#145 [Rights-Module] documented the role system and some renaming
This commit is contained in:
Michael Hoennig
parent
57b6399950
commit
7983aa7e52
@ -3,94 +3,144 @@ package org.hostsharing.hsadminng.service.accessfilter;
|
||||
|
||||
import static com.google.common.base.Verify.verify;
|
||||
|
||||
import org.hostsharing.hsadminng.domain.Customer;
|
||||
import org.hostsharing.hsadminng.domain.User;
|
||||
import org.hostsharing.hsadminng.domain.UserRoleAssignment;
|
||||
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
|
||||
|
||||
import java.lang.reflect.Field;
|
||||
import java.util.Optional;
|
||||
|
||||
/**
|
||||
* These enum values are on the one hand used to define the minimum role required to grant access to resources,
|
||||
* but on the other hand also for the roles users can be assigned to.
|
||||
* These enum values are used to specify the minimum role required to grant access to resources,
|
||||
* see usages of {@link AccessFor}.
|
||||
* also they can be assigned to users via {@link UserRoleAssignment}.
|
||||
* Some of the concrete values make only sense in one of these contexts.
|
||||
* <p>
|
||||
* Further, there are two kinds of roles: independent and dependent.
|
||||
* Independent roles like {@link #HOSTMASTER} are absolute roles which means unrelated to any concrete entity.
|
||||
* Dependent roles like {@link #CUSTOMER_CONTRACTUAL_CONTACT} are relative to a specific entity,
|
||||
* in this case to a specific {@link Customer}.
|
||||
* <p>
|
||||
*/
|
||||
/*
|
||||
* TODO: Maybe splitting it up into UserRole and RequiredRole would make it more clear?
|
||||
* And maybe instead of a level, we could then add the comprised roles in the constructor?
|
||||
* This could also be a better way to express that the financial contact has no rights to
|
||||
* other users resources (see also ACTUAL_CUSTOMER_USEr vs. ANY_CUSTOMER_USER).
|
||||
* other users resources (see also ACTUAL_CUSTOMER_USER vs. ANY_CUSTOMER_USER).
|
||||
*/
|
||||
public enum Role {
|
||||
/**
|
||||
* Default for access rights requirement. You can read it as: 'Nobody is allowed to ...'.
|
||||
* This is usually used for fields which are managed by hsadminNg itself.
|
||||
* <p>
|
||||
* This role cannot be assigned to a user.
|
||||
* </p>
|
||||
*/
|
||||
NOBODY(0),
|
||||
|
||||
/**
|
||||
* Hostmasters are initialize/update/read and field which, except where NOBODY is allowed to.
|
||||
* <p>
|
||||
* This role can be assigned to a user via {@link User#setAuthorities}.
|
||||
* </p>
|
||||
*/
|
||||
HOSTMASTER(1, AuthoritiesConstants.HOSTMASTER),
|
||||
|
||||
/**
|
||||
* This role is for administrators, e.g. to create memberships and book shared and assets.
|
||||
* <p>
|
||||
* This role can be assigned to a user via {@link User#setAuthorities}.
|
||||
* </p>
|
||||
*/
|
||||
ADMIN(2, AuthoritiesConstants.ADMIN),
|
||||
|
||||
/**
|
||||
* This role is for members of the support team.
|
||||
* <p>
|
||||
* This role can be assigned to a user via {@link User#setAuthorities}.
|
||||
* </p>
|
||||
*/
|
||||
SUPPORTER(3, AuthoritiesConstants.SUPPORTER),
|
||||
|
||||
/**
|
||||
* This role is for contractual contacts of a customer, like a director of the company.
|
||||
* <p>
|
||||
* Who has this role, has the broadest access to all resources which belong to this customer.
|
||||
* Everything which relates to the contract with the customer, needs this role.
|
||||
* <p>
|
||||
* This role can be assigned to a user via {@link UserRoleAssignment}.
|
||||
* </p>
|
||||
*/
|
||||
CONTRACTUAL_CONTACT(20),
|
||||
CUSTOMER_CONTRACTUAL_CONTACT(20),
|
||||
|
||||
/**
|
||||
* This role is for financial contacts of a customer, e.g. for accessing billing data.
|
||||
* <p>
|
||||
* The financial contact only covers {@link Role#CUSTOMER_FINANCIAL_CONTACT}, {@link Role#ANY_CUSTOMER_CONTACT} and
|
||||
* {@link Role#ANYBODY}, but not other <em>normal</em> user roles.
|
||||
* </p>
|
||||
* <p>
|
||||
* This role can be assigned to a user via {@link UserRoleAssignment}.
|
||||
* </p>
|
||||
*/
|
||||
FINANCIAL_CONTACT(22) {
|
||||
CUSTOMER_FINANCIAL_CONTACT(22) {
|
||||
|
||||
@Override
|
||||
public boolean covers(final Role role) {
|
||||
if (role == ACTUAL_CUSTOMER_USER) {
|
||||
return false;
|
||||
}
|
||||
return super.covers(role);
|
||||
return role == CUSTOMER_FINANCIAL_CONTACT || role == ANY_CUSTOMER_CONTACT || role == ANYBODY;
|
||||
}
|
||||
},
|
||||
|
||||
/**
|
||||
* This role is for technical contacts of a customer.
|
||||
* <p>
|
||||
* This role can be assigned to a user via {@link UserRoleAssignment}.
|
||||
* </p>
|
||||
*/
|
||||
TECHNICAL_CONTACT(22),
|
||||
CUSTOMER_TECHNICAL_CONTACT(22),
|
||||
|
||||
/**
|
||||
* This meta-role is to specify that any kind of customer contact can get access to the resource.
|
||||
* <p>
|
||||
* It's only used to specify the required role and cannot be assigned to a user.
|
||||
* </p>
|
||||
*/
|
||||
ANY_CUSTOMER_CONTACT(29),
|
||||
|
||||
/**
|
||||
* Any user which belongs to a customer has at least this role.
|
||||
* Some user belonging to a customer without a more precise role.
|
||||
*/
|
||||
ACTUAL_CUSTOMER_USER(30),
|
||||
// TODO: It's mostly a placeholder for more precise future roles like a "webspace admin".
|
||||
// This also shows that it's a bit ugly that we need the roles of all modules in this enum
|
||||
// because types for attributes of annotations are quite limited in Java.
|
||||
ACTUAL_CUSTOMER_USER(80),
|
||||
|
||||
/**
|
||||
* Use this to grant rights to any user, also special function users who have no
|
||||
* rights on other users resources.
|
||||
* <p>
|
||||
* It's only used to specify the required role and cannot be assigned to a user.
|
||||
* </p>
|
||||
*/
|
||||
ANY_CUSTOMER_USER(89),
|
||||
|
||||
/**
|
||||
* This role is meant to specify that a resources can be accessed by anybody, even without login.
|
||||
* It's currently only used for technical purposes.
|
||||
* <p>
|
||||
* It can be used to specify the required role and is the implicit role for un-authenticated users.
|
||||
* </p>
|
||||
*/
|
||||
ANYBODY(99, AuthoritiesConstants.ANONYMOUS),
|
||||
|
||||
/**
|
||||
* Pseudo-role to mark init/update access as ignored because the field is display-only.
|
||||
* <p>
|
||||
* This allows REST clients to send the whole response back as a new update request.
|
||||
* This role is not covered by any and covers itself no role.
|
||||
* <p>
|
||||
* It's only used to specify the required role and cannot be assigned to a user.
|
||||
* </p>
|
||||
*/
|
||||
IGNORED;
|
||||
|
||||
@ -127,7 +177,6 @@ public enum Role {
|
||||
|
||||
/**
|
||||
* @return the independent authority related 1:1 to this Role or empty if no independent authority is related 1:1
|
||||
*
|
||||
* @see AuthoritiesConstants
|
||||
*/
|
||||
public Optional<String> getAuthority() {
|
||||
@ -179,7 +228,7 @@ public enum Role {
|
||||
* Where 'this' means the Java instance itself as a role of a system user.
|
||||
* <p>
|
||||
* {@code
|
||||
* Role.HOSTMASTER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT) == true
|
||||
* Role.HOSTMASTER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT) == true
|
||||
* }
|
||||
*
|
||||
* @param roles The alternatively required roles for a resource. Must be at least one.
|
||||
|
||||
@ -26,23 +26,23 @@ import javax.validation.constraints.Size;
|
||||
public class AssetDTO implements Serializable, AccessMappings {
|
||||
|
||||
@SelfId(resolver = AssetService.class)
|
||||
@AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private Long id;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate documentDate;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate valueDate;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private AssetAction action;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private BigDecimal amount;
|
||||
|
||||
@Size(max = 160)
|
||||
@ -50,10 +50,10 @@ public class AssetDTO implements Serializable, AccessMappings {
|
||||
private String remark;
|
||||
|
||||
@ParentId(resolver = MembershipService.class)
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private Long membershipId;
|
||||
|
||||
@AccessFor(update = Role.IGNORED, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(update = Role.IGNORED, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String membershipDisplayLabel;
|
||||
|
||||
public Long getId() {
|
||||
|
||||
@ -23,78 +23,99 @@ import javax.validation.constraints.*;
|
||||
public class CustomerDTO implements AccessMappings, FluentBuilder<CustomerDTO> {
|
||||
|
||||
@SelfId(resolver = CustomerService.class)
|
||||
@AccessFor(read = Role.ACTUAL_CUSTOMER_USER)
|
||||
@AccessFor(read = Role.ANY_CUSTOMER_USER)
|
||||
private Long id;
|
||||
|
||||
@NotNull
|
||||
@Min(value = 10000)
|
||||
@Max(value = 99999)
|
||||
@AccessFor(init = Role.ADMIN, read = Role.ACTUAL_CUSTOMER_USER)
|
||||
@AccessFor(init = Role.ADMIN, read = Role.ANY_CUSTOMER_USER)
|
||||
private Integer reference;
|
||||
|
||||
@NotNull
|
||||
@Size(max = 3)
|
||||
@Pattern(regexp = "[a-z][a-z0-9]+")
|
||||
@AccessFor(init = Role.ADMIN, read = Role.ACTUAL_CUSTOMER_USER)
|
||||
@AccessFor(init = Role.ADMIN, read = Role.ANY_CUSTOMER_USER)
|
||||
private String prefix;
|
||||
|
||||
@NotNull
|
||||
@Size(max = 80)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.ACTUAL_CUSTOMER_USER)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.ANY_CUSTOMER_USER)
|
||||
private String name;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CONTRACTUAL_CONTACT)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CUSTOMER_CONTRACTUAL_CONTACT)
|
||||
private CustomerKind kind;
|
||||
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate birthDate;
|
||||
|
||||
@Size(max = 80)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String birthPlace;
|
||||
|
||||
@Size(max = 80)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String registrationCourt;
|
||||
|
||||
@Size(max = 80)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String registrationNumber;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private VatRegion vatRegion;
|
||||
|
||||
@Size(max = 40)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String vatNumber;
|
||||
|
||||
@Size(max = 80)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.CONTRACTUAL_CONTACT, read = Role.CONTRACTUAL_CONTACT)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.CUSTOMER_CONTRACTUAL_CONTACT, read = Role.CUSTOMER_CONTRACTUAL_CONTACT)
|
||||
private String contractualSalutation;
|
||||
|
||||
@NotNull
|
||||
@Size(max = 400)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CONTRACTUAL_CONTACT)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = Role.CUSTOMER_CONTRACTUAL_CONTACT)
|
||||
private String contractualAddress;
|
||||
|
||||
@Size(max = 80)
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
read = Role.CONTRACTUAL_CONTACT)
|
||||
update = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = Role.CUSTOMER_CONTRACTUAL_CONTACT)
|
||||
private String billingSalutation;
|
||||
|
||||
@Size(max = 400)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String billingAddress;
|
||||
|
||||
@Size(max = 160)
|
||||
@AccessFor(init = Role.ADMIN, update = Role.SUPPORTER, read = Role.SUPPORTER)
|
||||
private String remark;
|
||||
|
||||
@AccessFor(init = Role.ANYBODY, update = Role.ANYBODY, read = Role.ACTUAL_CUSTOMER_USER)
|
||||
@AccessFor(init = Role.ANYBODY, update = Role.ANYBODY, read = Role.ANY_CUSTOMER_USER)
|
||||
private String displayLabel;
|
||||
|
||||
public Long getId() {
|
||||
|
||||
@ -23,21 +23,27 @@ import javax.validation.constraints.Size;
|
||||
public class MembershipDTO implements AccessMappings, FluentBuilder<MembershipDTO> {
|
||||
|
||||
@SelfId(resolver = MembershipService.class)
|
||||
@AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private Long id;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate admissionDocumentDate;
|
||||
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate cancellationDocumentDate;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate memberFromDate;
|
||||
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate memberUntilDate;
|
||||
|
||||
@Size(max = 160)
|
||||
@ -45,16 +51,16 @@ public class MembershipDTO implements AccessMappings, FluentBuilder<MembershipDT
|
||||
private String remark;
|
||||
|
||||
@ParentId(resolver = CustomerService.class)
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private Long customerId;
|
||||
|
||||
@AccessFor(update = Role.IGNORED, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(update = Role.IGNORED, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String customerPrefix;
|
||||
|
||||
@AccessFor(update = Role.IGNORED, read = Role.FINANCIAL_CONTACT)
|
||||
@AccessFor(update = Role.IGNORED, read = Role.CUSTOMER_FINANCIAL_CONTACT)
|
||||
private String customerDisplayLabel;
|
||||
|
||||
@AccessFor(update = Role.IGNORED, read = Role.FINANCIAL_CONTACT)
|
||||
@AccessFor(update = Role.IGNORED, read = Role.CUSTOMER_FINANCIAL_CONTACT)
|
||||
private String displayLabel;
|
||||
|
||||
public Long getId() {
|
||||
|
||||
@ -23,53 +23,56 @@ import javax.validation.constraints.Size;
|
||||
public class SepaMandateDTO implements AccessMappings, FluentBuilder<SepaMandateDTO> {
|
||||
|
||||
@SelfId(resolver = SepaMandateService.class)
|
||||
@AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private Long id;
|
||||
|
||||
@NotNull
|
||||
@Size(max = 40)
|
||||
@AccessFor(
|
||||
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String reference;
|
||||
|
||||
@Size(max = 34)
|
||||
@AccessFor(
|
||||
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String iban;
|
||||
|
||||
@Size(max = 11)
|
||||
@AccessFor(
|
||||
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String bic;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(
|
||||
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate grantingDocumentDate;
|
||||
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
update = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate revokationDocumentDate;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(
|
||||
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate validFromDate;
|
||||
|
||||
@AccessFor(
|
||||
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
update = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
update = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate validUntilDate;
|
||||
|
||||
@AccessFor(init = Role.ADMIN, update = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = Role.ADMIN,
|
||||
update = Role.ADMIN,
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate lastUsedDate;
|
||||
|
||||
@Size(max = 160)
|
||||
@ -78,11 +81,11 @@ public class SepaMandateDTO implements AccessMappings, FluentBuilder<SepaMandate
|
||||
|
||||
@ParentId(resolver = CustomerService.class)
|
||||
@AccessFor(
|
||||
init = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT },
|
||||
read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
init = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private Long customerId;
|
||||
|
||||
@AccessFor(update = Role.IGNORED, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(update = Role.IGNORED, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String customerDisplayLabel;
|
||||
|
||||
public Long getId() {
|
||||
|
||||
@ -25,23 +25,23 @@ import javax.validation.constraints.Size;
|
||||
public class ShareDTO implements Serializable, AccessMappings {
|
||||
|
||||
@SelfId(resolver = ShareService.class)
|
||||
@AccessFor(read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private Long id;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate documentDate;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private LocalDate valueDate;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private ShareAction action;
|
||||
|
||||
@NotNull
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private Integer quantity;
|
||||
|
||||
@Size(max = 160)
|
||||
@ -49,10 +49,10 @@ public class ShareDTO implements Serializable, AccessMappings {
|
||||
private String remark;
|
||||
|
||||
@ParentId(resolver = MembershipService.class)
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(init = Role.ADMIN, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private Long membershipId;
|
||||
|
||||
@AccessFor(update = Role.IGNORED, read = { Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT })
|
||||
@AccessFor(update = Role.IGNORED, read = { Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT })
|
||||
private String membershipDisplayLabel;
|
||||
|
||||
public Long getId() {
|
||||
|
||||
@ -43,9 +43,9 @@
|
||||
<label class="form-control-label" jhiTranslate="hsadminNgApp.userRoleAssignment.assignedRole" for="field_assignedRole">Assigned Role</label>
|
||||
<select class="form-control" name="assignedRole" [(ngModel)]="userRoleAssignment.assignedRole" id="field_assignedRole" required>
|
||||
<!-- only list entity-dependent roles here -->
|
||||
<option value="CONTRACTUAL_CONTACT">{{'hsadminNgApp.UserRole.CONTRACTUAL_CONTACT' | translate}}</option>
|
||||
<option value="FINANCIAL_CONTACT">{{'hsadminNgApp.UserRole.FINANCIAL_CONTACT' | translate}}</option>
|
||||
<option value="TECHNICAL_CONTACT">{{'hsadminNgApp.UserRole.TECHNICAL_CONTACT' | translate}}</option>
|
||||
<option value="CONTRACTUAL_CONTACT">{{'hsadminNgApp.UserRole.CUSTOMER_CONTRACTUAL_CONTACT' | translate}}</option>
|
||||
<option value="FINANCIAL_CONTACT">{{'hsadminNgApp.UserRole.CUSTOMER_FINANCIAL_CONTACT' | translate}}</option>
|
||||
<option value="TECHNICAL_CONTACT">{{'hsadminNgApp.UserRole.CUSTOMER_TECHNICAL_CONTACT' | translate}}</option>
|
||||
<option value="CUSTOMER_USER">{{'hsadminNgApp.UserRole.CUSTOMER_USER' | translate}}</option>
|
||||
</select>
|
||||
<div [hidden]="!(editForm.controls.assignedRole?.dirty && editForm.controls.assignedRole?.invalid)">
|
||||
|
||||
@ -33,9 +33,9 @@
|
||||
<option value="HOSTMASTER" jhiTranslate="{{'hsadminNgApp.UserRole.HOSTMASTER'}}">HOSTMASTER</option>
|
||||
<option value="ADMIN" jhiTranslate="{{'hsadminNgApp.UserRole.ADMIN'}}">ADMIN</option>
|
||||
<option value="SUPPORTER" jhiTranslate="{{'hsadminNgApp.UserRole.SUPPORTER'}}">SUPPORTER</option>
|
||||
<option value="CONTRACTUAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.CONTRACTUAL_CONTACT'}}">CONTRACTUAL_CONTACT</option>
|
||||
<option value="FINANCIAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.FINANCIAL_CONTACT'}}">FINANCIAL_CONTACT</option>
|
||||
<option value="TECHNICAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.TECHNICAL_CONTACT'}}">TECHNICAL_CONTACT</option>
|
||||
<option value="CONTRACTUAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.CUSTOMER_CONTRACTUAL_CONTACT'}}">CONTRACTUAL_CONTACT</option>
|
||||
<option value="FINANCIAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.CUSTOMER_FINANCIAL_CONTACT'}}">FINANCIAL_CONTACT</option>
|
||||
<option value="TECHNICAL_CONTACT" jhiTranslate="{{'hsadminNgApp.UserRole.CUSTOMER_TECHNICAL_CONTACT'}}">TECHNICAL_CONTACT</option>
|
||||
<option value="CUSTOMER_USER" jhiTranslate="{{'hsadminNgApp.UserRole.CUSTOMER_USER'}}">CUSTOMER_USER</option>
|
||||
</select>
|
||||
</th>
|
||||
|
||||
@ -65,23 +65,23 @@ public class UserRoleAssignmentServiceUnitTest {
|
||||
Arrays.asList(
|
||||
new UserRoleAssignment().entityTypeId("test.SomethingElse")
|
||||
.entityObjectId(givenEntityObjectId)
|
||||
.assignedRole(Role.CONTRACTUAL_CONTACT),
|
||||
.assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT),
|
||||
new UserRoleAssignment().entityTypeId(givenEntityTypeId)
|
||||
.entityObjectId(givenEntityObjectId)
|
||||
.assignedRole(Role.FINANCIAL_CONTACT),
|
||||
.assignedRole(Role.CUSTOMER_FINANCIAL_CONTACT),
|
||||
new UserRoleAssignment().entityTypeId(givenEntityTypeId)
|
||||
.entityObjectId(givenEntityObjectId)
|
||||
.assignedRole(Role.TECHNICAL_CONTACT),
|
||||
.assignedRole(Role.CUSTOMER_TECHNICAL_CONTACT),
|
||||
new UserRoleAssignment().entityTypeId(givenEntityTypeId)
|
||||
.entityObjectId(3L)
|
||||
.assignedRole(Role.CONTRACTUAL_CONTACT)));
|
||||
.assignedRole(Role.CUSTOMER_CONTRACTUAL_CONTACT)));
|
||||
|
||||
// when
|
||||
final Set<Role> actual = userRoleAssignmentService
|
||||
.getEffectiveRoleOfCurrentUser(givenEntityTypeId, givenEntityObjectId);
|
||||
|
||||
// then
|
||||
assertThat(actual).containsExactlyInAnyOrder(Role.FINANCIAL_CONTACT, Role.TECHNICAL_CONTACT);
|
||||
assertThat(actual).containsExactlyInAnyOrder(Role.CUSTOMER_FINANCIAL_CONTACT, Role.CUSTOMER_TECHNICAL_CONTACT);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -56,13 +56,13 @@ public class JSonAccessFilterTestFixture {
|
||||
Long id;
|
||||
|
||||
@ParentId(resolver = GivenCustomerService.class)
|
||||
@AccessFor(init = ACTUAL_CUSTOMER_USER, update = ACTUAL_CUSTOMER_USER, read = ACTUAL_CUSTOMER_USER)
|
||||
@AccessFor(init = ANY_CUSTOMER_USER, update = ANY_CUSTOMER_USER, read = ANY_CUSTOMER_USER)
|
||||
Long customerId;
|
||||
|
||||
@AccessFor(
|
||||
init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT },
|
||||
update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT },
|
||||
read = { TECHNICAL_CONTACT, FINANCIAL_CONTACT })
|
||||
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
|
||||
update = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
|
||||
read = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT })
|
||||
String restrictedField;
|
||||
|
||||
@AccessFor(init = ANYBODY, update = ANYBODY, read = ANYBODY)
|
||||
@ -133,11 +133,18 @@ public class JSonAccessFilterTestFixture {
|
||||
@AccessFor(read = Role.ANY_CUSTOMER_USER)
|
||||
Long id;
|
||||
|
||||
@AccessFor(init = Role.CONTRACTUAL_CONTACT, update = Role.CONTRACTUAL_CONTACT, read = ACTUAL_CUSTOMER_USER)
|
||||
@AccessFor(
|
||||
init = Role.CUSTOMER_CONTRACTUAL_CONTACT,
|
||||
update = Role.CUSTOMER_CONTRACTUAL_CONTACT,
|
||||
read = ANY_CUSTOMER_USER)
|
||||
@ParentId(resolver = GivenService.class)
|
||||
Long parentId;
|
||||
|
||||
@AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
|
||||
update = {
|
||||
CUSTOMER_TECHNICAL_CONTACT,
|
||||
CUSTOMER_FINANCIAL_CONTACT })
|
||||
String restrictedField;
|
||||
|
||||
@Override
|
||||
@ -204,11 +211,18 @@ public class JSonAccessFilterTestFixture {
|
||||
@AccessFor(read = Role.ANY_CUSTOMER_USER)
|
||||
Long id;
|
||||
|
||||
@AccessFor(init = Role.CONTRACTUAL_CONTACT, update = Role.CONTRACTUAL_CONTACT, read = ACTUAL_CUSTOMER_USER)
|
||||
@AccessFor(
|
||||
init = Role.CUSTOMER_CONTRACTUAL_CONTACT,
|
||||
update = Role.CUSTOMER_CONTRACTUAL_CONTACT,
|
||||
read = ANY_CUSTOMER_USER)
|
||||
@ParentId(resolver = GivenParentService.class)
|
||||
GivenParent parent;
|
||||
|
||||
@AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT })
|
||||
@AccessFor(
|
||||
init = { CUSTOMER_TECHNICAL_CONTACT, CUSTOMER_FINANCIAL_CONTACT },
|
||||
update = {
|
||||
CUSTOMER_TECHNICAL_CONTACT,
|
||||
CUSTOMER_FINANCIAL_CONTACT })
|
||||
String restrictedField;
|
||||
|
||||
@Override
|
||||
|
||||
@ -83,7 +83,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
public void init() {
|
||||
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService)
|
||||
.havingAuthenticatedUser()
|
||||
.withRole(GivenDto.class, 1234L, Role.ACTUAL_CUSTOMER_USER);
|
||||
.withRole(GivenDto.class, 1234L, Role.ANY_CUSTOMER_USER);
|
||||
|
||||
given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory);
|
||||
given(autowireCapableBeanFactory.createBean(GivenService.class)).willReturn(givenService);
|
||||
@ -244,7 +244,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
public void shouldDeserializeStringFieldIfRequiredRoleIsCoveredByUser() throws IOException {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT);
|
||||
.withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
|
||||
givenJSonTree(
|
||||
asJSon(
|
||||
ImmutablePair.of("id", 1234L),
|
||||
@ -262,7 +262,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
public void shouldDeserializeUnchangedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT);
|
||||
.withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
|
||||
givenJSonTree(
|
||||
asJSon(
|
||||
ImmutablePair.of("id", 1234L),
|
||||
@ -320,7 +320,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
public void shouldNotCreateIfRoleRequiredByParentEntityIsNotCoveredByUser() throws IOException {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(GivenCustomerDto.class, 9999L, Role.CONTRACTUAL_CONTACT);
|
||||
.withRole(GivenCustomerDto.class, 9999L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
givenJSonTree(
|
||||
asJSon(
|
||||
ImmutablePair.of("parentId", 1234L)));
|
||||
@ -340,7 +340,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
public void shouldCreateIfRoleRequiredByReferencedEntityIsCoveredByUser() throws IOException {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(GivenCustomerDto.class, 888L, Role.CONTRACTUAL_CONTACT);
|
||||
.withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
givenJSonTree(
|
||||
asJSon(
|
||||
ImmutablePair.of("parentId", 1234L)));
|
||||
@ -357,7 +357,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
public void shouldResolveParentIdFromIdOfSerializedSubEntity() throws IOException {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(GivenParent.class, 1234L, Role.CONTRACTUAL_CONTACT);
|
||||
.withRole(GivenParent.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
givenJSonTree(
|
||||
asJSon(
|
||||
ImmutablePair.of(
|
||||
|
||||
@ -157,7 +157,7 @@ public class JSonSerializationWithAccessFilterUnitTest {
|
||||
public void shouldSerializeRestrictedFieldIfRequiredRoleIsCoveredByUser() throws IOException {
|
||||
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.CUSTOMER_FINANCIAL_CONTACT);
|
||||
|
||||
// when
|
||||
serialize(givenDTO);
|
||||
|
||||
@ -20,9 +20,9 @@ public class RoleUnitTest {
|
||||
assertThat(Role.ADMIN.covers(Role.ADMIN)).isTrue();
|
||||
assertThat(Role.SUPPORTER.covers(Role.SUPPORTER)).isTrue();
|
||||
|
||||
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isTrue();
|
||||
assertThat(Role.FINANCIAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isTrue();
|
||||
assertThat(Role.TECHNICAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isTrue();
|
||||
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isTrue();
|
||||
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
|
||||
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue();
|
||||
|
||||
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isTrue();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue();
|
||||
@ -35,22 +35,22 @@ public class RoleUnitTest {
|
||||
assertThat(Role.SUPPORTER.covers(Role.ADMIN)).isFalse();
|
||||
|
||||
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.SUPPORTER)).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse();
|
||||
assertThat(Role.FINANCIAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse();
|
||||
assertThat(Role.FINANCIAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isFalse();
|
||||
assertThat(Role.TECHNICAL_CONTACT.covers(Role.CONTRACTUAL_CONTACT)).isFalse();
|
||||
assertThat(Role.TECHNICAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
|
||||
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
|
||||
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isFalse();
|
||||
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_CONTRACTUAL_CONTACT)).isFalse();
|
||||
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isFalse();
|
||||
|
||||
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse();
|
||||
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CONTRACTUAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.TECHNICAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.FINANCIAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse();
|
||||
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ACTUAL_CUSTOMER_USER))).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_CONTACT))).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CONTRACTUAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.TECHNICAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.FINANCIAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_CONTRACTUAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_TECHNICAL_CONTACT))).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.CUSTOMER_FINANCIAL_CONTACT))).isFalse();
|
||||
|
||||
assertThat(Role.ANYBODY.covers((Role.ANY_CUSTOMER_USER))).isFalse();
|
||||
}
|
||||
@ -62,18 +62,20 @@ public class RoleUnitTest {
|
||||
|
||||
assertThat(Role.SUPPORTER.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
|
||||
|
||||
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
|
||||
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.FINANCIAL_CONTACT)).isTrue();
|
||||
assertThat(Role.CONTRACTUAL_CONTACT.covers(Role.TECHNICAL_CONTACT)).isTrue();
|
||||
assertThat(Role.TECHNICAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isTrue();
|
||||
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.ANY_CUSTOMER_CONTACT)).isTrue();
|
||||
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
|
||||
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.covers(Role.CUSTOMER_TECHNICAL_CONTACT)).isTrue();
|
||||
assertThat(Role.CUSTOMER_TECHNICAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isTrue();
|
||||
|
||||
assertThat(Role.ACTUAL_CUSTOMER_USER.covers((Role.ANY_CUSTOMER_USER))).isTrue();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.covers((Role.ANYBODY))).isTrue();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void financialContactShouldNotCoverAnyCustomersUsersRoleRequirement() {
|
||||
assertThat(Role.FINANCIAL_CONTACT.covers(Role.ACTUAL_CUSTOMER_USER)).isFalse();
|
||||
public void financialContactShouldNotCoverAnyOtherRealRoleRequirement() {
|
||||
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse();
|
||||
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ACTUAL_CUSTOMER_USER)).isFalse();
|
||||
assertThat(Role.CUSTOMER_FINANCIAL_CONTACT.covers(Role.ANY_CUSTOMER_USER)).isFalse();
|
||||
}
|
||||
|
||||
@Test
|
||||
@ -87,11 +89,16 @@ public class RoleUnitTest {
|
||||
|
||||
@Test
|
||||
public void coversAny() {
|
||||
assertThat(Role.HOSTMASTER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue();
|
||||
assertThat(Role.CONTRACTUAL_CONTACT.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue();
|
||||
assertThat(Role.FINANCIAL_CONTACT.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isTrue();
|
||||
assertThat(Role.HOSTMASTER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT)).isTrue();
|
||||
assertThat(
|
||||
Role.CUSTOMER_CONTRACTUAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
|
||||
.isTrue();
|
||||
assertThat(
|
||||
Role.CUSTOMER_FINANCIAL_CONTACT.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
|
||||
.isTrue();
|
||||
|
||||
assertThat(Role.ANY_CUSTOMER_USER.coversAny(Role.CONTRACTUAL_CONTACT, Role.FINANCIAL_CONTACT)).isFalse();
|
||||
assertThat(Role.ANY_CUSTOMER_USER.coversAny(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.CUSTOMER_FINANCIAL_CONTACT))
|
||||
.isFalse();
|
||||
|
||||
assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny())).isInstanceOf(VerifyException.class);
|
||||
assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny((Role[]) null))).isInstanceOf(VerifyException.class);
|
||||
@ -122,15 +129,16 @@ public class RoleUnitTest {
|
||||
assertThat(Role.HOSTMASTER.getAuthority()).hasValue(AuthoritiesConstants.HOSTMASTER);
|
||||
assertThat(Role.ADMIN.getAuthority()).hasValue(AuthoritiesConstants.ADMIN);
|
||||
assertThat(Role.SUPPORTER.getAuthority()).hasValue(AuthoritiesConstants.SUPPORTER);
|
||||
assertThat(Role.CONTRACTUAL_CONTACT.getAuthority()).isEmpty();
|
||||
assertThat(Role.CUSTOMER_CONTRACTUAL_CONTACT.getAuthority()).isEmpty();
|
||||
assertThat(Role.ANYBODY.getAuthority()).hasValue(AuthoritiesConstants.ANONYMOUS);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void isBroadest() {
|
||||
assertThat(Role.broadest(Role.HOSTMASTER, Role.CONTRACTUAL_CONTACT)).isEqualTo(Role.HOSTMASTER);
|
||||
assertThat(Role.broadest(Role.CONTRACTUAL_CONTACT, Role.HOSTMASTER)).isEqualTo(Role.HOSTMASTER);
|
||||
assertThat(Role.broadest(Role.CONTRACTUAL_CONTACT, Role.ANY_CUSTOMER_USER)).isEqualTo(Role.CONTRACTUAL_CONTACT);
|
||||
assertThat(Role.broadest(Role.HOSTMASTER, Role.CUSTOMER_CONTRACTUAL_CONTACT)).isEqualTo(Role.HOSTMASTER);
|
||||
assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.HOSTMASTER)).isEqualTo(Role.HOSTMASTER);
|
||||
assertThat(Role.broadest(Role.CUSTOMER_CONTRACTUAL_CONTACT, Role.ANY_CUSTOMER_USER))
|
||||
.isEqualTo(Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -129,7 +129,7 @@ public class AssetDTOIntTest {
|
||||
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
|
||||
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
|
||||
|
||||
final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID);
|
||||
|
||||
@ -158,7 +158,8 @@ public class AssetDTOIntTest {
|
||||
@Test
|
||||
public void shouldNotDeserializeForContractualCustomerContact() {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
final String json = new JSonBuilder()
|
||||
.withFieldValue("id", SOME_ASSET_ID)
|
||||
.withFieldValue("remark", "Updated Remark")
|
||||
@ -172,7 +173,7 @@ public class AssetDTOIntTest {
|
||||
BadRequestAlertException.class,
|
||||
bre -> assertThat(bre.getMessage())
|
||||
.isEqualTo(
|
||||
"Update of field AssetDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
|
||||
"Update of field AssetDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -33,9 +33,9 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase<AssetDTO> {
|
||||
|
||||
@Test
|
||||
public void shouldHaveProperAccessForContractualContact() {
|
||||
initAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(AssetDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
initAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(AssetDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
"id",
|
||||
"membershipId",
|
||||
"documentDate",
|
||||
@ -47,9 +47,9 @@ public class AssetDTOUnitTest extends AccessMappingsUnitTestBase<AssetDTO> {
|
||||
|
||||
@Test
|
||||
public void shouldHaveNoAccessForTechnicalContact() {
|
||||
initAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(AssetDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
initAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(AssetDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -76,7 +76,7 @@ public class CustomerDTOUnitTest {
|
||||
public void testSerializationAsContractualCustomerContact() throws JsonProcessingException {
|
||||
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CONTRACTUAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
CustomerDTO given = createSomeCustomerDTO(1234L);
|
||||
|
||||
// when
|
||||
@ -91,7 +91,7 @@ public class CustomerDTOUnitTest {
|
||||
public void testSerializationAsTechnicalCustomerUser() throws JsonProcessingException {
|
||||
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.TECHNICAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_TECHNICAL_CONTACT);
|
||||
CustomerDTO given = createSomeCustomerDTO(1234L);
|
||||
|
||||
// when
|
||||
@ -125,7 +125,7 @@ public class CustomerDTOUnitTest {
|
||||
@Test
|
||||
public void testDeserializeAsContractualCustomerContact() throws IOException {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CONTRACTUAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, 1234L, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
given(customerRepository.findById(1234L)).willReturn(Optional.of(new Customer().id(1234L)));
|
||||
String json = "{\"id\":1234,\"contractualSalutation\":\"Hallo Updated\",\"billingSalutation\":\"Moin Updated\"}";
|
||||
|
||||
|
||||
@ -111,7 +111,8 @@ public class MembershipDTOIntTest {
|
||||
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
|
||||
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
|
||||
final MembershipDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID);
|
||||
|
||||
// when
|
||||
@ -139,7 +140,8 @@ public class MembershipDTOIntTest {
|
||||
@Test
|
||||
public void shouldNotDeserializeForContractualCustomerContact() {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
final String json = new JSonBuilder()
|
||||
.withFieldValue("id", SOME_SEPA_MANDATE_ID)
|
||||
.withFieldValue("remark", "Updated Remark")
|
||||
@ -152,7 +154,7 @@ public class MembershipDTOIntTest {
|
||||
assertThat(actual).isInstanceOfSatisfying(
|
||||
BadRequestAlertException.class,
|
||||
bre -> assertThat(bre.getMessage()).isEqualTo(
|
||||
"Update of field MembershipDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
|
||||
"Update of field MembershipDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -40,9 +40,9 @@ public class MembershipDTOUnitTest extends AccessMappingsUnitTestBase<Membership
|
||||
|
||||
@Test
|
||||
public void shouldHaveProperAccessForContractualContact() {
|
||||
initAccessFor(MembershipDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(MembershipDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(MembershipDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
initAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(MembershipDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
"id",
|
||||
"admissionDocumentDate",
|
||||
"cancellationDocumentDate",
|
||||
@ -56,9 +56,9 @@ public class MembershipDTOUnitTest extends AccessMappingsUnitTestBase<Membership
|
||||
|
||||
@Test
|
||||
public void shouldHaveNoAccessForTechnicalContact() {
|
||||
initAccessFor(MembershipDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(MembershipDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(MembershipDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
initAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(MembershipDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -116,7 +116,8 @@ public class SepaMandateDTOIntTest {
|
||||
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
|
||||
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
|
||||
final SepaMandateDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID);
|
||||
|
||||
// when
|
||||
@ -144,7 +145,8 @@ public class SepaMandateDTOIntTest {
|
||||
@Test
|
||||
public void shouldNotDeserializeForContractualCustomerContact() {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
final String json = new JSonBuilder()
|
||||
.withFieldValue("id", SOME_SEPA_MANDATE_ID)
|
||||
.withFieldValue("remark", "Updated Remark")
|
||||
@ -157,7 +159,7 @@ public class SepaMandateDTOIntTest {
|
||||
assertThat(actual).isInstanceOfSatisfying(
|
||||
BadRequestAlertException.class,
|
||||
bre -> assertThat(bre.getMessage()).isEqualTo(
|
||||
"Update of field SepaMandateDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
|
||||
"Update of field SepaMandateDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -55,7 +55,7 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
|
||||
|
||||
@Test
|
||||
public void shouldHaveProperAccessForContractualContact() {
|
||||
initAccessFor(SepaMandateDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
initAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
"grantingDocumentDate",
|
||||
"bic",
|
||||
"validUntilDate",
|
||||
@ -63,10 +63,10 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
|
||||
"validFromDate",
|
||||
"iban",
|
||||
"reference");
|
||||
updateAccessFor(SepaMandateDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
updateAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
"validUntilDate",
|
||||
"revokationDocumentDate");
|
||||
readAccessFor(SepaMandateDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
readAccessFor(SepaMandateDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
"grantingDocumentDate",
|
||||
"bic",
|
||||
"id",
|
||||
@ -82,9 +82,9 @@ public class SepaMandateDTOUnitTest extends AccessMappingsUnitTestBase<SepaManda
|
||||
|
||||
@Test
|
||||
public void shouldHaveNoAccessForTechnicalContact() {
|
||||
initAccessFor(SepaMandateDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(SepaMandateDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(SepaMandateDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
initAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(SepaMandateDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -128,7 +128,8 @@ public class ShareDTOIntTest {
|
||||
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
|
||||
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_FINANCIAL_CONTACT);
|
||||
final ShareDTO given = createSomeShareDTO(SOME_SHARE_ID);
|
||||
|
||||
// when
|
||||
@ -156,7 +157,8 @@ public class ShareDTOIntTest {
|
||||
@Test
|
||||
public void shouldNotDeserializeForContractualCustomerContact() {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
final String json = new JSonBuilder()
|
||||
.withFieldValue("id", SOME_SHARE_ID)
|
||||
.withFieldValue("remark", "Updated Remark")
|
||||
@ -170,7 +172,7 @@ public class ShareDTOIntTest {
|
||||
BadRequestAlertException.class,
|
||||
bre -> assertThat(bre.getMessage())
|
||||
.isEqualTo(
|
||||
"Update of field ShareDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
|
||||
"Update of field ShareDTO.remark prohibited for current user role(s): CUSTOMER_CONTRACTUAL_CONTACT"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -32,9 +32,9 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase<ShareDTO> {
|
||||
|
||||
@Test
|
||||
public void shouldHaveProperAccessForContractualContact() {
|
||||
initAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(ShareDTO.class, Role.CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
initAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(ShareDTO.class, Role.CUSTOMER_CONTRACTUAL_CONTACT).shouldBeExactlyFor(
|
||||
"id",
|
||||
"membershipId",
|
||||
"documentDate",
|
||||
@ -46,9 +46,9 @@ public class ShareDTOUnitTest extends AccessMappingsUnitTestBase<ShareDTO> {
|
||||
|
||||
@Test
|
||||
public void shouldHaveNoAccessForTechnicalContact() {
|
||||
initAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(ShareDTO.class, Role.TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
initAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
updateAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
readAccessFor(ShareDTO.class, Role.CUSTOMER_TECHNICAL_CONTACT).shouldBeForNothing();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -75,7 +75,7 @@ public class UserRoleAssignmentUnitTest {
|
||||
public void testSerializationAsContractualCustomerContact() throws JsonProcessingException {
|
||||
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, CUSTOMER_ID, Role.CONTRACTUAL_CONTACT);
|
||||
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, CUSTOMER_ID, Role.CUSTOMER_CONTRACTUAL_CONTACT);
|
||||
UserRoleAssignment given = createSomeUserRoleAssignment(USER_ROLE_ASSIGNMENT_ID);
|
||||
|
||||
// when
|
||||
@ -115,7 +115,7 @@ public class UserRoleAssignmentUnitTest {
|
||||
"user",
|
||||
JSonBuilder.asJSon(
|
||||
of("id", USER_ID))),
|
||||
of("assignedRole", Role.TECHNICAL_CONTACT.name()));
|
||||
of("assignedRole", Role.CUSTOMER_TECHNICAL_CONTACT.name()));
|
||||
|
||||
// when
|
||||
UserRoleAssignment actual = objectMapper.readValue(json, UserRoleAssignment.class);
|
||||
@ -125,7 +125,7 @@ public class UserRoleAssignmentUnitTest {
|
||||
expected.setId(USER_ROLE_ASSIGNMENT_ID);
|
||||
expected.setEntityTypeId(Customer.ENTITY_TYPE_ID);
|
||||
expected.setEntityObjectId(CUSTOMER_ID);
|
||||
expected.setAssignedRole(Role.TECHNICAL_CONTACT);
|
||||
expected.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT);
|
||||
expected.setUser(expectedUser);
|
||||
assertThat(actual).isEqualToComparingFieldByField(expected);
|
||||
}
|
||||
@ -148,7 +148,7 @@ public class UserRoleAssignmentUnitTest {
|
||||
given.setEntityTypeId(Customer.ENTITY_TYPE_ID);
|
||||
given.setEntityObjectId(CUSTOMER_ID);
|
||||
given.setUser(new User().id(USER_ID));
|
||||
given.setAssignedRole(Role.TECHNICAL_CONTACT);
|
||||
given.setAssignedRole(Role.CUSTOMER_TECHNICAL_CONTACT);
|
||||
return given;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user