hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

#145 [Rights-Module] documented the role system and some renaming

Browse Source
This commit is contained in:
Michael Hoennig 2019-05-25 19:43:29 +02:00
parent 57b6399950
commit 7983aa7e52
23 changed files with 280 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
src/main/java/org/hostsharing/hsadminng/service/accessfilter/Role.java
View File

@ -3,94 +3,144 @@ package org.hostsharing.hsadminng.service.accessfilter;
import static com.google.common.base.Verify.verify; import static com.google.common.base.Verify.verify;
import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.User;
import org.hostsharing.hsadminng.domain.UserRoleAssignment;
import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import java.lang.reflect.Field; import java.lang.reflect.Field;
import java.util.Optional; import java.util.Optional;
/** /**
* These enum values are on the one hand used to define the minimum role required to grant access to resources, * These enum values are used to specify the minimum role required to grant access to resources,
* but on the other hand also for the roles users can be assigned to. * see usages of {@link AccessFor}.
* also they can be assigned to users via {@link UserRoleAssignment}.
* Some of the concrete values make only sense in one of these contexts.
* <p> * <p>
* Further, there are two kinds of roles: independent and dependent.
* Independent roles like {@link #HOSTMASTER} are absolute roles which means unrelated to any concrete entity.
* Dependent roles like {@link #CUSTOMER_CONTRACTUAL_CONTACT} are relative to a specific entity,
* in this case to a specific {@link Customer}.
* <p>
*/
/*
* TODO: Maybe splitting it up into UserRole and RequiredRole would make it more clear? * TODO: Maybe splitting it up into UserRole and RequiredRole would make it more clear?
* And maybe instead of a level, we could then add the comprised roles in the constructor? * And maybe instead of a level, we could then add the comprised roles in the constructor?
* This could also be a better way to express that the financial contact has no rights to * This could also be a better way to express that the financial contact has no rights to
* other users resources (see also ACTUAL_CUSTOMER_USEr vs. ANY_CUSTOMER_USER). * other users resources (see also ACTUAL_CUSTOMER_USER vs. ANY_CUSTOMER_USER).
*/ */
public enum Role { public enum Role {
/** /**
* Default for access rights requirement. You can read it as: 'Nobody is allowed to ...'. * Default for access rights requirement. You can read it as: 'Nobody is allowed to ...'.
* This is usually used for fields which are managed by hsadminNg itself. * This is usually used for fields which are managed by hsadminNg itself.
* <p>
* This role cannot be assigned to a user.
* </p>
*/ */
NOBODY(0), NOBODY(0),
/** /**
* Hostmasters are initialize/update/read and field which, except where NOBODY is allowed to. * Hostmasters are initialize/update/read and field which, except where NOBODY is allowed to.
* <p>
* This role can be assigned to a user via {@link User#setAuthorities}.
* </p>
*/ */
HOSTMASTER(1, AuthoritiesConstants.HOSTMASTER), HOSTMASTER(1, AuthoritiesConstants.HOSTMASTER),
/** /**
* This role is for administrators, e.g. to create memberships and book shared and assets. * This role is for administrators, e.g. to create memberships and book shared and assets.
* <p>
* This role can be assigned to a user via {@link User#setAuthorities}.
* </p>
*/ */
ADMIN(2, AuthoritiesConstants.ADMIN), ADMIN(2, AuthoritiesConstants.ADMIN),
/** /**
* This role is for members of the support team. * This role is for members of the support team.
* <p>
* This role can be assigned to a user via {@link User#setAuthorities}.
* </p>
*/ */
SUPPORTER(3, AuthoritiesConstants.SUPPORTER), SUPPORTER(3, AuthoritiesConstants.SUPPORTER),
/** /**
* This role is for contractual contacts of a customer, like a director of the company. * This role is for contractual contacts of a customer, like a director of the company.
* <p>
* Who has this role, has the broadest access to all resources which belong to this customer. * Who has this role, has the broadest access to all resources which belong to this customer.
* Everything which relates to the contract with the customer, needs this role. * Everything which relates to the contract with the customer, needs this role.
* <p>
* This role can be assigned to a user via {@link UserRoleAssignment}.
* </p>
*/ */
CONTRACTUAL_CONTACT(20), CUSTOMER_CONTRACTUAL_CONTACT(20),
/** /**
* This role is for financial contacts of a customer, e.g. for accessing billing data. * This role is for financial contacts of a customer, e.g. for accessing billing data.
* <p>
* The financial contact only covers {@link Role#CUSTOMER_FINANCIAL_CONTACT}, {@link Role#ANY_CUSTOMER_CONTACT} and
* {@link Role#ANYBODY}, but not other <em>normal</em> user roles.
* </p>
* <p>
* This role can be assigned to a user via {@link UserRoleAssignment}.
* </p>
*/ */
FINANCIAL_CONTACT(22) { CUSTOMER_FINANCIAL_CONTACT(22) {
@Override @Override
public boolean covers(final Role role) { public boolean covers(final Role role) {
if (role == ACTUAL_CUSTOMER_USER) { return role == CUSTOMER_FINANCIAL_CONTACT || role == ANY_CUSTOMER_CONTACT || role == ANYBODY;
return false;
}
return super.covers(role);
} }
}, },
/** /**
* This role is for technical contacts of a customer. * This role is for technical contacts of a customer.
* <p>
* This role can be assigned to a user via {@link UserRoleAssignment}.
* </p>
*/ */
TECHNICAL_CONTACT(22), CUSTOMER_TECHNICAL_CONTACT(22),
/** /**
* This meta-role is to specify that any kind of customer contact can get access to the resource. * This meta-role is to specify that any kind of customer contact can get access to the resource.
* <p>
* It's only used to specify the required role and cannot be assigned to a user.
* </p>
*/ */
ANY_CUSTOMER_CONTACT(29), ANY_CUSTOMER_CONTACT(29),
/** /**
* Any user which belongs to a customer has at least this role. * Some user belonging to a customer without a more precise role.
*/ */
ACTUAL_CUSTOMER_USER(30), // TODO: It's mostly a placeholder for more precise future roles like a "webspace admin".
// This also shows that it's a bit ugly that we need the roles of all modules in this enum
// because types for attributes of annotations are quite limited in Java.
ACTUAL_CUSTOMER_USER(80),
/** /**
* Use this to grant rights to any user, also special function users who have no * Use this to grant rights to any user, also special function users who have no
* rights on other users resources. * rights on other users resources.
* <p>
* It's only used to specify the required role and cannot be assigned to a user.
* </p>
*/ */
ANY_CUSTOMER_USER(89), ANY_CUSTOMER_USER(89),
/** /**
* This role is meant to specify that a resources can be accessed by anybody, even without login. * This role is meant to specify that a resources can be accessed by anybody, even without login.
* It's currently only used for technical purposes. * <p>
* It can be used to specify the required role and is the implicit role for un-authenticated users.
* </p>
*/ */
ANYBODY(99, AuthoritiesConstants.ANONYMOUS), ANYBODY(99, AuthoritiesConstants.ANONYMOUS),
/** /**
* Pseudo-role to mark init/update access as ignored because the field is display-only. * Pseudo-role to mark init/update access as ignored because the field is display-only.
* <p>
* This allows REST clients to send the whole response back as a new update request. * This allows REST clients to send the whole response back as a new update request.
* This role is not covered by any and covers itself no role. * This role is not covered by any and covers itself no role.
* <p>
* It's only used to specify the required role and cannot be assigned to a user.
* </p>
*/ */
IGNORED; IGNORED;
@ -127,7 +177,6 @@ public enum Role {
/** /**
* @return the independent authority related 1:1 to this Role or empty if no independent authority is related 1:1 * @return the independent authority related 1:1 to this Role or empty if no independent authority is related 1:1
*
* @see AuthoritiesConstants * @see AuthoritiesConstants
*/ */
public Optional<String> getAuthority() { public Optional<String> getAuthority() {
@ -179,7 +228,7 @@ public enum Role {
* Where 'this' means the Java instance itself as a role of a system user. * Where 'this' means the Java instance itself as a role of a system user.
* <p> * <p>
* {@code * {@code
* Role.HOSTMASTER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT) == true * Role.HOSTMASTER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT) == true
* } * }
* *
* @param roles The alternatively required roles for a resource. Must be at least one. * @param roles The alternatively required roles for a resource. Must be at least one.

14
src/main/java/org/hostsharing/hsadminng/service/dto/AssetDTO.java
View File

@ -26,23 +26,23 @@ import javax.validation.constraints.Size;
public class AssetDTO implements Serializable, AccessMappings { public class AssetDTO implements Serializable, AccessMappings {
@SelfId(resolver = AssetService.class) @SelfId(resolver = AssetService.class)
@AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private Long id; private Long id;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate documentDate; private LocalDate documentDate;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate valueDate; private LocalDate valueDate;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private AssetAction action; private AssetAction action;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private BigDecimal amount; private BigDecimal amount;
@Size(max = 160) @Size(max = 160)
@ -50,10 +50,10 @@ public class AssetDTO implements Serializable, AccessMappings {
private String remark; private String remark;
@ParentId(resolver = MembershipService.class) @ParentId(resolver = MembershipService.class)
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private Long membershipId; private Long membershipId;
@AccessFor(update = Role.IGNORED, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(update = Role.IGNORED, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String membershipDisplayLabel; private String membershipDisplayLabel;
public Long getId() { public Long getId() {

55
src/main/java/org/hostsharing/hsadminng/service/dto/CustomerDTO.java
View File

@ -23,78 +23,99 @@ import javax.validation.constraints.*;
public class CustomerDTO implements AccessMappings, FluentBuilder<CustomerDTO> { public class CustomerDTO implements AccessMappings, FluentBuilder<CustomerDTO> {
@SelfId(resolver = CustomerService.class) @SelfId(resolver = CustomerService.class)
@AccessFor(read = Role.ACTUAL_CUSTOMER_USER) @AccessFor(read = Role.ANY_CUSTOMER_USER)
private Long id; private Long id;
@NotNull @NotNull
@Min(value = 10000) @Min(value = 10000)
@Max(value = 99999) @Max(value = 99999)
@AccessFor(init = Role.ADMIN, read = Role.ACTUAL_CUSTOMER_USER) @AccessFor(init = Role.ADMIN, read = Role.ANY_CUSTOMER_USER)
private Integer reference; private Integer reference;
@NotNull @NotNull
@Size(max = 3) @Size(max = 3)
@Pattern(regexp = "[a-z][a-z0-9]+") @Pattern(regexp = "[a-z][a-z0-9]+")
@AccessFor(init = Role.ADMIN, read = Role.ACTUAL_CUSTOMER_USER) @AccessFor(init = Role.ADMIN, read = Role.ANY_CUSTOMER_USER)
private String prefix; private String prefix;
@NotNull @NotNull
@Size(max = 80) @Size(max = 80)
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.ACTUAL_CUSTOMER_USER) @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.ANY_CUSTOMER_USER)
private String name; private String name;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CONTRACTUAL_CONTACT) @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CUSTOMER_CONTRACTUAL_CONTACT)
private CustomerKind kind; private CustomerKind kind;
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate birthDate; private LocalDate birthDate;
@Size(max = 80) @Size(max = 80)
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String birthPlace; private String birthPlace;
@Size(max = 80) @Size(max = 80)
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String registrationCourt; private String registrationCourt;
@Size(max = 80) @Size(max = 80)
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String registrationNumber; private String registrationNumber;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private VatRegion vatRegion; private VatRegion vatRegion;
@Size(max = 40) @Size(max = 40)
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String vatNumber; private String vatNumber;
@Size(max = 80) @Size(max = 80)
@AccessFor(init = Role.ADMIN, update = Role.CONTRACTUAL_CONTACT, read = Role.CONTRACTUAL_CONTACT) @AccessFor(init = Role.ADMIN, update = Role.CUSTOMER_CONTRACTUAL_CONTACT, read = Role.CUSTOMER_CONTRACTUAL_CONTACT)
private String contractualSalutation; private String contractualSalutation;
@NotNull @NotNull
@Size(max = 400) @Size(max = 400)
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CONTRACTUAL_CONTACT) @AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CUSTOMER_CONTRACTUAL_CONTACT)
private String contractualAddress; private String contractualAddress;
@Size(max = 80) @Size(max = 80)
@AccessFor( @AccessFor(
init = Role.ADMIN, init = Role.ADMIN,
update = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, update = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
read = Role.CONTRACTUAL_CONTACT) read = Role.CUSTOMER_CONTRACTUAL_CONTACT)
private String billingSalutation; private String billingSalutation;
@Size(max = 400) @Size(max = 400)
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String billingAddress; private String billingAddress;
@Size(max = 160) @Size(max = 160)
@AccessFor(init = Role.ADMIN, update = Role.SUPPORTER, read = Role.SUPPORTER) @AccessFor(init = Role.ADMIN, update = Role.SUPPORTER, read = Role.SUPPORTER)
private String remark; private String remark;
@AccessFor(init = Role.ANYBODY, update = Role.ANYBODY, read = Role.ACTUAL_CUSTOMER_USER) @AccessFor(init = Role.ANYBODY, update = Role.ANYBODY, read = Role.ANY_CUSTOMER_USER)
private String displayLabel; private String displayLabel;
public Long getId() { public Long getId() {

24
src/main/java/org/hostsharing/hsadminng/service/dto/MembershipDTO.java
View File

@ -23,21 +23,27 @@ import javax.validation.constraints.Size;
public class MembershipDTO implements AccessMappings, FluentBuilder<MembershipDTO> { public class MembershipDTO implements AccessMappings, FluentBuilder<MembershipDTO> {
@SelfId(resolver = MembershipService.class) @SelfId(resolver = MembershipService.class)
@AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private Long id; private Long id;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate admissionDocumentDate; private LocalDate admissionDocumentDate;
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate cancellationDocumentDate; private LocalDate cancellationDocumentDate;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate memberFromDate; private LocalDate memberFromDate;
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate memberUntilDate; private LocalDate memberUntilDate;
@Size(max = 160) @Size(max = 160)
@ -45,16 +51,16 @@ public class MembershipDTO implements AccessMappings, FluentBuilder<MembershipDT
private String remark; private String remark;
@ParentId(resolver = CustomerService.class) @ParentId(resolver = CustomerService.class)
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private Long customerId; private Long customerId;
@AccessFor(update = Role.IGNORED, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(update = Role.IGNORED, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String customerPrefix; private String customerPrefix;
@AccessFor(update = Role.IGNORED, read = Role.FINANCIAL_CONTACT) @AccessFor(update = Role.IGNORED, read = Role.CUSTOMER_FINANCIAL_CONTACT)
private String customerDisplayLabel; private String customerDisplayLabel;
@AccessFor(update = Role.IGNORED, read = Role.FINANCIAL_CONTACT) @AccessFor(update = Role.IGNORED, read = Role.CUSTOMER_FINANCIAL_CONTACT)
private String displayLabel; private String displayLabel;
public Long getId() { public Long getId() {

43
src/main/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTO.java
View File

@ -23,53 +23,56 @@ import javax.validation.constraints.Size;
public class SepaMandateDTO implements AccessMappings, FluentBuilder<SepaMandateDTO> { public class SepaMandateDTO implements AccessMappings, FluentBuilder<SepaMandateDTO> {
@SelfId(resolver = SepaMandateService.class) @SelfId(resolver = SepaMandateService.class)
@AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private Long id; private Long id;
@NotNull @NotNull
@Size(max = 40) @Size(max = 40)
@AccessFor( @AccessFor(
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String reference; private String reference;
@Size(max = 34) @Size(max = 34)
@AccessFor( @AccessFor(
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String iban; private String iban;
@Size(max = 11) @Size(max = 11)
@AccessFor( @AccessFor(
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String bic; private String bic;
@NotNull @NotNull
@AccessFor( @AccessFor(
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate grantingDocumentDate; private LocalDate grantingDocumentDate;
@AccessFor( @AccessFor(
init = Role.ADMIN, init = Role.ADMIN,
update = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, update = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate revokationDocumentDate; private LocalDate revokationDocumentDate;
@NotNull @NotNull
@AccessFor( @AccessFor(
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate validFromDate; private LocalDate validFromDate;
@AccessFor( @AccessFor(
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
update = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, update = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate validUntilDate; private LocalDate validUntilDate;
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(
init = Role.ADMIN,
update = Role.ADMIN,
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate lastUsedDate; private LocalDate lastUsedDate;
@Size(max = 160) @Size(max = 160)
@ -78,11 +81,11 @@ public class SepaMandateDTO implements AccessMappings, FluentBuilder<SepaMandate
@ParentId(resolver = CustomerService.class) @ParentId(resolver = CustomerService.class)
@AccessFor( @AccessFor(
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }, init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private Long customerId; private Long customerId;
@AccessFor(update = Role.IGNORED, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(update = Role.IGNORED, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String customerDisplayLabel; private String customerDisplayLabel;
public Long getId() { public Long getId() {

14
src/main/java/org/hostsharing/hsadminng/service/dto/ShareDTO.java
View File

@ -25,23 +25,23 @@ import javax.validation.constraints.Size;
public class ShareDTO implements Serializable, AccessMappings { public class ShareDTO implements Serializable, AccessMappings {
@SelfId(resolver = ShareService.class) @SelfId(resolver = ShareService.class)
@AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private Long id; private Long id;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate documentDate; private LocalDate documentDate;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private LocalDate valueDate; private LocalDate valueDate;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private ShareAction action; private ShareAction action;
@NotNull @NotNull
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private Integer quantity; private Integer quantity;
@Size(max = 160) @Size(max = 160)
@ -49,10 +49,10 @@ public class ShareDTO implements Serializable, AccessMappings {
private String remark; private String remark;
@ParentId(resolver = MembershipService.class) @ParentId(resolver = MembershipService.class)
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private Long membershipId; private Long membershipId;
@AccessFor(update = Role.IGNORED, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT }) @AccessFor(update = Role.IGNORED, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
private String membershipDisplayLabel; private String membershipDisplayLabel;
public Long getId() { public Long getId() {

6
src/main/webapp/app/entities/user-role-assignment/user-role-assignment-update.component.html
View File

@ -43,9 +43,9 @@
<label class="form-control-label" jhiTranslate="hsadminNgApp.userRoleAssignment.assignedRole" for="field_assignedRole">Assigned Role</label> <label class="form-control-label" jhiTranslate="hsadminNgApp.userRoleAssignment.assignedRole" for="field_assignedRole">Assigned Role</label>
<select class="form-control" name="assignedRole" [(ngModel)]="userRoleAssignment.assignedRole" id="field_assignedRole" required> <select class="form-control" name="assignedRole" [(ngModel)]="userRoleAssignment.assignedRole" id="field_assignedRole" required>
<!-- only list entity-dependent roles here --> <!-- only list entity-dependent roles here -->
<option value="CONTRACTUAL_CONTACT">{{'hsadminNgApp.UserRole.CONTRACTUAL_CONTACT' | translate}}</option> <option value="CONTRACTUAL_CONTACT">{{'hsadminNgApp.UserRole.CUSTOMER_CONTRACTUAL_CONTACT' | translate}}</option>
<option value="FINANCIAL_CONTACT">{{'hsadminNgApp.UserRole.FINANCIAL_CONTACT' | translate}}</option> <option value="FINANCIAL_CONTACT">{{'hsadminNgApp.UserRole.CUSTOMER_FINANCIAL_CONTACT' | translate}}</option>
<option value="TECHNICAL_CONTACT">{{'hsadminNgApp.UserRole.TECHNICAL_CONTACT' | translate}}</option> <option value="TECHNICAL_CONTACT">{{'hsadminNgApp.UserRole.CUSTOMER_TECHNICAL_CONTACT' | translate}}</option>
<option value="CUSTOMER_USER">{{'hsadminNgApp.UserRole.CUSTOMER_USER' | translate}}</option> <option value="CUSTOMER_USER">{{'hsadminNgApp.UserRole.CUSTOMER_USER' | translate}}</option>
</select> </select>
<div [hidden]="!(editForm.controls.assignedRole?.dirty && editForm.controls.assignedRole?.invalid)"> <div [hidden]="!(editForm.controls.assignedRole?.dirty && editForm.controls.assignedRole?.invalid)">

6
src/main/webapp/app/entities/user-role-assignment/user-role-assignment.component.html
View File

@ -33,9 +33,9 @@
<option value="HOSTMASTER" jhiTranslate="{{'hsadminNgApp.UserRole.HOSTMASTER'}}">HOSTMASTER</option> <option value="HOSTMASTER" jhiTranslate="{{'hsadminNgApp.UserRole.HOSTMASTER'}}">HOSTMASTER</option>
<option value="ADMIN" jhiTranslate="{{'hsadminNgApp.UserRole.ADMIN'}}">ADMIN</option> <option value="ADMIN" jhiTranslate="{{'hsadminNgApp.UserRole.ADMIN'}}">ADMIN</option>
<option value="SUPPORTER" jhiTranslate="{{'hsadminNgApp.UserRole.SUPPORTER'}}">SUPPORTER</option> <option value="SUPPORTER" jhiTranslate="{{'hsadminNgApp.UserRole.SUPPORTER'}}">SUPPORTER</option>
<option value="CONTRACTUAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.CONTRACTUAL_CONTACT'}}">CONTRACTUAL_CONTACT</option> <option value="CONTRACTUAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.CUSTOMER_CONTRACTUAL_CONTACT'}}">CONTRACTUAL_CONTACT</option>
<option value="FINANCIAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.FINANCIAL_CONTACT'}}">FINANCIAL_CONTACT</option> <option value="FINANCIAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.CUSTOMER_FINANCIAL_CONTACT'}}">FINANCIAL_CONTACT</option>
<option value="TECHNICAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.TECHNICAL_CONTACT'}}">TECHNICAL_CONTACT</option> <option value="TECHNICAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.CUSTOMER_TECHNICAL_CONTACT'}}">TECHNICAL_CONTACT</option>
<option value="CUSTOMER_USER" jhiTranslate="{{'hsadminNgApp.UserRole.CUSTOMER_USER'}}">CUSTOMER_USER</option> <option value="CUSTOMER_USER" jhiTranslate="{{'hsadminNgApp.UserRole.CUSTOMER_USER'}}">CUSTOMER_USER</option>
</select> </select>
</th> </th>

10
src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java
View File

@ -65,23 +65,23 @@ public class UserRoleAssignmentServiceUnitTest {
Arrays.asList( Arrays.asList(
new UserRoleAssignment().entityTypeId("test.SomethingElse") new UserRoleAssignment().entityTypeId("test.SomethingElse")
.entityObjectId(givenEntityObjectId) .entityObjectId(givenEntityObjectId)
.assignedRole(Role.CONTRACTUAL_CONTACT), .assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT),
new UserRoleAssignment().entityTypeId(givenEntityTypeId) new UserRoleAssignment().entityTypeId(givenEntityTypeId)
.entityObjectId(givenEntityObjectId) .entityObjectId(givenEntityObjectId)
.assignedRole(Role.FINANCIAL_CONTACT), .assignedRole(Role.CUSTOMER_FINANCIAL_CONTACT),
new UserRoleAssignment().entityTypeId(givenEntityTypeId) new UserRoleAssignment().entityTypeId(givenEntityTypeId)
.entityObjectId(givenEntityObjectId) .entityObjectId(givenEntityObjectId)
.assignedRole(Role.TECHNICAL_CONTACT), .assignedRole(Role.CUSTOMER_TECHNICAL_CONTACT),
new UserRoleAssignment().entityTypeId(givenEntityTypeId) new UserRoleAssignment().entityTypeId(givenEntityTypeId)
.entityObjectId(3L) .entityObjectId(3L)
.assignedRole(Role.CONTRACTUAL_CONTACT))); .assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT)));
// when // when
final Set<Role> actual = userRoleAssignmentService final Set<Role> actual = userRoleAssignmentService
.getEffectiveRoleOfCurrentUser(givenEntityTypeId, givenEntityObjectId); .getEffectiveRoleOfCurrentUser(givenEntityTypeId, givenEntityObjectId);
// then // then
assertThat(actual).containsExactlyInAnyOrder(Role.FINANCIAL_CONTACT, Role.TECHNICAL_CONTACT); assertThat(actual).containsExactlyInAnyOrder(Role.CUSTOMER_FINANCIAL_CONTACT, Role.CUSTOMER_TECHNICAL_CONTACT);
} }
@Test @Test

30
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilterTestFixture.java
View File

@ -56,13 +56,13 @@ public class JSonAccessFilterTestFixture {
Long id; Long id;
@ParentId(resolver = GivenCustomerService.class) @ParentId(resolver = GivenCustomerService.class)
@AccessFor(init = ACTUAL_CUSTOMER_USER, update = ACTUAL_CUSTOMER_USER, read = ACTUAL_CUSTOMER_USER) @AccessFor(init = ANY_CUSTOMER_USER, update = ANY_CUSTOMER_USER, read = ANY_CUSTOMER_USER)
Long customerId; Long customerId;
@AccessFor( @AccessFor(
init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
read = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }) read = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT })
String restrictedField; String restrictedField;
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY) @AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
@ -133,11 +133,18 @@ public class JSonAccessFilterTestFixture {
@AccessFor(read = Role.ANY_CUSTOMER_USER) @AccessFor(read = Role.ANY_CUSTOMER_USER)
Long id; Long id;
@AccessFor(init = Role.CONTRACTUAL_CONTACT, update = Role.CONTRACTUAL_CONTACT, read = ACTUAL_CUSTOMER_USER) @AccessFor(
init = Role.CUSTOMER_CONTRACTUAL_CONTACT,
update = Role.CUSTOMER_CONTRACTUAL_CONTACT,
read = ANY_CUSTOMER_USER)
@ParentId(resolver = GivenService.class) @ParentId(resolver = GivenService.class)
Long parentId; Long parentId;
@AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }) @AccessFor(
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
update = {
CUSTOMER_TECHNICAL_CONTACT,
CUSTOMER_FINANCIAL_CONTACT })
String restrictedField; String restrictedField;
@Override @Override
@ -204,11 +211,18 @@ public class JSonAccessFilterTestFixture {
@AccessFor(read = Role.ANY_CUSTOMER_USER) @AccessFor(read = Role.ANY_CUSTOMER_USER)
Long id; Long id;
@AccessFor(init = Role.CONTRACTUAL_CONTACT, update = Role.CONTRACTUAL_CONTACT, read = ACTUAL_CUSTOMER_USER) @AccessFor(
init = Role.CUSTOMER_CONTRACTUAL_CONTACT,
update = Role.CUSTOMER_CONTRACTUAL_CONTACT,
read = ANY_CUSTOMER_USER)
@ParentId(resolver = GivenParentService.class) @ParentId(resolver = GivenParentService.class)
GivenParent parent; GivenParent parent;
@AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }) @AccessFor(
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
update = {
CUSTOMER_TECHNICAL_CONTACT,
CUSTOMER_FINANCIAL_CONTACT })
String restrictedField; String restrictedField;
@Override @Override

12
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java
View File

@ -83,7 +83,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void init() { public void init() {
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService) securityContext = SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser() .havingAuthenticatedUser()
.withRole(GivenDto.class, 1234L, Role.ACTUAL_CUSTOMER_USER); .withRole(GivenDto.class, 1234L, Role.ANY_CUSTOMER_USER);
given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory); given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory);
given(autowireCapableBeanFactory.createBean(GivenService.class)).willReturn(givenService); given(autowireCapableBeanFactory.createBean(GivenService.class)).willReturn(givenService);
@ -244,7 +244,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldDeserializeStringFieldIfRequiredRoleIsCoveredByUser() throws IOException { public void shouldDeserializeStringFieldIfRequiredRoleIsCoveredByUser() throws IOException {
// given // given
securityContext.havingAuthenticatedUser() securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT); .withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
givenJSonTree( givenJSonTree(
asJSon( asJSon(
ImmutablePair.of("id", 1234L), ImmutablePair.of("id", 1234L),
@ -262,7 +262,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldDeserializeUnchangedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException { public void shouldDeserializeUnchangedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given // given
securityContext.havingAuthenticatedUser() securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT); .withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
givenJSonTree( givenJSonTree(
asJSon( asJSon(
ImmutablePair.of("id", 1234L), ImmutablePair.of("id", 1234L),
@ -320,7 +320,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldNotCreateIfRoleRequiredByParentEntityIsNotCoveredByUser() throws IOException { public void shouldNotCreateIfRoleRequiredByParentEntityIsNotCoveredByUser() throws IOException {
// given // given
securityContext.havingAuthenticatedUser() securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 9999L, Role.CONTRACTUAL_CONTACT); .withRole(GivenCustomerDto.class, 9999L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
givenJSonTree( givenJSonTree(
asJSon( asJSon(
ImmutablePair.of("parentId", 1234L))); ImmutablePair.of("parentId", 1234L)));
@ -340,7 +340,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldCreateIfRoleRequiredByReferencedEntityIsCoveredByUser() throws IOException { public void shouldCreateIfRoleRequiredByReferencedEntityIsCoveredByUser() throws IOException {
// given // given
securityContext.havingAuthenticatedUser() securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.CONTRACTUAL_CONTACT); .withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
givenJSonTree( givenJSonTree(
asJSon( asJSon(
ImmutablePair.of("parentId", 1234L))); ImmutablePair.of("parentId", 1234L)));
@ -357,7 +357,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
public void shouldResolveParentIdFromIdOfSerializedSubEntity() throws IOException { public void shouldResolveParentIdFromIdOfSerializedSubEntity() throws IOException {
// given // given
securityContext.havingAuthenticatedUser() securityContext.havingAuthenticatedUser()
.withRole(GivenParent.class, 1234L, Role.CONTRACTUAL_CONTACT); .withRole(GivenParent.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
givenJSonTree( givenJSonTree(
asJSon( asJSon(
ImmutablePair.of( ImmutablePair.of(

2
src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java
View File

@ -157,7 +157,7 @@ public class JSonSerializationWithAccessFilterUnitTest {
public void shouldSerializeRestrictedFieldIfRequiredRoleIsCoveredByUser() throws IOException { public void shouldSerializeRestrictedFieldIfRequiredRoleIsCoveredByUser() throws IOException {
// given // given
securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT); securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
// when // when
serialize(givenDTO); serialize(givenDTO);

64
src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java
View File

@ -20,9 +20,9 @@ public class RoleUnitTest {
assertThat(Role.ADMIN.covers(Role.ADMIN)).isTrue(); assertThat(Role.ADMIN.covers(Role.ADMIN)).isTrue();
assertThat(Role.SUPPORTER.covers(Role.SUPPORTER)).isTrue(); assertThat(Role.SUPPORTER.covers(Role.SUPPORTER)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isTrue(); assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isTrue();
assertThat(Role.FINANCIAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isTrue(); assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
assertThat(Role.TECHNICAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isTrue(); assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isTrue(); assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isTrue();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue();
@ -35,22 +35,22 @@ public class RoleUnitTest {
assertThat(Role.SUPPORTER.covers(Role.ADMIN)).isFalse(); assertThat(Role.SUPPORTER.covers(Role.ADMIN)).isFalse();
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.SUPPORTER)).isFalse(); assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.SUPPORTER)).isFalse();
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse(); assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.FINANCIAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse(); assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.FINANCIAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isFalse(); assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isFalse();
assertThat(Role.TECHNICAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse(); assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
assertThat(Role.TECHNICAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isFalse(); assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse(); assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CONTRACTUAL_CONTACT))).isFalse(); assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.TECHNICAL_CONTACT))).isFalse(); assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.FINANCIAL_CONTACT))).isFalse(); assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isFalse(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CONTRACTUAL_CONTACT))).isFalse(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.TECHNICAL_CONTACT))).isFalse(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.FINANCIAL_CONTACT))).isFalse(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse();
assertThat(Role.ANYBODY.covers((Role.ANY_CUSTOMER_USER))).isFalse(); assertThat(Role.ANYBODY.covers((Role.ANY_CUSTOMER_USER))).isFalse();
} }
@ -62,18 +62,20 @@ public class RoleUnitTest {
assertThat(Role.SUPPORTER.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue(); assertThat(Role.SUPPORTER.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue(); assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isTrue(); assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isTrue(); assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue();
assertThat(Role.TECHNICAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isTrue(); assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isTrue();
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue(); assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue();
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANYBODY))).isTrue(); assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANYBODY))).isTrue();
} }
@Test @Test
public void financialContactShouldNotCoverAnyCustomersUsersRoleRequirement() { public void financialContactShouldNotCoverAnyOtherRealRoleRequirement() {
assertThat(Role.FINANCIAL_CONTACT.covers(Role.ACTUAL_CUSTOMER_USER)).isFalse(); assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ACTUAL_CUSTOMER_USER)).isFalse();
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse();
} }
@Test @Test
@ -87,11 +89,16 @@ public class RoleUnitTest {
@Test @Test
public void coversAny() { public void coversAny() {
assertThat(Role.HOSTMASTER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue(); assertThat(Role.HOSTMASTER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue(); assertThat(
assertThat(Role.FINANCIAL_CONTACT.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue(); Role.CUSTOMER_CONTRACTUAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
.isTrue();
assertThat(
Role.CUSTOMER_FINANCIAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
.isTrue();
assertThat(Role.ANY_CUSTOMER_USER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isFalse(); assertThat(Role.ANY_CUSTOMER_USER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
.isFalse();
assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny())).isInstanceOf(VerifyException.class); assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny())).isInstanceOf(VerifyException.class);
assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny((Role[]) null))).isInstanceOf(VerifyException.class); assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny((Role[]) null))).isInstanceOf(VerifyException.class);
@ -122,15 +129,16 @@ public class RoleUnitTest {
assertThat(Role.HOSTMASTER.getAuthority()).hasValue(AuthoritiesConstants.HOSTMASTER); assertThat(Role.HOSTMASTER.getAuthority()).hasValue(AuthoritiesConstants.HOSTMASTER);
assertThat(Role.ADMIN.getAuthority()).hasValue(AuthoritiesConstants.ADMIN); assertThat(Role.ADMIN.getAuthority()).hasValue(AuthoritiesConstants.ADMIN);
assertThat(Role.SUPPORTER.getAuthority()).hasValue(AuthoritiesConstants.SUPPORTER); assertThat(Role.SUPPORTER.getAuthority()).hasValue(AuthoritiesConstants.SUPPORTER);
assertThat(Role.CONTRACTUAL_CONTACT.getAuthority()).isEmpty(); assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.getAuthority()).isEmpty();
assertThat(Role.ANYBODY.getAuthority()).hasValue(AuthoritiesConstants.ANONYMOUS); assertThat(Role.ANYBODY.getAuthority()).hasValue(AuthoritiesConstants.ANONYMOUS);
} }
@Test @Test
public void isBroadest() { public void isBroadest() {
assertThat(Role.broadest(Role.HOSTMASTER, Role.CONTRACTUAL_CONTACT)).isEqualTo(Role.HOSTMASTER); assertThat(Role.broadest(Role.HOSTMASTER, Role.CUSTOMER_CONTRACTUAL_CONTACT)).isEqualTo(Role.HOSTMASTER);
assertThat(Role.broadest(Role.CONTRACTUAL_CONTACT, Role.HOSTMASTER)).isEqualTo(Role.HOSTMASTER); assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.HOSTMASTER)).isEqualTo(Role.HOSTMASTER);
assertThat(Role.broadest(Role.CONTRACTUAL_CONTACT, Role.ANY_CUSTOMER_USER)).isEqualTo(Role.CONTRACTUAL_CONTACT); assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.ANY_CUSTOMER_USER))
.isEqualTo(Role.CUSTOMER_CONTRACTUAL_CONTACT);
} }
@Test @Test

7
src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java
View File

@ -129,7 +129,7 @@ public class AssetDTOIntTest {
// given // given
securityContext.havingAuthenticatedUser() securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT); .withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID); final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID);
@ -158,7 +158,8 @@ public class AssetDTOIntTest {
@Test @Test
public void shouldNotDeserializeForContractualCustomerContact() { public void shouldNotDeserializeForContractualCustomerContact() {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT); securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
final String json = new JSonBuilder() final String json = new JSonBuilder()
.withFieldValue("id", SOME_ASSET_ID) .withFieldValue("id", SOME_ASSET_ID)
.withFieldValue("remark", "Updated Remark") .withFieldValue("remark", "Updated Remark")
@ -172,7 +173,7 @@ public class AssetDTOIntTest {
BadRequestAlertException.class, BadRequestAlertException.class,
bre -> assertThat(bre.getMessage()) bre -> assertThat(bre.getMessage())
.isEqualTo( .isEqualTo(
"Update of field AssetDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); "Update of field AssetDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
} }
@Test @Test

12
src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOUnitTest.java
View File

@ -33,9 +33,9 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase<AssetDTO> {
@Test @Test
public void shouldHaveProperAccessForContractualContact() { public void shouldHaveProperAccessForContractualContact() {
initAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); initAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); updateAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor( readAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"id", "id",
"membershipId", "membershipId",
"documentDate", "documentDate",
@ -47,9 +47,9 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase<AssetDTO> {
@Test @Test
public void shouldHaveNoAccessForTechnicalContact() { public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); initAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); updateAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); readAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
} }
@Test @Test

6
src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java
View File

@ -76,7 +76,7 @@ public class CustomerDTOUnitTest {
public void testSerializationAsContractualCustomerContact() throws JsonProcessingException { public void testSerializationAsContractualCustomerContact() throws JsonProcessingException {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CONTRACTUAL_CONTACT); securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
CustomerDTO given = createSomeCustomerDTO(1234L); CustomerDTO given = createSomeCustomerDTO(1234L);
// when // when
@ -91,7 +91,7 @@ public class CustomerDTOUnitTest {
public void testSerializationAsTechnicalCustomerUser() throws JsonProcessingException { public void testSerializationAsTechnicalCustomerUser() throws JsonProcessingException {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.TECHNICAL_CONTACT); securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_TECHNICAL_CONTACT);
CustomerDTO given = createSomeCustomerDTO(1234L); CustomerDTO given = createSomeCustomerDTO(1234L);
// when // when
@ -125,7 +125,7 @@ public class CustomerDTOUnitTest {
@Test @Test
public void testDeserializeAsContractualCustomerContact() throws IOException { public void testDeserializeAsContractualCustomerContact() throws IOException {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CONTRACTUAL_CONTACT); securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
given(customerRepository.findById(1234L)).willReturn(Optional.of(new Customer().id(1234L))); given(customerRepository.findById(1234L)).willReturn(Optional.of(new Customer().id(1234L)));
String json = "{\"id\":1234,\"contractualSalutation\":\"Hallo Updated\",\"billingSalutation\":\"Moin Updated\"}"; String json = "{\"id\":1234,\"contractualSalutation\":\"Hallo Updated\",\"billingSalutation\":\"Moin Updated\"}";

8
src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOIntTest.java
View File

@ -111,7 +111,8 @@ public class MembershipDTOIntTest {
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException { public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT); securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
final MembershipDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID); final MembershipDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID);
// when // when
@ -139,7 +140,8 @@ public class MembershipDTOIntTest {
@Test @Test
public void shouldNotDeserializeForContractualCustomerContact() { public void shouldNotDeserializeForContractualCustomerContact() {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT); securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
final String json = new JSonBuilder() final String json = new JSonBuilder()
.withFieldValue("id", SOME_SEPA_MANDATE_ID) .withFieldValue("id", SOME_SEPA_MANDATE_ID)
.withFieldValue("remark", "Updated Remark") .withFieldValue("remark", "Updated Remark")
@ -152,7 +154,7 @@ public class MembershipDTOIntTest {
assertThat(actual).isInstanceOfSatisfying( assertThat(actual).isInstanceOfSatisfying(
BadRequestAlertException.class, BadRequestAlertException.class,
bre -> assertThat(bre.getMessage()).isEqualTo( bre -> assertThat(bre.getMessage()).isEqualTo(
"Update of field MembershipDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); "Update of field MembershipDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
} }
@Test @Test

12
src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java
View File

@ -40,9 +40,9 @@ public class MembershipDTOUnitTest extends AccessMappingsUnitTestBase<Membership
@Test @Test
public void shouldHaveProperAccessForContractualContact() { public void shouldHaveProperAccessForContractualContact() {
initAccessFor(MembershipDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); initAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); updateAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor( readAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"id", "id",
"admissionDocumentDate", "admissionDocumentDate",
"cancellationDocumentDate", "cancellationDocumentDate",
@ -56,9 +56,9 @@ public class MembershipDTOUnitTest extends AccessMappingsUnitTestBase<Membership
@Test @Test
public void shouldHaveNoAccessForTechnicalContact() { public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(MembershipDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); initAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(MembershipDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); updateAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(MembershipDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); readAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
} }
@Test @Test

8
src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOIntTest.java
View File

@ -116,7 +116,8 @@ public class SepaMandateDTOIntTest {
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException { public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT); securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
final SepaMandateDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID); final SepaMandateDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID);
// when // when
@ -144,7 +145,8 @@ public class SepaMandateDTOIntTest {
@Test @Test
public void shouldNotDeserializeForContractualCustomerContact() { public void shouldNotDeserializeForContractualCustomerContact() {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT); securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
final String json = new JSonBuilder() final String json = new JSonBuilder()
.withFieldValue("id", SOME_SEPA_MANDATE_ID) .withFieldValue("id", SOME_SEPA_MANDATE_ID)
.withFieldValue("remark", "Updated Remark") .withFieldValue("remark", "Updated Remark")
@ -157,7 +159,7 @@ public class SepaMandateDTOIntTest {
assertThat(actual).isInstanceOfSatisfying( assertThat(actual).isInstanceOfSatisfying(
BadRequestAlertException.class, BadRequestAlertException.class,
bre -> assertThat(bre.getMessage()).isEqualTo( bre -> assertThat(bre.getMessage()).isEqualTo(
"Update of field SepaMandateDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); "Update of field SepaMandateDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
} }
@Test @Test

12
src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOUnitTest.java
View File

@ -55,7 +55,7 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
@Test @Test
public void shouldHaveProperAccessForContractualContact() { public void shouldHaveProperAccessForContractualContact() {
initAccessFor(SepaMandateDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor( initAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"grantingDocumentDate", "grantingDocumentDate",
"bic", "bic",
"validUntilDate", "validUntilDate",
@ -63,10 +63,10 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
"validFromDate", "validFromDate",
"iban", "iban",
"reference"); "reference");
updateAccessFor(SepaMandateDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor( updateAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"validUntilDate", "validUntilDate",
"revokationDocumentDate"); "revokationDocumentDate");
readAccessFor(SepaMandateDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor( readAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"grantingDocumentDate", "grantingDocumentDate",
"bic", "bic",
"id", "id",
@ -82,9 +82,9 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
@Test @Test
public void shouldHaveNoAccessForTechnicalContact() { public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(SepaMandateDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); initAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(SepaMandateDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); updateAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(SepaMandateDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); readAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
} }
@Test @Test

8
src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOIntTest.java
View File

@ -128,7 +128,8 @@ public class ShareDTOIntTest {
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException { public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT); securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
final ShareDTO given = createSomeShareDTO(SOME_SHARE_ID); final ShareDTO given = createSomeShareDTO(SOME_SHARE_ID);
// when // when
@ -156,7 +157,8 @@ public class ShareDTOIntTest {
@Test @Test
public void shouldNotDeserializeForContractualCustomerContact() { public void shouldNotDeserializeForContractualCustomerContact() {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT); securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
final String json = new JSonBuilder() final String json = new JSonBuilder()
.withFieldValue("id", SOME_SHARE_ID) .withFieldValue("id", SOME_SHARE_ID)
.withFieldValue("remark", "Updated Remark") .withFieldValue("remark", "Updated Remark")
@ -170,7 +172,7 @@ public class ShareDTOIntTest {
BadRequestAlertException.class, BadRequestAlertException.class,
bre -> assertThat(bre.getMessage()) bre -> assertThat(bre.getMessage())
.isEqualTo( .isEqualTo(
"Update of field ShareDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); "Update of field ShareDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
} }
@Test @Test

12
src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOUnitTest.java
View File

@ -32,9 +32,9 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase<ShareDTO> {
@Test @Test
public void shouldHaveProperAccessForContractualContact() { public void shouldHaveProperAccessForContractualContact() {
initAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); initAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing(); updateAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor( readAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
"id", "id",
"membershipId", "membershipId",
"documentDate", "documentDate",
@ -46,9 +46,9 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase<ShareDTO> {
@Test @Test
public void shouldHaveNoAccessForTechnicalContact() { public void shouldHaveNoAccessForTechnicalContact() {
initAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); initAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
updateAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); updateAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
readAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing(); readAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
} }
@Test @Test

8
src/test/java/org/hostsharing/hsadminng/service/dto/UserRoleAssignmentUnitTest.java
View File

@ -75,7 +75,7 @@ public class UserRoleAssignmentUnitTest {
public void testSerializationAsContractualCustomerContact() throws JsonProcessingException { public void testSerializationAsContractualCustomerContact() throws JsonProcessingException {
// given // given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, CUSTOMER_ID, Role.CONTRACTUAL_CONTACT); securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
UserRoleAssignment given = createSomeUserRoleAssignment(USER_ROLE_ASSIGNMENT_ID); UserRoleAssignment given = createSomeUserRoleAssignment(USER_ROLE_ASSIGNMENT_ID);
// when // when
@ -115,7 +115,7 @@ public class UserRoleAssignmentUnitTest {
"user", "user",
JSonBuilder.asJSon( JSonBuilder.asJSon(
of("id", USER_ID))), of("id", USER_ID))),
of("assignedRole", Role.TECHNICAL_CONTACT.name())); of("assignedRole", Role.CUSTOMER_TECHNICAL_CONTACT.name()));
// when // when
UserRoleAssignment actual = objectMapper.readValue(json, UserRoleAssignment.class); UserRoleAssignment actual = objectMapper.readValue(json, UserRoleAssignment.class);
@ -125,7 +125,7 @@ public class UserRoleAssignmentUnitTest {
expected.setId(USER_ROLE_ASSIGNMENT_ID); expected.setId(USER_ROLE_ASSIGNMENT_ID);
expected.setEntityTypeId(Customer.ENTITY_TYPE_ID); expected.setEntityTypeId(Customer.ENTITY_TYPE_ID);
expected.setEntityObjectId(CUSTOMER_ID); expected.setEntityObjectId(CUSTOMER_ID);
expected.setAssignedRole(Role.TECHNICAL_CONTACT); expected.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT);
expected.setUser(expectedUser); expected.setUser(expectedUser);
assertThat(actual).isEqualToComparingFieldByField(expected); assertThat(actual).isEqualToComparingFieldByField(expected);
} }
@ -148,7 +148,7 @@ public class UserRoleAssignmentUnitTest {
given.setEntityTypeId(Customer.ENTITY_TYPE_ID); given.setEntityTypeId(Customer.ENTITY_TYPE_ID);
given.setEntityObjectId(CUSTOMER_ID); given.setEntityObjectId(CUSTOMER_ID);
given.setUser(new User().id(USER_ID)); given.setUser(new User().id(USER_ID));
given.setAssignedRole(Role.TECHNICAL_CONTACT); given.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT);
return given; return given;
} }
} }