() { public void deletingAPartnerAlsoDeletesRelatedRolesAndGrants() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var initialRoleNames = Array.from(roleNamesOf(rawRoleRepo.findAll())); final var initialRoleNames = Array.from(roleNamesOf(rawRoleRepo.findAll()));
final var initialGrantNames = Array.from(grantDisplaysOf(rawGrantRepo.findAll())); final var initialGrantNames = Array.from(grantDisplaysOf(rawGrantRepo.findAll()));
final var givenPartner = givenSomeTemporaryPartnerBessler(); final var givenPartner = givenSomeTemporaryPartnerBessler();
@ -241,7 +241,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
return partnerRepo.deleteByUuid(givenPartner.getUuid()); return partnerRepo.deleteByUuid(givenPartner.getUuid());
}); });
@ -255,7 +255,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
private HsOfficePartnerEntity givenSomeTemporaryPartnerBessler() { private HsOfficePartnerEntity givenSomeTemporaryPartnerBessler() {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var givenPerson = personRepo.findPersonByOptionalNameLike("Erben Bessler").get(0); final var givenPerson = personRepo.findPersonByOptionalNameLike("Erben Bessler").get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike("forth contact").get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike("forth contact").get(0);
final var newPartner = HsOfficePartnerEntity.builder() final var newPartner = HsOfficePartnerEntity.builder()
@ -275,7 +275,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
@AfterEach @AfterEach
void cleanup() { void cleanup() {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
tempPartners.forEach(tempPartner -> { tempPartners.forEach(tempPartner -> {
System.out.println("DELETING temporary partner: " + tempPartner.getDisplayName()); System.out.println("DELETING temporary partner: " + tempPartner.getDisplayName());
final var count = partnerRepo.deleteByUuid(tempPartner.getUuid()); final var count = partnerRepo.deleteByUuid(tempPartner.getUuid());

View File

@ -57,7 +57,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canCreateNewPerson() { public void globalAdmin_withoutAssumedRole_canCreateNewPerson() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var count = personRepo.count(); final var count = personRepo.count();
// when // when
@ -75,7 +75,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void arbitraryUser_canCreateNewPerson() { public void arbitraryUser_canCreateNewPerson() {
// given // given
context("drew@hostsharing.org"); context("selfregistered-user-drew@hostsharing.org");
final var count = personRepo.count(); final var count = personRepo.count();
// when // when
@ -92,7 +92,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void createsAndGrantsRoles() { public void createsAndGrantsRoles() {
// given // given
context("drew@hostsharing.org"); context("selfregistered-user-drew@hostsharing.org");
final var count = personRepo.count(); final var count = personRepo.count();
final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll()); final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll()); final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
@ -119,7 +119,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
"{ grant perm * on hs_office_person#anothernewperson to role hs_office_person#anothernewperson.owner by system and assume }", "{ grant perm * on hs_office_person#anothernewperson to role hs_office_person#anothernewperson.owner by system and assume }",
"{ grant role hs_office_person#anothernewperson.admin to role hs_office_person#anothernewperson.owner by system and assume }", "{ grant role hs_office_person#anothernewperson.admin to role hs_office_person#anothernewperson.owner by system and assume }",
"{ grant perm view on hs_office_person#anothernewperson to role hs_office_person#anothernewperson.tenant by system and assume }", "{ grant perm view on hs_office_person#anothernewperson to role hs_office_person#anothernewperson.tenant by system and assume }",
"{ grant role hs_office_person#anothernewperson.owner to user drew@hostsharing.org by global#global.admin and assume }" "{ grant role hs_office_person#anothernewperson.owner to user selfregistered-user-drew@hostsharing.org by global#global.admin and assume }"
)); ));
} }
@ -135,7 +135,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllPersons() { public void globalAdmin_withoutAssumedRole_canViewAllPersons() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
// when // when
final var result = personRepo.findPersonByOptionalNameLike(null); final var result = personRepo.findPersonByOptionalNameLike(null);
@ -169,7 +169,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllPersons() { public void globalAdmin_withoutAssumedRole_canViewAllPersons() {
// given // given
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
// when // when
final var result = personRepo.findPersonByOptionalNameLike("Rockshop"); final var result = personRepo.findPersonByOptionalNameLike("Rockshop");
@ -181,10 +181,10 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void arbitraryUser_withoutAssumedRole_canViewOnlyItsOwnPerson() { public void arbitraryUser_withoutAssumedRole_canViewOnlyItsOwnPerson() {
// given: // given:
final var givenPerson = givenSomeTemporaryPerson("drew@hostsharing.org"); final var givenPerson = givenSomeTemporaryPerson("selfregistered-user-drew@hostsharing.org");
// when: // when:
context("drew@hostsharing.org"); context("selfregistered-user-drew@hostsharing.org");
final var result = personRepo.findPersonByOptionalNameLike(givenPerson.getTradeName()); final var result = personRepo.findPersonByOptionalNameLike(givenPerson.getTradeName());
// then: // then:
@ -198,18 +198,18 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canDeleteAnyPerson() { public void globalAdmin_withoutAssumedRole_canDeleteAnyPerson() {
// given // given
final var givenPerson = givenSomeTemporaryPerson("drew@hostsharing.org"); final var givenPerson = givenSomeTemporaryPerson("selfregistered-user-drew@hostsharing.org");
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
personRepo.deleteByUuid(givenPerson.getUuid()); personRepo.deleteByUuid(givenPerson.getUuid());
}); });
// then // then
result.assertSuccessful(); result.assertSuccessful();
assertThat(jpaAttempt.transacted(() -> { assertThat(jpaAttempt.transacted(() -> {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
return personRepo.findPersonByOptionalNameLike(givenPerson.getTradeName()); return personRepo.findPersonByOptionalNameLike(givenPerson.getTradeName());
}).assertSuccessful().returnedValue()).hasSize(0); }).assertSuccessful().returnedValue()).hasSize(0);
} }
@ -217,18 +217,18 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void arbitraryUser_withoutAssumedRole_canDeleteAPersonCreatedByItself() { public void arbitraryUser_withoutAssumedRole_canDeleteAPersonCreatedByItself() {
// given // given
final var givenPerson = givenSomeTemporaryPerson("drew@hostsharing.org"); final var givenPerson = givenSomeTemporaryPerson("selfregistered-user-drew@hostsharing.org");
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("drew@hostsharing.org", null); context("selfregistered-user-drew@hostsharing.org", null);
personRepo.deleteByUuid(givenPerson.getUuid()); personRepo.deleteByUuid(givenPerson.getUuid());
}); });
// then // then
result.assertSuccessful(); result.assertSuccessful();
assertThat(jpaAttempt.transacted(() -> { assertThat(jpaAttempt.transacted(() -> {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
return personRepo.findPersonByOptionalNameLike(givenPerson.getTradeName()); return personRepo.findPersonByOptionalNameLike(givenPerson.getTradeName());
}).assertSuccessful().returnedValue()).hasSize(0); }).assertSuccessful().returnedValue()).hasSize(0);
} }
@ -238,10 +238,10 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void deletingAPersonAlsoDeletesRelatedRolesAndGrants() { public void deletingAPersonAlsoDeletesRelatedRolesAndGrants() {
// given // given
context("drew@hostsharing.org", null); context("selfregistered-user-drew@hostsharing.org", null);
final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll()); final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll()); final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
final var givenPerson = givenSomeTemporaryPerson("drew@hostsharing.org"); final var givenPerson = givenSomeTemporaryPerson("selfregistered-user-drew@hostsharing.org");
assumeThat(rawRoleRepo.findAll().size()).as("unexpected number of roles created") assumeThat(rawRoleRepo.findAll().size()).as("unexpected number of roles created")
.isEqualTo(initialRoleNames.size() + 3); .isEqualTo(initialRoleNames.size() + 3);
assumeThat(rawGrantRepo.findAll().size()).as("unexpected number of grants created") assumeThat(rawGrantRepo.findAll().size()).as("unexpected number of grants created")
@ -249,7 +249,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("drew@hostsharing.org", null); context("selfregistered-user-drew@hostsharing.org", null);
return personRepo.deleteByUuid(givenPerson.getUuid()); return personRepo.deleteByUuid(givenPerson.getUuid());
}); });
@ -263,7 +263,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTest {
@AfterEach @AfterEach
void cleanup() { void cleanup() {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
final var result = personRepo.findPersonByOptionalNameLike("some temporary person"); final var result = personRepo.findPersonByOptionalNameLike("some temporary person");
result.forEach(tempPerson -> { result.forEach(tempPerson -> {
System.out.println("DELETING temporary person: " + tempPerson.getDisplayName()); System.out.println("DELETING temporary person: " + tempPerson.getDisplayName());

View File

@ -64,7 +64,7 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest {
void globalAdmin_withoutAssumedRole_canViewAllGrants() { void globalAdmin_withoutAssumedRole_canViewAllGrants() {
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/rbac/grants") .get("http://localhost/api/rbac/grants")
@ -89,7 +89,7 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest {
allOf( allOf(
hasEntry("grantedByRoleIdName", "global#global.admin"), hasEntry("grantedByRoleIdName", "global#global.admin"),
hasEntry("grantedRoleIdName", "global#global.admin"), hasEntry("grantedRoleIdName", "global#global.admin"),
hasEntry("granteeUserName", "fran@hostsharing.net") hasEntry("granteeUserName", "superuser-fran@hostsharing.net")
) )
)) ))
.body("", hasItem( .body("", hasItem(
@ -115,7 +115,7 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest {
void globalAdmin_withAssumedPackageAdminRole_canViewPacketRelatedGrants() { void globalAdmin_withAssumedPackageAdminRole_canViewPacketRelatedGrants() {
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_package#yyy00.admin") .header("assumed-roles", "test_package#yyy00.admin")
.port(port) .port(port)
.when() .when()
@ -500,14 +500,14 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest {
RbacUserEntity findRbacUserByName(final String userName) { RbacUserEntity findRbacUserByName(final String userName) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
return rbacUserRepository.findByName(userName); return rbacUserRepository.findByName(userName);
}).returnedValue(); }).returnedValue();
} }
RbacRoleEntity findRbacRoleByName(final String roleName) { RbacRoleEntity findRbacRoleByName(final String roleName) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
return rbacRoleRepository.findByRoleName(roleName); return rbacRoleRepository.findByRoleName(roleName);
}).returnedValue(); }).returnedValue();
} }

View File

@ -43,7 +43,7 @@ class RbacRoleControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/rbac/roles") .get("http://localhost/api/rbac/roles")
@ -69,7 +69,7 @@ class RbacRoleControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_package#yyy00.admin") .header("assumed-roles", "test_package#yyy00.admin")
.port(port) .port(port)
.when() .when()

View File

@ -37,7 +37,7 @@ class RbacRoleControllerRestTest {
// when // when
mockMvc.perform(MockMvcRequestBuilders mockMvc.perform(MockMvcRequestBuilders
.get("/api/rbac/roles") .get("/api/rbac/roles")
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.accept(MediaType.APPLICATION_JSON)) .accept(MediaType.APPLICATION_JSON))
// then // then

View File

@ -59,7 +59,7 @@ class RbacRoleRepositoryIntegrationTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllRbacRoles() { public void globalAdmin_withoutAssumedRole_canViewAllRbacRoles() {
// given // given
context.define("alex@hostsharing.net"); context.define("superuser-alex@hostsharing.net");
// when // when
final var result = rbacRoleRepository.findAll(); final var result = rbacRoleRepository.findAll();
@ -71,7 +71,7 @@ class RbacRoleRepositoryIntegrationTest {
@Test @Test
public void globalAdmin_withAssumedglobalAdminRole_canViewAllRbacRoles() { public void globalAdmin_withAssumedglobalAdminRole_canViewAllRbacRoles() {
given: given:
context.define("alex@hostsharing.net", "global#global.admin"); context.define("superuser-alex@hostsharing.net", "global#global.admin");
// when // when
final var result = rbacRoleRepository.findAll(); final var result = rbacRoleRepository.findAll();

View File

@ -88,7 +88,7 @@ class RbacUserControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/rbac/users/" + givenUser.getUuid()) .get("http://localhost/api/rbac/users/" + givenUser.getUuid())
@ -107,7 +107,7 @@ class RbacUserControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#yyy.admin") .header("assumed-roles", "test_customer#yyy.admin")
.port(port) .port(port)
.when() .when()
@ -166,7 +166,7 @@ class RbacUserControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/rbac/users") .get("http://localhost/api/rbac/users")
@ -176,11 +176,11 @@ class RbacUserControllerAcceptanceTest {
.body("", hasItem(hasEntry("name", "customer-admin@xxx.example.com"))) .body("", hasItem(hasEntry("name", "customer-admin@xxx.example.com")))
.body("", hasItem(hasEntry("name", "customer-admin@yyy.example.com"))) .body("", hasItem(hasEntry("name", "customer-admin@yyy.example.com")))
.body("", hasItem(hasEntry("name", "customer-admin@zzz.example.com"))) .body("", hasItem(hasEntry("name", "customer-admin@zzz.example.com")))
.body("", hasItem(hasEntry("name", "alex@hostsharing.net"))) .body("", hasItem(hasEntry("name", "superuser-alex@hostsharing.net")))
// ... // ...
.body("", hasItem(hasEntry("name", "pac-admin-zzz01@zzz.example.com"))) .body("", hasItem(hasEntry("name", "pac-admin-zzz01@zzz.example.com")))
.body("", hasItem(hasEntry("name", "pac-admin-zzz02@zzz.example.com"))) .body("", hasItem(hasEntry("name", "pac-admin-zzz02@zzz.example.com")))
.body("", hasItem(hasEntry("name", "fran@hostsharing.net"))) .body("", hasItem(hasEntry("name", "superuser-fran@hostsharing.net")))
.body("size()", greaterThanOrEqualTo(14)); .body("size()", greaterThanOrEqualTo(14));
// @formatter:on // @formatter:on
} }
@ -192,7 +192,7 @@ class RbacUserControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/rbac/users?name=pac-admin-zzz0") .get("http://localhost/api/rbac/users?name=pac-admin-zzz0")
@ -213,7 +213,7 @@ class RbacUserControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#yyy.admin") .header("assumed-roles", "test_customer#yyy.admin")
.port(port) .port(port)
.when() .when()
@ -282,7 +282,7 @@ class RbacUserControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/rbac/users/" + givenUser.getUuid() + "/permissions") .get("http://localhost/api/rbac/users/" + givenUser.getUuid() + "/permissions")
@ -316,7 +316,7 @@ class RbacUserControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_package#yyy00.admin") .header("assumed-roles", "test_package#yyy00.admin")
.port(port) .port(port)
.when() .when()
@ -455,7 +455,7 @@ class RbacUserControllerAcceptanceTest {
// @formatter:off // @formatter:off
final var location = RestAssured final var location = RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.delete("http://localhost/api/rbac/users/" + givenUser.getUuid()) .delete("http://localhost/api/rbac/users/" + givenUser.getUuid())
@ -470,7 +470,7 @@ class RbacUserControllerAcceptanceTest {
RbacUserEntity findRbacUserByName(final String userName) { RbacUserEntity findRbacUserByName(final String userName) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context.define("alex@hostsharing.net"); context.define("superuser-alex@hostsharing.net");
return rbacUserRepository.findByName(userName); return rbacUserRepository.findByName(userName);
}).returnedValue(); }).returnedValue();
} }

View File

@ -99,7 +99,7 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest {
private static final String[] ALL_TEST_DATA_USERS = Array.of( private static final String[] ALL_TEST_DATA_USERS = Array.of(
// @formatter:off // @formatter:off
"alex@hostsharing.net", "fran@hostsharing.net", "superuser-alex@hostsharing.net", "superuser-fran@hostsharing.net",
"customer-admin@xxx.example.com", "customer-admin@xxx.example.com",
"pac-admin-xxx00@xxx.example.com", "pac-admin-xxx01@xxx.example.com", "pac-admin-xxx02@xxx.example.com", "pac-admin-xxx00@xxx.example.com", "pac-admin-xxx01@xxx.example.com", "pac-admin-xxx02@xxx.example.com",
"customer-admin@yyy.example.com", "customer-admin@yyy.example.com",
@ -112,7 +112,7 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllRbacUsers() { public void globalAdmin_withoutAssumedRole_canViewAllRbacUsers() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
// when // when
final var result = rbacUserRepository.findByOptionalNameLike(null); final var result = rbacUserRepository.findByOptionalNameLike(null);
@ -124,7 +124,7 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withAssumedglobalAdminRole_canViewAllRbacUsers() { public void globalAdmin_withAssumedglobalAdminRole_canViewAllRbacUsers() {
given: given:
context("alex@hostsharing.net", "global#global.admin"); context("superuser-alex@hostsharing.net", "global#global.admin");
// when // when
final var result = rbacUserRepository.findByOptionalNameLike(null); final var result = rbacUserRepository.findByOptionalNameLike(null);
@ -136,7 +136,7 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withAssumedCustomerAdminRole_canViewOnlyUsersHavingRolesInThatCustomersRealm() { public void globalAdmin_withAssumedCustomerAdminRole_canViewOnlyUsersHavingRolesInThatCustomersRealm() {
given: given:
context("alex@hostsharing.net", "test_customer#xxx.admin"); context("superuser-alex@hostsharing.net", "test_customer#xxx.admin");
// when // when
final var result = rbacUserRepository.findByOptionalNameLike(null); final var result = rbacUserRepository.findByOptionalNameLike(null);
@ -239,10 +239,10 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewTheirOwnPermissions() { public void globalAdmin_withoutAssumedRole_canViewTheirOwnPermissions() {
// given // given
context("alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
// when // when
final var result = rbacUserRepository.findPermissionsOfUserByUuid(userUUID("alex@hostsharing.net")); final var result = rbacUserRepository.findPermissionsOfUserByUuid(userUUID("superuser-alex@hostsharing.net"));
// then // then
allTheseRbacPermissionsAreReturned(result, ALL_USER_PERMISSIONS); allTheseRbacPermissionsAreReturned(result, ALL_USER_PERMISSIONS);
@ -294,7 +294,7 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest {
public void customerAdmin_withoutAssumedRole_isNotAllowedToViewGlobalAdminsPermissions() { public void customerAdmin_withoutAssumedRole_isNotAllowedToViewGlobalAdminsPermissions() {
// given // given
context("customer-admin@xxx.example.com"); context("customer-admin@xxx.example.com");
final UUID userUuid = userUUID("alex@hostsharing.net"); final UUID userUuid = userUUID("superuser-alex@hostsharing.net");
// when // when
final var result = attempt(em, () -> final var result = attempt(em, () ->

View File

@ -42,7 +42,7 @@ class TestCustomerControllerAcceptanceTest {
void globalAdmin_withoutAssumedRoles_canViewAllCustomers_ifNoCriteriaGiven() { void globalAdmin_withoutAssumedRoles_canViewAllCustomers_ifNoCriteriaGiven() {
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/test/customers") .get("http://localhost/api/test/customers")
@ -60,7 +60,7 @@ class TestCustomerControllerAcceptanceTest {
void globalAdmin_withoutAssumedRoles_canViewMatchingCustomers_ifCriteriaGiven() { void globalAdmin_withoutAssumedRoles_canViewMatchingCustomers_ifCriteriaGiven() {
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.port(port) .port(port)
.when() .when()
.get("http://localhost/api/test/customers?prefix=y") .get("http://localhost/api/test/customers?prefix=y")
@ -76,7 +76,7 @@ class TestCustomerControllerAcceptanceTest {
void globalAdmin_withoutAssumedCustomerAdminRole_canOnlyViewOwnCustomer() { void globalAdmin_withoutAssumedCustomerAdminRole_canOnlyViewOwnCustomer() {
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#yyy.admin") .header("assumed-roles", "test_customer#yyy.admin")
.port(port) .port(port)
.when() .when()
@ -114,7 +114,7 @@ class TestCustomerControllerAcceptanceTest {
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body(""" .body("""
{ {
@ -148,7 +148,7 @@ class TestCustomerControllerAcceptanceTest {
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body(""" .body("""
{ {
@ -184,7 +184,7 @@ class TestCustomerControllerAcceptanceTest {
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#xxx.admin") .header("assumed-roles", "test_customer#xxx.admin")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body(""" .body("""
@ -205,7 +205,7 @@ class TestCustomerControllerAcceptanceTest {
// @formatter:on // @formatter:on
// finally, the new customer was not created // finally, the new customer was not created
context.define("fran@hostsharing.net"); context.define("superuser-fran@hostsharing.net");
assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0); assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0);
} }
@ -234,7 +234,7 @@ class TestCustomerControllerAcceptanceTest {
// @formatter:on // @formatter:on
// finally, the new customer was not created // finally, the new customer was not created
context.define("fran@hostsharing.net"); context.define("superuser-fran@hostsharing.net");
assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0); assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0);
} }
} }

View File

@ -39,7 +39,7 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canCreateNewCustomer() { public void globalAdmin_withoutAssumedRole_canCreateNewCustomer() {
// given // given
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
final var count = testCustomerRepository.count(); final var count = testCustomerRepository.count();
// when // when
@ -60,7 +60,7 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withAssumedCustomerRole_cannotCreateNewCustomer() { public void globalAdmin_withAssumedCustomerRole_cannotCreateNewCustomer() {
// given // given
context("alex@hostsharing.net", "test_customer#xxx.admin"); context("superuser-alex@hostsharing.net", "test_customer#xxx.admin");
// when // when
final var result = attempt(em, () -> { final var result = attempt(em, () -> {
@ -106,7 +106,7 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllCustomers() { public void globalAdmin_withoutAssumedRole_canViewAllCustomers() {
// given // given
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
// when // when
final var result = testCustomerRepository.findCustomerByOptionalPrefixLike(null); final var result = testCustomerRepository.findCustomerByOptionalPrefixLike(null);
@ -118,7 +118,7 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withAssumedglobalAdminRole_canViewAllCustomers() { public void globalAdmin_withAssumedglobalAdminRole_canViewAllCustomers() {
given: given:
context("alex@hostsharing.net", "global#global.admin"); context("superuser-alex@hostsharing.net", "global#global.admin");
// when // when
final var result = testCustomerRepository.findCustomerByOptionalPrefixLike(null); final var result = testCustomerRepository.findCustomerByOptionalPrefixLike(null);
@ -155,7 +155,7 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canViewAllCustomers() { public void globalAdmin_withoutAssumedRole_canViewAllCustomers() {
// given // given
context("alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
// when // when
final var result = testCustomerRepository.findCustomerByOptionalPrefixLike("yyy"); final var result = testCustomerRepository.findCustomerByOptionalPrefixLike("yyy");

View File

@ -43,7 +43,7 @@ class TestPackageControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#xxx.admin") .header("assumed-roles", "test_customer#xxx.admin")
.port(port) .port(port)
.when() .when()
@ -65,7 +65,7 @@ class TestPackageControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#xxx.admin") .header("assumed-roles", "test_customer#xxx.admin")
.port(port) .port(port)
.when() .when()
@ -93,7 +93,7 @@ class TestPackageControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#xxx.admin") .header("assumed-roles", "test_customer#xxx.admin")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body(format(""" .body(format("""
@ -123,7 +123,7 @@ class TestPackageControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#xxx.admin") .header("assumed-roles", "test_customer#xxx.admin")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body(""" .body("""
@ -152,7 +152,7 @@ class TestPackageControllerAcceptanceTest {
// @formatter:off // @formatter:off
RestAssured RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#xxx.admin") .header("assumed-roles", "test_customer#xxx.admin")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body("{}") .body("{}")
@ -172,7 +172,7 @@ class TestPackageControllerAcceptanceTest {
// @formatter:off // @formatter:off
return UUID.fromString(RestAssured return UUID.fromString(RestAssured
.given() .given()
.header("current-user", "alex@hostsharing.net") .header("current-user", "superuser-alex@hostsharing.net")
.header("assumed-roles", "test_customer#xxx.admin") .header("assumed-roles", "test_customer#xxx.admin")
.port(port) .port(port)
.when() .when()
@ -185,7 +185,7 @@ class TestPackageControllerAcceptanceTest {
} }
String getDescriptionOfPackage(final String packageName) { String getDescriptionOfPackage(final String packageName) {
context.define("alex@hostsharing.net","test_customer#xxx.admin"); context.define("superuser-alex@hostsharing.net","test_customer#xxx.admin");
return testPackageRepository.findAllByOptionalNameLike(packageName).get(0).getDescription(); return testPackageRepository.findAllByOptionalNameLike(packageName).get(0).getDescription();
} }
} }

View File

@ -44,7 +44,7 @@ class TestPackageRepositoryIntegrationTest {
@Test @Test
public void globalAdmin_withoutAssumedRole_canNotViewAnyPackages_becauseThoseGrantsAreNotassumedd() { public void globalAdmin_withoutAssumedRole_canNotViewAnyPackages_becauseThoseGrantsAreNotassumedd() {
// given // given
context.define("alex@hostsharing.net"); context.define("superuser-alex@hostsharing.net");
// when // when
final var result = testPackageRepository.findAllByOptionalNameLike(null); final var result = testPackageRepository.findAllByOptionalNameLike(null);
@ -56,7 +56,7 @@ class TestPackageRepositoryIntegrationTest {
@Test @Test
public void globalAdmin_withAssumedglobalAdminRole__canNotViewAnyPackages_becauseThoseGrantsAreNotassumedd() { public void globalAdmin_withAssumedglobalAdminRole__canNotViewAnyPackages_becauseThoseGrantsAreNotassumedd() {
given: given:
context.define("alex@hostsharing.net", "global#global.admin"); context.define("superuser-alex@hostsharing.net", "global#global.admin");
// when // when
final var result = testPackageRepository.findAllByOptionalNameLike(null); final var result = testPackageRepository.findAllByOptionalNameLike(null);
@ -126,7 +126,7 @@ class TestPackageRepositoryIntegrationTest {
} }
private void globalAdminWithAssumedRole(final String assumedRoles) { private void globalAdminWithAssumedRole(final String assumedRoles) {
context.define("alex@hostsharing.net", assumedRoles); context.define("superuser-alex@hostsharing.net", assumedRoles);
} }
void noPackagesAreReturned(final List<TestPackageEntity> actualResult) { void noPackagesAreReturned(final List<TestPackageEntity> actualResult) {