hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 3 Activity

always use role+grant names in create+delete role+grants tests

Browse Source
This commit is contained in:
Michael Hoennig 2022-09-13 14:17:30 +02:00
parent 4e90f53bf3
commit 8041553734
3 changed files with 59 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepository.java
View File

@ -21,7 +21,7 @@ public interface HsOfficeContactRepository extends Repository<HsOfficeContactEnt
HsOfficeContactEntity save(final HsOfficeContactEntity entity); HsOfficeContactEntity save(final HsOfficeContactEntity entity);
void deleteByUuid(final UUID uuid); int deleteByUuid(final UUID uuid);
long count(); long count();
} }

68
src/test/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepositoryIntegrationTest.java
View File

@ -2,8 +2,8 @@ package net.hostsharing.hsadminng.hs.office.contact;
import net.hostsharing.hsadminng.context.Context; import net.hostsharing.hsadminng.context.Context;
import net.hostsharing.hsadminng.context.ContextBasedTest; import net.hostsharing.hsadminng.context.ContextBasedTest;
import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantRepository; import net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantRepository;
import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleRepository; import net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleRepository;
import net.hostsharing.test.Array; import net.hostsharing.test.Array;
import net.hostsharing.test.JpaAttempt; import net.hostsharing.test.JpaAttempt;
import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.AfterEach;
@ -23,8 +23,8 @@ import java.util.List;
import java.util.function.Supplier; import java.util.function.Supplier;
import static net.hostsharing.hsadminng.hs.office.contact.TestHsOfficeContact.hsOfficeContact; import static net.hostsharing.hsadminng.hs.office.contact.TestHsOfficeContact.hsOfficeContact;
import static net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantDisplayExtractor.grantDisplaysOf; import static net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantDisplayExtractor.grantDisplaysOf;
import static net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleNameExtractor.roleNamesOf; import static net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleNameExtractor.roleNamesOf;
import static net.hostsharing.test.JpaAttempt.attempt; import static net.hostsharing.test.JpaAttempt.attempt;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assumptions.assumeThat; import static org.assertj.core.api.Assumptions.assumeThat;
@ -38,10 +38,10 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
HsOfficeContactRepository contactRepo; HsOfficeContactRepository contactRepo;
@Autowired @Autowired
RbacRoleRepository roleRepo; RawRbacRoleRepository rawRoleRepo;
@Autowired @Autowired
RbacGrantRepository grantRepo; RawRbacGrantRepository rawGrantRepo;
@Autowired @Autowired
EntityManager em; EntityManager em;
@ -97,9 +97,8 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
public void createsAndGrantsRoles() { public void createsAndGrantsRoles() {
// given // given
context("drew@hostsharing.org"); context("drew@hostsharing.org");
final var count = contactRepo.count(); final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
final var initialRoleNames = roleNamesOf(roleRepo.findAll()); final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
final var initialGrantCount = grantRepo.findAll().size();
// when // when
attempt(em, () -> contactRepo.save( attempt(em, () -> contactRepo.save(
@ -107,18 +106,23 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
).assumeSuccessful(); ).assumeSuccessful();
// then // then
final var roles = roleRepo.findAll(); final var roles = rawRoleRepo.findAll();
assertThat(roleNamesOf(roles)).containsExactlyInAnyOrder( assertThat(roleNamesOf(roles)).containsExactlyInAnyOrder(Array.from(
Array.from(
initialRoleNames, initialRoleNames,
"hs_office_contact#anothernewcontact.owner", "hs_office_contact#anothernewcontact.owner",
"hs_office_contact#anothernewcontact.admin", "hs_office_contact#anothernewcontact.admin",
"hs_office_contact#anothernewcontact.tenant")); "hs_office_contact#anothernewcontact.tenant"
final var grants = grantRepo.findAll(); ));
assertThat(grantDisplaysOf(grants)).containsAll(List.of( assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsExactlyInAnyOrder(Array.from(
"{ grant assumed role hs_office_contact#anothernewcontact.owner to user drew@hostsharing.org by role global#global.admin }")); initialGrantNames,
assertThat(grants.size()).as("invalid number of grants created") "{ grant role hs_office_contact#anothernewcontact.owner to role global#global.admin by system and assume }",
.isEqualTo(initialGrantCount + 1); "{ grant perm edit on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.admin by system and assume }",
"{ grant role hs_office_contact#anothernewcontact.tenant to role hs_office_contact#anothernewcontact.admin by system and assume }",
"{ grant perm * on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.owner by system and assume }",
"{ grant role hs_office_contact#anothernewcontact.admin to role hs_office_contact#anothernewcontact.owner by system and assume }",
"{ grant perm view on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.tenant by system and assume }",
"{ grant role hs_office_contact#anothernewcontact.owner to user drew@hostsharing.org by global#global.admin and assume }"
));
} }
private void assertThatContactIsPersisted(final HsOfficeContactEntity saved) { private void assertThatContactIsPersisted(final HsOfficeContactEntity saved) {
@ -231,25 +235,29 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
public void deletingAContactAlsoDeletesRelatedRolesAndGrants() { public void deletingAContactAlsoDeletesRelatedRolesAndGrants() {
// given // given
context("drew@hostsharing.org", null); context("drew@hostsharing.org", null);
final var initialRoleCount = roleRepo.findAll().size(); final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
final var initialGrantCount = grantRepo.findAll().size(); final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
final var givenContact = givenSomeTemporaryContact("drew@hostsharing.org"); final var givenContact = givenSomeTemporaryContact("drew@hostsharing.org");
assumeThat(roleRepo.findAll().size()).as("unexpected number of roles created") assumeThat(rawRoleRepo.findAll().size()).as("unexpected number of roles created")
.isEqualTo(initialRoleCount + 2); .isEqualTo(initialRoleNames.size() + 3);
assumeThat(grantRepo.findAll().size()).as("unexpected number of grants created") assumeThat(rawGrantRepo.findAll().size()).as("unexpected number of grants created")
.isEqualTo(initialGrantCount + 1); .isEqualTo(initialGrantNames.size() + 7);
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("drew@hostsharing.org", null); context("drew@hostsharing.org", null);
contactRepo.deleteByUuid(givenContact.getUuid()); return contactRepo.deleteByUuid(givenContact.getUuid());
}).assumeSuccessful(); });
// then // then
assertThat(roleRepo.findAll().size()).as("invalid number of roles deleted") result.assertSuccessful();
.isEqualTo(initialRoleCount); assertThat(result.returnedValue()).isEqualTo(1);
assertThat(grantRepo.findAll().size()).as("invalid number of grants revoked") assertThat(roleNamesOf(rawRoleRepo.findAll())).containsExactlyInAnyOrder(Array.from(
.isEqualTo(initialGrantCount); initialRoleNames
));
assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsExactlyInAnyOrder(Array.from(
initialGrantNames
));
} }
} }

31
src/test/java/net/hostsharing/hsadminng/hs/office/partner/HsOfficePartnerRepositoryIntegrationTest.java
View File

@ -96,8 +96,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
// given // given
context("alex@hostsharing.net"); context("alex@hostsharing.net");
final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll()); final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
final var initialGrantCount = rawGrantRepo.findAll().size(); final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
final var initialGrantsDisplayNames = grantDisplaysOf(rawGrantRepo.findAll()); // TODO
// when // when
attempt(em, () -> { attempt(em, () -> {
@ -117,7 +116,8 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
"hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin", "hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin",
"hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner", "hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner",
"hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant")); "hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant"));
assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsAll(List.of( assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsExactlyInAnyOrder(Array.from(
initialGrantNames,
"{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner to role global#global.admin by system and assume }", "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner to role global#global.admin by system and assume }",
"{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_contact#forthcontact.admin by system and assume }", "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_contact#forthcontact.admin by system and assume }",
"{ grant perm edit on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin by system and assume }", "{ grant perm edit on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin by system and assume }",
@ -127,8 +127,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
"{ grant perm view on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }", "{ grant perm view on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }",
"{ grant role hs_office_contact#forthcontact.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }", "{ grant role hs_office_contact#forthcontact.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }",
"{ grant role hs_office_person#ErbenBesslerMelBessler.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }", "{ grant role hs_office_person#ErbenBesslerMelBessler.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }",
"{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_person#ErbenBesslerMelBessler.admin by system and assume }")) "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_person#ErbenBesslerMelBessler.admin by system and assume }"));
.as("invalid number of grants created").hasSize(initialGrantCount + 10);
} }
private void assertThatPartnerIsPersisted(final HsOfficePartnerEntity saved) { private void assertThatPartnerIsPersisted(final HsOfficePartnerEntity saved) {
@ -243,30 +242,14 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("alex@hostsharing.net"); context("alex@hostsharing.net");
partnerRepo.deleteByUuid(givenPartner.getUuid()); return partnerRepo.deleteByUuid(givenPartner.getUuid());
}); });
// then // then
result.assertSuccessful(); result.assertSuccessful();
jpaAttempt.transacted(() -> { assertThat(result.returnedValue()).isEqualTo(1);
final var remainingPartner = em.createNativeQuery("select p.uuid from hs_office_partner p where p.uuid=?1")
.setParameter(1, givenPartner.getUuid()).getResultList();
assertThat(remainingPartner).isEmpty();
final var remainingObject = em.createNativeQuery("select o.uuid from RbacObject o where o.uuid=?1")
.setParameter(1, givenPartner.getUuid())
.getResultList();
assertThat(remainingObject).isEmpty();
assertThat(roleNamesOf(rawRoleRepo.findAll())).containsExactlyInAnyOrder(initialRoleNames); assertThat(roleNamesOf(rawRoleRepo.findAll())).containsExactlyInAnyOrder(initialRoleNames);
assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsExactlyInAnyOrder(initialGrantNames);
context("customer-admin@forthcontact.example.com");
assertThat(grantDisplaysOf(rawGrantRepo.findAll())).doesNotContain(
"{ grant assumed role hs_office_contact#forthcontact.owner to user customer-admin@forthcontact.example.com by role global#global.admin }");
context("person-ErbenBesslerMelBessler@example.com");
assertThat(grantDisplaysOf(rawGrantRepo.findAll())).doesNotContain(
"{ grant assumed role hs_office_person#ErbenBesslerMelBessler.owner to user person-ErbenBesslerMelBessl@example.com by role global#global.admin }");
}).assertSuccessful();
} }
} }