From 7983aa7e52ab8a68b51ea79d2a6eeb4a9b751469 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Sat, 25 May 2019 19:43:29 +0200 Subject: [PATCH] #145 [Rights-Module] documented the role system and some renaming --- .../hsadminng/service/accessfilter/Role.java | 79 +++++++++++++++---- .../hsadminng/service/dto/AssetDTO.java | 14 ++-- .../hsadminng/service/dto/CustomerDTO.java | 55 +++++++++---- .../hsadminng/service/dto/MembershipDTO.java | 24 +++--- .../hsadminng/service/dto/SepaMandateDTO.java | 43 +++++----- .../hsadminng/service/dto/ShareDTO.java | 14 ++-- ...user-role-assignment-update.component.html | 6 +- .../user-role-assignment.component.html | 6 +- .../UserRoleAssignmentServiceUnitTest.java | 10 +-- .../JSonAccessFilterTestFixture.java | 30 +++++-- ...serializationWithAccessFilterUnitTest.java | 12 +-- ...SerializationWithAccessFilterUnitTest.java | 2 +- .../service/accessfilter/RoleUnitTest.java | 64 ++++++++------- .../service/dto/AssetDTOIntTest.java | 7 +- .../service/dto/AssetDTOUnitTest.java | 12 +-- .../service/dto/CustomerDTOUnitTest.java | 6 +- .../service/dto/MembershipDTOIntTest.java | 8 +- .../service/dto/MembershipDTOUnitTest.java | 12 +-- .../service/dto/SepaMandateDTOIntTest.java | 8 +- .../service/dto/SepaMandateDTOUnitTest.java | 12 +-- .../service/dto/ShareDTOIntTest.java | 8 +- .../service/dto/ShareDTOUnitTest.java | 12 +-- .../dto/UserRoleAssignmentUnitTest.java | 8 +- 23 files changed, 280 insertions(+), 172 deletions(-) diff --git a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/Role.java b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/Role.java index 742d9ed9..dcf64b1f 100644 --- a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/Role.java +++ b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/Role.java @@ -3,94 +3,144 @@ package org.hostsharing.hsadminng.service.accessfilter; import static com.google.common.base.Verify.verify; +import org.hostsharing.hsadminng.domain.Customer; +import org.hostsharing.hsadminng.domain.User; +import org.hostsharing.hsadminng.domain.UserRoleAssignment; import org.hostsharing.hsadminng.security.AuthoritiesConstants; import java.lang.reflect.Field; import java.util.Optional; /** - * These enum values are on the one hand used to define the minimum role required to grant access to resources, - * but on the other hand also for the roles users can be assigned to. + * These enum values are used to specify the minimum role required to grant access to resources, + * see usages of {@link AccessFor}. + * also they can be assigned to users via {@link UserRoleAssignment}. + * Some of the concrete values make only sense in one of these contexts. *

+ * Further, there are two kinds of roles: independent and dependent. + * Independent roles like {@link #HOSTMASTER} are absolute roles which means unrelated to any concrete entity. + * Dependent roles like {@link #CUSTOMER_CONTRACTUAL_CONTACT} are relative to a specific entity, + * in this case to a specific {@link Customer}. + *

+ */ +/* * TODO: Maybe splitting it up into UserRole and RequiredRole would make it more clear? * And maybe instead of a level, we could then add the comprised roles in the constructor? * This could also be a better way to express that the financial contact has no rights to - * other users resources (see also ACTUAL_CUSTOMER_USEr vs. ANY_CUSTOMER_USER). + * other users resources (see also ACTUAL_CUSTOMER_USER vs. ANY_CUSTOMER_USER). */ public enum Role { /** * Default for access rights requirement. You can read it as: 'Nobody is allowed to ...'. * This is usually used for fields which are managed by hsadminNg itself. + *

+ * This role cannot be assigned to a user. + *

*/ NOBODY(0), /** * Hostmasters are initialize/update/read and field which, except where NOBODY is allowed to. + *

+ * This role can be assigned to a user via {@link User#setAuthorities}. + *

*/ HOSTMASTER(1, AuthoritiesConstants.HOSTMASTER), /** * This role is for administrators, e.g. to create memberships and book shared and assets. + *

+ * This role can be assigned to a user via {@link User#setAuthorities}. + *

*/ ADMIN(2, AuthoritiesConstants.ADMIN), /** * This role is for members of the support team. + *

+ * This role can be assigned to a user via {@link User#setAuthorities}. + *

*/ SUPPORTER(3, AuthoritiesConstants.SUPPORTER), /** * This role is for contractual contacts of a customer, like a director of the company. + *

* Who has this role, has the broadest access to all resources which belong to this customer. * Everything which relates to the contract with the customer, needs this role. + *

+ * This role can be assigned to a user via {@link UserRoleAssignment}. + *

*/ - CONTRACTUAL_CONTACT(20), + CUSTOMER_CONTRACTUAL_CONTACT(20), /** * This role is for financial contacts of a customer, e.g. for accessing billing data. + *

+ * The financial contact only covers {@link Role#CUSTOMER_FINANCIAL_CONTACT}, {@link Role#ANY_CUSTOMER_CONTACT} and + * {@link Role#ANYBODY}, but not other normal user roles. + *

+ *

+ * This role can be assigned to a user via {@link UserRoleAssignment}. + *

*/ - FINANCIAL_CONTACT(22) { + CUSTOMER_FINANCIAL_CONTACT(22) { @Override public boolean covers(final Role role) { - if (role == ACTUAL_CUSTOMER_USER) { - return false; - } - return super.covers(role); + return role == CUSTOMER_FINANCIAL_CONTACT || role == ANY_CUSTOMER_CONTACT || role == ANYBODY; } }, /** * This role is for technical contacts of a customer. + *

+ * This role can be assigned to a user via {@link UserRoleAssignment}. + *

*/ - TECHNICAL_CONTACT(22), + CUSTOMER_TECHNICAL_CONTACT(22), /** * This meta-role is to specify that any kind of customer contact can get access to the resource. + *

+ * It's only used to specify the required role and cannot be assigned to a user. + *

*/ ANY_CUSTOMER_CONTACT(29), /** - * Any user which belongs to a customer has at least this role. + * Some user belonging to a customer without a more precise role. */ - ACTUAL_CUSTOMER_USER(30), + // TODO: It's mostly a placeholder for more precise future roles like a "webspace admin". + // This also shows that it's a bit ugly that we need the roles of all modules in this enum + // because types for attributes of annotations are quite limited in Java. + ACTUAL_CUSTOMER_USER(80), /** * Use this to grant rights to any user, also special function users who have no * rights on other users resources. + *

+ * It's only used to specify the required role and cannot be assigned to a user. + *

*/ ANY_CUSTOMER_USER(89), /** * This role is meant to specify that a resources can be accessed by anybody, even without login. - * It's currently only used for technical purposes. + *

+ * It can be used to specify the required role and is the implicit role for un-authenticated users. + *

*/ ANYBODY(99, AuthoritiesConstants.ANONYMOUS), /** * Pseudo-role to mark init/update access as ignored because the field is display-only. + *

* This allows REST clients to send the whole response back as a new update request. * This role is not covered by any and covers itself no role. + *

+ * It's only used to specify the required role and cannot be assigned to a user. + *

*/ IGNORED; @@ -127,7 +177,6 @@ public enum Role { /** * @return the independent authority related 1:1 to this Role or empty if no independent authority is related 1:1 - * * @see AuthoritiesConstants */ public Optional getAuthority() { @@ -179,7 +228,7 @@ public enum Role { * Where 'this' means the Java instance itself as a role of a system user. *

* {@code - * Role.HOSTMASTER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT) == true + * Role.HOSTMASTER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT) == true * } * * @param roles The alternatively required roles for a resource. Must be at least one. diff --git a/src/main/java/org/hostsharing/hsadminng/service/dto/AssetDTO.java b/src/main/java/org/hostsharing/hsadminng/service/dto/AssetDTO.java index c0595ea3..ead04d23 100644 --- a/src/main/java/org/hostsharing/hsadminng/service/dto/AssetDTO.java +++ b/src/main/java/org/hostsharing/hsadminng/service/dto/AssetDTO.java @@ -26,23 +26,23 @@ import javax.validation.constraints.Size; public class AssetDTO implements Serializable, AccessMappings { @SelfId(resolver = AssetService.class) - @AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private Long id; @NotNull - @AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate documentDate; @NotNull - @AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate valueDate; @NotNull - @AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private AssetAction action; @NotNull - @AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private BigDecimal amount; @Size(max = 160) @@ -50,10 +50,10 @@ public class AssetDTO implements Serializable, AccessMappings { private String remark; @ParentId(resolver = MembershipService.class) - @AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private Long membershipId; - @AccessFor(update = Role.IGNORED, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(update = Role.IGNORED, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private String membershipDisplayLabel; public Long getId() { diff --git a/src/main/java/org/hostsharing/hsadminng/service/dto/CustomerDTO.java b/src/main/java/org/hostsharing/hsadminng/service/dto/CustomerDTO.java index 78dd39f9..2612a345 100644 --- a/src/main/java/org/hostsharing/hsadminng/service/dto/CustomerDTO.java +++ b/src/main/java/org/hostsharing/hsadminng/service/dto/CustomerDTO.java @@ -23,78 +23,99 @@ import javax.validation.constraints.*; public class CustomerDTO implements AccessMappings, FluentBuilder { @SelfId(resolver = CustomerService.class) - @AccessFor(read = Role.ACTUAL_CUSTOMER_USER) + @AccessFor(read = Role.ANY_CUSTOMER_USER) private Long id; @NotNull @Min(value = 10000) @Max(value = 99999) - @AccessFor(init = Role.ADMIN, read = Role.ACTUAL_CUSTOMER_USER) + @AccessFor(init = Role.ADMIN, read = Role.ANY_CUSTOMER_USER) private Integer reference; @NotNull @Size(max = 3) @Pattern(regexp = "[a-z][a-z0-9]+") - @AccessFor(init = Role.ADMIN, read = Role.ACTUAL_CUSTOMER_USER) + @AccessFor(init = Role.ADMIN, read = Role.ANY_CUSTOMER_USER) private String prefix; @NotNull @Size(max = 80) - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.ACTUAL_CUSTOMER_USER) + @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.ANY_CUSTOMER_USER) private String name; @NotNull - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CONTRACTUAL_CONTACT) + @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CUSTOMER_CONTRACTUAL_CONTACT) private CustomerKind kind; - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate birthDate; @Size(max = 80) - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private String birthPlace; @Size(max = 80) - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private String registrationCourt; @Size(max = 80) - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private String registrationNumber; @NotNull - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private VatRegion vatRegion; @Size(max = 40) - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private String vatNumber; @Size(max = 80) - @AccessFor(init = Role.ADMIN, update = Role.CONTRACTUAL_CONTACT, read = Role.CONTRACTUAL_CONTACT) + @AccessFor(init = Role.ADMIN, update = Role.CUSTOMER_CONTRACTUAL_CONTACT, read = Role.CUSTOMER_CONTRACTUAL_CONTACT) private String contractualSalutation; @NotNull @Size(max = 400) - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CONTRACTUAL_CONTACT) + @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CUSTOMER_CONTRACTUAL_CONTACT) private String contractualAddress; @Size(max = 80) @AccessFor( init = Role.ADMIN, - update = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, - read = Role.CONTRACTUAL_CONTACT) + update = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }, + read = Role.CUSTOMER_CONTRACTUAL_CONTACT) private String billingSalutation; @Size(max = 400) - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private String billingAddress; @Size(max = 160) @AccessFor(init = Role.ADMIN, update = Role.SUPPORTER, read = Role.SUPPORTER) private String remark; - @AccessFor(init = Role.ANYBODY, update = Role.ANYBODY, read = Role.ACTUAL_CUSTOMER_USER) + @AccessFor(init = Role.ANYBODY, update = Role.ANYBODY, read = Role.ANY_CUSTOMER_USER) private String displayLabel; public Long getId() { diff --git a/src/main/java/org/hostsharing/hsadminng/service/dto/MembershipDTO.java b/src/main/java/org/hostsharing/hsadminng/service/dto/MembershipDTO.java index f85508ab..6aba48ab 100644 --- a/src/main/java/org/hostsharing/hsadminng/service/dto/MembershipDTO.java +++ b/src/main/java/org/hostsharing/hsadminng/service/dto/MembershipDTO.java @@ -23,21 +23,27 @@ import javax.validation.constraints.Size; public class MembershipDTO implements AccessMappings, FluentBuilder { @SelfId(resolver = MembershipService.class) - @AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private Long id; @NotNull - @AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate admissionDocumentDate; - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate cancellationDocumentDate; @NotNull - @AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate memberFromDate; - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate memberUntilDate; @Size(max = 160) @@ -45,16 +51,16 @@ public class MembershipDTO implements AccessMappings, FluentBuilder { @SelfId(resolver = SepaMandateService.class) - @AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private Long id; @NotNull @Size(max = 40) @AccessFor( - init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, - read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private String reference; @Size(max = 34) @AccessFor( - init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, - read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private String iban; @Size(max = 11) @AccessFor( - init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, - read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private String bic; @NotNull @AccessFor( - init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, - read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate grantingDocumentDate; @AccessFor( init = Role.ADMIN, - update = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, - read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + update = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate revokationDocumentDate; @NotNull @AccessFor( - init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, - read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate validFromDate; @AccessFor( - init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, - update = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, - read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }, + update = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate validUntilDate; - @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) + @AccessFor( + init = Role.ADMIN, + update = Role.ADMIN, + read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT }) private LocalDate lastUsedDate; @Size(max = 160) @@ -78,11 +81,11 @@ public class SepaMandateDTO implements AccessMappings, FluentBuilderAssigned Role

diff --git a/src/main/webapp/app/entities/user-role-assignment/user-role-assignment.component.html b/src/main/webapp/app/entities/user-role-assignment/user-role-assignment.component.html index a08c8a10..22af5117 100644 --- a/src/main/webapp/app/entities/user-role-assignment/user-role-assignment.component.html +++ b/src/main/webapp/app/entities/user-role-assignment/user-role-assignment.component.html @@ -33,9 +33,9 @@ - - - + + + diff --git a/src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java index 684f0933..bd2a4dfc 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java @@ -65,23 +65,23 @@ public class UserRoleAssignmentServiceUnitTest { Arrays.asList( new UserRoleAssignment().entityTypeId("test.SomethingElse") .entityObjectId(givenEntityObjectId) - .assignedRole(Role.CONTRACTUAL_CONTACT), + .assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT), new UserRoleAssignment().entityTypeId(givenEntityTypeId) .entityObjectId(givenEntityObjectId) - .assignedRole(Role.FINANCIAL_CONTACT), + .assignedRole(Role.CUSTOMER_FINANCIAL_CONTACT), new UserRoleAssignment().entityTypeId(givenEntityTypeId) .entityObjectId(givenEntityObjectId) - .assignedRole(Role.TECHNICAL_CONTACT), + .assignedRole(Role.CUSTOMER_TECHNICAL_CONTACT), new UserRoleAssignment().entityTypeId(givenEntityTypeId) .entityObjectId(3L) - .assignedRole(Role.CONTRACTUAL_CONTACT))); + .assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT))); // when final Set actual = userRoleAssignmentService .getEffectiveRoleOfCurrentUser(givenEntityTypeId, givenEntityObjectId); // then - assertThat(actual).containsExactlyInAnyOrder(Role.FINANCIAL_CONTACT, Role.TECHNICAL_CONTACT); + assertThat(actual).containsExactlyInAnyOrder(Role.CUSTOMER_FINANCIAL_CONTACT, Role.CUSTOMER_TECHNICAL_CONTACT); } @Test diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilterTestFixture.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilterTestFixture.java index 0f49d61e..adb4c655 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilterTestFixture.java +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilterTestFixture.java @@ -56,13 +56,13 @@ public class JSonAccessFilterTestFixture { Long id; @ParentId(resolver = GivenCustomerService.class) - @AccessFor(init = ACTUAL_CUSTOMER_USER, update = ACTUAL_CUSTOMER_USER, read = ACTUAL_CUSTOMER_USER) + @AccessFor(init = ANY_CUSTOMER_USER, update = ANY_CUSTOMER_USER, read = ANY_CUSTOMER_USER) Long customerId; @AccessFor( - init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, - update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, - read = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }) + init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT }, + update = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT }, + read = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT }) String restrictedField; @AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY) @@ -133,11 +133,18 @@ public class JSonAccessFilterTestFixture { @AccessFor(read = Role.ANY_CUSTOMER_USER) Long id; - @AccessFor(init = Role.CONTRACTUAL_CONTACT, update = Role.CONTRACTUAL_CONTACT, read = ACTUAL_CUSTOMER_USER) + @AccessFor( + init = Role.CUSTOMER_CONTRACTUAL_CONTACT, + update = Role.CUSTOMER_CONTRACTUAL_CONTACT, + read = ANY_CUSTOMER_USER) @ParentId(resolver = GivenService.class) Long parentId; - @AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }) + @AccessFor( + init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT }, + update = { + CUSTOMER_TECHNICAL_CONTACT, + CUSTOMER_FINANCIAL_CONTACT }) String restrictedField; @Override @@ -204,11 +211,18 @@ public class JSonAccessFilterTestFixture { @AccessFor(read = Role.ANY_CUSTOMER_USER) Long id; - @AccessFor(init = Role.CONTRACTUAL_CONTACT, update = Role.CONTRACTUAL_CONTACT, read = ACTUAL_CUSTOMER_USER) + @AccessFor( + init = Role.CUSTOMER_CONTRACTUAL_CONTACT, + update = Role.CUSTOMER_CONTRACTUAL_CONTACT, + read = ANY_CUSTOMER_USER) @ParentId(resolver = GivenParentService.class) GivenParent parent; - @AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }) + @AccessFor( + init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT }, + update = { + CUSTOMER_TECHNICAL_CONTACT, + CUSTOMER_FINANCIAL_CONTACT }) String restrictedField; @Override diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java index f835e05f..af13a69d 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java @@ -83,7 +83,7 @@ public class JSonDeserializationWithAccessFilterUnitTest { public void init() { securityContext = SecurityContextMock.usingMock(userRoleAssignmentService) .havingAuthenticatedUser() - .withRole(GivenDto.class, 1234L, Role.ACTUAL_CUSTOMER_USER); + .withRole(GivenDto.class, 1234L, Role.ANY_CUSTOMER_USER); given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory); given(autowireCapableBeanFactory.createBean(GivenService.class)).willReturn(givenService); @@ -244,7 +244,7 @@ public class JSonDeserializationWithAccessFilterUnitTest { public void shouldDeserializeStringFieldIfRequiredRoleIsCoveredByUser() throws IOException { // given securityContext.havingAuthenticatedUser() - .withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT); + .withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT); givenJSonTree( asJSon( ImmutablePair.of("id", 1234L), @@ -262,7 +262,7 @@ public class JSonDeserializationWithAccessFilterUnitTest { public void shouldDeserializeUnchangedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException { // given securityContext.havingAuthenticatedUser() - .withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT); + .withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT); givenJSonTree( asJSon( ImmutablePair.of("id", 1234L), @@ -320,7 +320,7 @@ public class JSonDeserializationWithAccessFilterUnitTest { public void shouldNotCreateIfRoleRequiredByParentEntityIsNotCoveredByUser() throws IOException { // given securityContext.havingAuthenticatedUser() - .withRole(GivenCustomerDto.class, 9999L, Role.CONTRACTUAL_CONTACT); + .withRole(GivenCustomerDto.class, 9999L, Role.CUSTOMER_CONTRACTUAL_CONTACT); givenJSonTree( asJSon( ImmutablePair.of("parentId", 1234L))); @@ -340,7 +340,7 @@ public class JSonDeserializationWithAccessFilterUnitTest { public void shouldCreateIfRoleRequiredByReferencedEntityIsCoveredByUser() throws IOException { // given securityContext.havingAuthenticatedUser() - .withRole(GivenCustomerDto.class, 888L, Role.CONTRACTUAL_CONTACT); + .withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_CONTRACTUAL_CONTACT); givenJSonTree( asJSon( ImmutablePair.of("parentId", 1234L))); @@ -357,7 +357,7 @@ public class JSonDeserializationWithAccessFilterUnitTest { public void shouldResolveParentIdFromIdOfSerializedSubEntity() throws IOException { // given securityContext.havingAuthenticatedUser() - .withRole(GivenParent.class, 1234L, Role.CONTRACTUAL_CONTACT); + .withRole(GivenParent.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT); givenJSonTree( asJSon( ImmutablePair.of( diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java index 8e98ea52..bfc88a9f 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java @@ -157,7 +157,7 @@ public class JSonSerializationWithAccessFilterUnitTest { public void shouldSerializeRestrictedFieldIfRequiredRoleIsCoveredByUser() throws IOException { // given - securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT); + securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT); // when serialize(givenDTO); diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java index 74d6f195..8d316950 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java @@ -20,9 +20,9 @@ public class RoleUnitTest { assertThat(Role.ADMIN.covers(Role.ADMIN)).isTrue(); assertThat(Role.SUPPORTER.covers(Role.SUPPORTER)).isTrue(); - assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isTrue(); - assertThat(Role.FINANCIAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isTrue(); - assertThat(Role.TECHNICAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isTrue(); + assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isTrue(); + assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue(); + assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue(); assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isTrue(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue(); @@ -35,22 +35,22 @@ public class RoleUnitTest { assertThat(Role.SUPPORTER.covers(Role.ADMIN)).isFalse(); assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.SUPPORTER)).isFalse(); - assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse(); - assertThat(Role.FINANCIAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse(); - assertThat(Role.FINANCIAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isFalse(); - assertThat(Role.TECHNICAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse(); - assertThat(Role.TECHNICAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isFalse(); + assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse(); + assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse(); + assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isFalse(); + assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse(); + assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isFalse(); assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse(); - assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CONTRACTUAL_CONTACT))).isFalse(); - assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.TECHNICAL_CONTACT))).isFalse(); - assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.FINANCIAL_CONTACT))).isFalse(); + assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse(); + assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse(); + assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isFalse(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse(); - assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CONTRACTUAL_CONTACT))).isFalse(); - assertThat(Role.ANY_CUSTOMER_USER.covers((Role.TECHNICAL_CONTACT))).isFalse(); - assertThat(Role.ANY_CUSTOMER_USER.covers((Role.FINANCIAL_CONTACT))).isFalse(); + assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse(); + assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse(); + assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse(); assertThat(Role.ANYBODY.covers((Role.ANY_CUSTOMER_USER))).isFalse(); } @@ -62,18 +62,20 @@ public class RoleUnitTest { assertThat(Role.SUPPORTER.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue(); - assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue(); - assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isTrue(); - assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isTrue(); - assertThat(Role.TECHNICAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isTrue(); + assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue(); + assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue(); + assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue(); + assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isTrue(); assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANYBODY))).isTrue(); } @Test - public void financialContactShouldNotCoverAnyCustomersUsersRoleRequirement() { - assertThat(Role.FINANCIAL_CONTACT.covers(Role.ACTUAL_CUSTOMER_USER)).isFalse(); + public void financialContactShouldNotCoverAnyOtherRealRoleRequirement() { + assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse(); + assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ACTUAL_CUSTOMER_USER)).isFalse(); + assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse(); } @Test @@ -87,11 +89,16 @@ public class RoleUnitTest { @Test public void coversAny() { - assertThat(Role.HOSTMASTER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue(); - assertThat(Role.CONTRACTUAL_CONTACT.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue(); - assertThat(Role.FINANCIAL_CONTACT.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue(); + assertThat(Role.HOSTMASTER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue(); + assertThat( + Role.CUSTOMER_CONTRACTUAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT)) + .isTrue(); + assertThat( + Role.CUSTOMER_FINANCIAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT)) + .isTrue(); - assertThat(Role.ANY_CUSTOMER_USER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isFalse(); + assertThat(Role.ANY_CUSTOMER_USER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT)) + .isFalse(); assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny())).isInstanceOf(VerifyException.class); assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny((Role[]) null))).isInstanceOf(VerifyException.class); @@ -122,15 +129,16 @@ public class RoleUnitTest { assertThat(Role.HOSTMASTER.getAuthority()).hasValue(AuthoritiesConstants.HOSTMASTER); assertThat(Role.ADMIN.getAuthority()).hasValue(AuthoritiesConstants.ADMIN); assertThat(Role.SUPPORTER.getAuthority()).hasValue(AuthoritiesConstants.SUPPORTER); - assertThat(Role.CONTRACTUAL_CONTACT.getAuthority()).isEmpty(); + assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.getAuthority()).isEmpty(); assertThat(Role.ANYBODY.getAuthority()).hasValue(AuthoritiesConstants.ANONYMOUS); } @Test public void isBroadest() { - assertThat(Role.broadest(Role.HOSTMASTER, Role.CONTRACTUAL_CONTACT)).isEqualTo(Role.HOSTMASTER); - assertThat(Role.broadest(Role.CONTRACTUAL_CONTACT, Role.HOSTMASTER)).isEqualTo(Role.HOSTMASTER); - assertThat(Role.broadest(Role.CONTRACTUAL_CONTACT, Role.ANY_CUSTOMER_USER)).isEqualTo(Role.CONTRACTUAL_CONTACT); + assertThat(Role.broadest(Role.HOSTMASTER, Role.CUSTOMER_CONTRACTUAL_CONTACT)).isEqualTo(Role.HOSTMASTER); + assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.HOSTMASTER)).isEqualTo(Role.HOSTMASTER); + assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.ANY_CUSTOMER_USER)) + .isEqualTo(Role.CUSTOMER_CONTRACTUAL_CONTACT); } @Test diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java index 1b9994cd..09f45ad0 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java @@ -129,7 +129,7 @@ public class AssetDTOIntTest { // given securityContext.havingAuthenticatedUser() - .withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT); + .withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT); final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID); @@ -158,7 +158,8 @@ public class AssetDTOIntTest { @Test public void shouldNotDeserializeForContractualCustomerContact() { // given - securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT); + securityContext.havingAuthenticatedUser() + .withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT); final String json = new JSonBuilder() .withFieldValue("id", SOME_ASSET_ID) .withFieldValue("remark", "Updated Remark") @@ -172,7 +173,7 @@ public class AssetDTOIntTest { BadRequestAlertException.class, bre -> assertThat(bre.getMessage()) .isEqualTo( - "Update of field AssetDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); + "Update of field AssetDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT")); } @Test diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOUnitTest.java index 578778ab..093196e6 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOUnitTest.java @@ -33,9 +33,9 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase { @Test public void shouldHaveProperAccessForContractualContact() { - initAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); - updateAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); - readAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor( + initAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing(); + updateAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing(); + readAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor( "id", "membershipId", "documentDate", @@ -47,9 +47,9 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase { @Test public void shouldHaveNoAccessForTechnicalContact() { - initAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); - updateAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); - readAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); + initAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing(); + updateAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing(); + readAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing(); } @Test diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java index a1d47fb5..98aefc50 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java @@ -76,7 +76,7 @@ public class CustomerDTOUnitTest { public void testSerializationAsContractualCustomerContact() throws JsonProcessingException { // given - securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CONTRACTUAL_CONTACT); + securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT); CustomerDTO given = createSomeCustomerDTO(1234L); // when @@ -91,7 +91,7 @@ public class CustomerDTOUnitTest { public void testSerializationAsTechnicalCustomerUser() throws JsonProcessingException { // given - securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.TECHNICAL_CONTACT); + securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_TECHNICAL_CONTACT); CustomerDTO given = createSomeCustomerDTO(1234L); // when @@ -125,7 +125,7 @@ public class CustomerDTOUnitTest { @Test public void testDeserializeAsContractualCustomerContact() throws IOException { // given - securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CONTRACTUAL_CONTACT); + securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT); given(customerRepository.findById(1234L)).willReturn(Optional.of(new Customer().id(1234L))); String json = "{\"id\":1234,\"contractualSalutation\":\"Hallo Updated\",\"billingSalutation\":\"Moin Updated\"}"; diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOIntTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOIntTest.java index dffb8cc0..bc5f640a 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOIntTest.java @@ -111,7 +111,8 @@ public class MembershipDTOIntTest { public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException { // given - securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT); + securityContext.havingAuthenticatedUser() + .withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT); final MembershipDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID); // when @@ -139,7 +140,8 @@ public class MembershipDTOIntTest { @Test public void shouldNotDeserializeForContractualCustomerContact() { // given - securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT); + securityContext.havingAuthenticatedUser() + .withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT); final String json = new JSonBuilder() .withFieldValue("id", SOME_SEPA_MANDATE_ID) .withFieldValue("remark", "Updated Remark") @@ -152,7 +154,7 @@ public class MembershipDTOIntTest { assertThat(actual).isInstanceOfSatisfying( BadRequestAlertException.class, bre -> assertThat(bre.getMessage()).isEqualTo( - "Update of field MembershipDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); + "Update of field MembershipDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT")); } @Test diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java index ce018f50..fc91e0f1 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java @@ -40,9 +40,9 @@ public class MembershipDTOUnitTest extends AccessMappingsUnitTestBase assertThat(bre.getMessage()).isEqualTo( - "Update of field SepaMandateDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); + "Update of field SepaMandateDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT")); } @Test diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOUnitTest.java index be7babf9..26461a0e 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOUnitTest.java @@ -55,7 +55,7 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase assertThat(bre.getMessage()) .isEqualTo( - "Update of field ShareDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); + "Update of field ShareDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT")); } @Test diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOUnitTest.java index 65bbd153..416778b8 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOUnitTest.java @@ -32,9 +32,9 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase { @Test public void shouldHaveProperAccessForContractualContact() { - initAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); - updateAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); - readAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor( + initAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing(); + updateAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing(); + readAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor( "id", "membershipId", "documentDate", @@ -46,9 +46,9 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase { @Test public void shouldHaveNoAccessForTechnicalContact() { - initAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); - updateAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); - readAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); + initAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing(); + updateAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing(); + readAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing(); } @Test diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/UserRoleAssignmentUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/UserRoleAssignmentUnitTest.java index d1ffc9d1..5b82ed70 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/UserRoleAssignmentUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/UserRoleAssignmentUnitTest.java @@ -75,7 +75,7 @@ public class UserRoleAssignmentUnitTest { public void testSerializationAsContractualCustomerContact() throws JsonProcessingException { // given - securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, CUSTOMER_ID, Role.CONTRACTUAL_CONTACT); + securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT); UserRoleAssignment given = createSomeUserRoleAssignment(USER_ROLE_ASSIGNMENT_ID); // when @@ -115,7 +115,7 @@ public class UserRoleAssignmentUnitTest { "user", JSonBuilder.asJSon( of("id", USER_ID))), - of("assignedRole", Role.TECHNICAL_CONTACT.name())); + of("assignedRole", Role.CUSTOMER_TECHNICAL_CONTACT.name())); // when UserRoleAssignment actual = objectMapper.readValue(json, UserRoleAssignment.class); @@ -125,7 +125,7 @@ public class UserRoleAssignmentUnitTest { expected.setId(USER_ROLE_ASSIGNMENT_ID); expected.setEntityTypeId(Customer.ENTITY_TYPE_ID); expected.setEntityObjectId(CUSTOMER_ID); - expected.setAssignedRole(Role.TECHNICAL_CONTACT); + expected.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT); expected.setUser(expectedUser); assertThat(actual).isEqualToComparingFieldByField(expected); } @@ -148,7 +148,7 @@ public class UserRoleAssignmentUnitTest { given.setEntityTypeId(Customer.ENTITY_TYPE_ID); given.setEntityObjectId(CUSTOMER_ID); given.setUser(new User().id(USER_ID)); - given.setAssignedRole(Role.TECHNICAL_CONTACT); + given.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT); return given; } }