WIP trying to fix Debitor RBAC system
This commit is contained in:
parent
bbcef53b87
commit
7fab1186ed
@ -62,6 +62,7 @@ public class HsOfficeDebitorController implements HsOfficeDebitorsApi {
|
|||||||
final var entityToSave = mapper.map(body, HsOfficeDebitorEntity.class);
|
final var entityToSave = mapper.map(body, HsOfficeDebitorEntity.class);
|
||||||
|
|
||||||
final var saved = debitorRepo.save(entityToSave);
|
final var saved = debitorRepo.save(entityToSave);
|
||||||
|
em.flush(); // FIXME: remove
|
||||||
|
|
||||||
final var uri =
|
final var uri =
|
||||||
MvcUriComponentsBuilder.fromController(getClass())
|
MvcUriComponentsBuilder.fromController(getClass())
|
||||||
|
@ -300,15 +300,17 @@ create or replace function getRoleId(roleDescriptor RbacRoleDescriptor, whenNotE
|
|||||||
declare
|
declare
|
||||||
roleUuid uuid;
|
roleUuid uuid;
|
||||||
begin
|
begin
|
||||||
roleUuid = findRoleId(roleDescriptor);
|
roleUuid := findRoleId(roleDescriptor);
|
||||||
|
assert roleUuid is not null, 'roleUuid must not be null'; -- FIXME: remove
|
||||||
if (roleUuid is null) then
|
if (roleUuid is null) then
|
||||||
if (whenNotExists = 'fail') then
|
if (whenNotExists = 'fail') then
|
||||||
raise exception 'RbacRole "%#%.%" not found', roleDescriptor.objectTable, roleDescriptor.objectUuid, roleDescriptor.roleType;
|
raise exception 'RbacRole "%#%.%" not found', roleDescriptor.objectTable, roleDescriptor.objectUuid, roleDescriptor.roleType;
|
||||||
end if;
|
end if;
|
||||||
if (whenNotExists = 'create') then
|
if (whenNotExists = 'create') then
|
||||||
roleUuid = createRole(roleDescriptor);
|
roleUuid := createRole(roleDescriptor);
|
||||||
end if;
|
end if;
|
||||||
end if;
|
end if;
|
||||||
|
assert roleUuid is not null, 'roleUuid must not be null'; -- FIXME: remove
|
||||||
return roleUuid;
|
return roleUuid;
|
||||||
end;
|
end;
|
||||||
$$;
|
$$;
|
||||||
|
@ -47,13 +47,14 @@ begin
|
|||||||
|
|
||||||
foreach superRoleDesc in array incomingSuperRoles
|
foreach superRoleDesc in array incomingSuperRoles
|
||||||
loop
|
loop
|
||||||
superRoleUuid = getRoleId(superRoleDesc, 'fail');
|
superRoleUuid := getRoleId(superRoleDesc, 'fail');
|
||||||
call grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed);
|
call grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed);
|
||||||
end loop;
|
end loop;
|
||||||
|
|
||||||
foreach subRoleDesc in array outgoingSubRoles
|
foreach subRoleDesc in array outgoingSubRoles
|
||||||
loop
|
loop
|
||||||
subRoleUuid = getRoleId(subRoleDesc, 'fail');
|
subRoleUuid := getRoleId(subRoleDesc, 'fail');
|
||||||
|
assert subRoleUuid is not null, 'subRoleUuid must not be null'; -- FIXME: remove
|
||||||
call grantRoleToRole(subRoleUuid, roleUuid, subRoleDesc.assumed);
|
call grantRoleToRole(subRoleUuid, roleUuid, subRoleDesc.assumed);
|
||||||
end loop;
|
end loop;
|
||||||
|
|
||||||
|
@ -145,8 +145,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Nested
|
@Nested
|
||||||
@Accepts({ "Debitor:C(Create)" })
|
class AddDebitor {
|
||||||
class CreateDebitor {
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void globalAdmin_withoutAssumedRole_canAddDebitorWithBankAccount() {
|
void globalAdmin_withoutAssumedRole_canAddDebitorWithBankAccount() {
|
||||||
|
Loading…
Reference in New Issue
Block a user