From 4e2b17a216ec2f3152d068ec8db232f44b0646c5 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Thu, 7 Mar 2024 08:27:00 +0100 Subject: [PATCH] integrate RbacGrantsDiagramService in ContextBasedTest and TestCustomerRepositoryIntegrationTest --- .../rbac/rbacgrant/RbacGrantsDiagramService.java | 12 +++++++----- .../db/changelog/118-test-customer-test-data.sql | 11 +++++------ .../hsadminng/context/ContextBasedTest.java | 6 ++++++ .../cust/TestCustomerRepositoryIntegrationTest.java | 11 +++++++++++ 4 files changed, 29 insertions(+), 11 deletions(-) diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantsDiagramService.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantsDiagramService.java index 68189137..57f86ded 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantsDiagramService.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantsDiagramService.java @@ -68,11 +68,13 @@ public class RbacGrantsDiagramService { if (!includes.contains(PERMISSIONS) && g.getDescendantIdName().startsWith("perm ")) { return; } - if (!includes.contains(TEST_ENTITIES) && g.getDescendantIdName().contains(" test_")) { - return; - } - if (!includes.contains(NON_TEST_ENTITIES) && !g.getDescendantIdName().contains(" test_")) { - return; + if ( !g.getDescendantIdName().startsWith("role global")) { + if (!includes.contains(TEST_ENTITIES) && g.getDescendantIdName().contains(" test_")) { + return; + } + if (!includes.contains(NON_TEST_ENTITIES) && !g.getDescendantIdName().contains(" test_")) { + return; + } } graph.add(g); if (includes.contains(NOT_ASSUMED) || g.isAssumed()) { diff --git a/src/main/resources/db/changelog/118-test-customer-test-data.sql b/src/main/resources/db/changelog/118-test-customer-test-data.sql index 47c6e6aa..643022fe 100644 --- a/src/main/resources/db/changelog/118-test-customer-test-data.sql +++ b/src/main/resources/db/changelog/118-test-customer-test-data.sql @@ -45,12 +45,11 @@ begin select * into newCust from test_customer where reference=custReference; --- call grantRoleToUser( --- getRoleId(testCustomerAdmin(newCust), 'fail'), --- findRoleId(testCustomerOwner(newCust)), --- custAd --- minUuid, --- true); + call grantRoleToUser( + getRoleId(testCustomerAdmin(newCust), 'fail'), + findRoleId(testCustomerOwner(newCust)), + custAdminUuid, + true); end; $$; --// diff --git a/src/test/java/net/hostsharing/hsadminng/context/ContextBasedTest.java b/src/test/java/net/hostsharing/hsadminng/context/ContextBasedTest.java index 1069fa5f..a1f4cfbc 100644 --- a/src/test/java/net/hostsharing/hsadminng/context/ContextBasedTest.java +++ b/src/test/java/net/hostsharing/hsadminng/context/ContextBasedTest.java @@ -1,14 +1,20 @@ package net.hostsharing.hsadminng.context; +import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantsDiagramService; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.TestInfo; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Import; +@Import(RbacGrantsDiagramService.class) public abstract class ContextBasedTest { @Autowired protected Context context; + @Autowired + protected RbacGrantsDiagramService diagramService; + TestInfo test; @BeforeEach diff --git a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java index 018adc72..55c958d5 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java @@ -2,6 +2,8 @@ package net.hostsharing.hsadminng.test.cust; import net.hostsharing.hsadminng.context.Context; import net.hostsharing.hsadminng.context.ContextBasedTest; +import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantsDiagramService; +import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantsDiagramService.Include; import net.hostsharing.test.JpaAttempt; import org.junit.jupiter.api.Nested; import org.junit.jupiter.api.Test; @@ -14,9 +16,11 @@ import jakarta.persistence.EntityManager; import jakarta.persistence.PersistenceContext; import jakarta.persistence.PersistenceException; import jakarta.servlet.http.HttpServletRequest; +import java.util.EnumSet; import java.util.List; import java.util.UUID; +import static java.util.EnumSet.of; import static net.hostsharing.test.JpaAttempt.attempt; import static org.assertj.core.api.Assertions.assertThat; @@ -140,6 +144,13 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest { @Test public void customerAdmin_withAssumedOwnedPackageAdminRole_canViewOnlyItsOwnCustomer() { + context("customer-admin@xxx.example.com"); + RbacGrantsDiagramService.writeToFile( + "customerAdmin_withAssumedOwnedPackageAdminRole_canViewOnlyItsOwnCustomer", + diagramService.allGrantsToCurrentUser(of(Include.USERS, Include.TEST_ENTITIES, Include.NOT_ASSUMED, Include.DETAILS, Include.PERMISSIONS)), + "doc/customerAdmin_withAssumedOwnedPackageAdminRole_canViewOnlyItsOwnCustomer.md" + ); + context("customer-admin@xxx.example.com", "test_package#xxx00.admin"); final var result = testCustomerRepository.findCustomerByOptionalPrefixLike(null);