From 8529ec9949610fbf5f5a622f4391d53c86641637 Mon Sep 17 00:00:00 2001
From: Michael Hoennig <michael@hoennig.de>
Date: Fri, 12 Aug 2022 18:00:15 +0200
Subject: [PATCH] findByRoleName

---
 .../rbac/rbacrole/RbacRoleRepository.java     |  2 +
 .../RbacRoleRepositoryIntegrationTest.java    | 47 ++++++++++++++-----
 2 files changed, 37 insertions(+), 12 deletions(-)

diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepository.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepository.java
index abe6738c..5d13f4db 100644
--- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepository.java
+++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepository.java
@@ -13,4 +13,6 @@ public interface RbacRoleRepository extends Repository<RbacRoleEntity, UUID> {
      * @return all entities
      */
     List<RbacRoleEntity> findAll();
+
+    RbacRoleEntity findByRoleName(String roleName);
 }
diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepositoryIntegrationTest.java
index 3a6492f6..979cfdc1 100644
--- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepositoryIntegrationTest.java
+++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepositoryIntegrationTest.java
@@ -8,10 +8,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.orm.jpa.JpaSystemException;
+import org.springframework.test.annotation.DirtiesContext;
 
 import javax.persistence.EntityManager;
-import javax.transaction.Transactional;
-
 import java.util.List;
 
 import static net.hostsharing.test.JpaAttempt.attempt;
@@ -19,6 +18,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 
 @DataJpaTest
 @ComponentScan(basePackageClasses = { Context.class, RbacRoleRepository.class })
+@DirtiesContext
 class RbacRoleRepositoryIntegrationTest {
 
     @Autowired
@@ -76,7 +76,7 @@ class RbacRoleRepositoryIntegrationTest {
         }
 
         @Test
-        public void RbacRoleAdmin_withoutAssumedRole_canViewOnlyItsOwnRbacRole() {
+        public void customerAdmin_withoutAssumedRole_canViewOnlyItsOwnRbacRole() {
             // given:
             currentUser("admin@aaa.example.com");
 
@@ -96,7 +96,7 @@ class RbacRoleRepositoryIntegrationTest {
         }
 
         @Test
-        public void RbacRoleAdmin_withAssumedOwnedPackageAdminRole_canViewOnlyItsOwnRbacRole() {
+        public void customerAdmin_withAssumedOwnedPackageAdminRole_canViewOnlyItsOwnRbacRole() {
             currentUser("admin@aaa.example.com");
             assumedRoles("package#aaa00.admin");
 
@@ -106,18 +106,18 @@ class RbacRoleRepositoryIntegrationTest {
         }
 
         @Test
-        public void RbacRoleAdmin_withAssumedAlienPackageAdminRole_cannotViewAnyRbacRole() {
+        public void customerAdmin_withAssumedAlienPackageAdminRole_cannotViewAnyRbacRole() {
             // given:
             currentUser("admin@aaa.example.com");
             assumedRoles("package#aab00.admin");
 
             // when
-            final var attempt = attempt(
+            final var result = attempt(
                 em,
                 () -> rbacRoleRepository.findAll());
 
             // then
-            attempt.assertExceptionWithRootCauseMessage(
+            result.assertExceptionWithRootCauseMessage(
                 JpaSystemException.class,
                 "[403] user admin@aaa.example.com", "has no permission to assume role package#aab00#admin");
         }
@@ -126,30 +126,53 @@ class RbacRoleRepositoryIntegrationTest {
         void unknownUser_withoutAssumedRole_cannotViewAnyRbacRoles() {
             currentUser("unknown@example.org");
 
-            final var attempt = attempt(
+            final var result = attempt(
                 em,
                 () -> rbacRoleRepository.findAll());
 
-            attempt.assertExceptionWithRootCauseMessage(
+            result.assertExceptionWithRootCauseMessage(
                 JpaSystemException.class,
                 "hsadminng.currentUser defined as unknown@example.org, but does not exists");
         }
 
         @Test
-        @Transactional
         void unknownUser_withAssumedRbacRoleRole_cannotViewAnyRbacRoles() {
             currentUser("unknown@example.org");
             assumedRoles("RbacRole#aaa.admin");
 
-            final var attempt = attempt(
+            final var result = attempt(
                 em,
                 () -> rbacRoleRepository.findAll());
 
-            attempt.assertExceptionWithRootCauseMessage(
+            result.assertExceptionWithRootCauseMessage(
                 JpaSystemException.class,
                 "hsadminng.currentUser defined as unknown@example.org, but does not exists");
         }
+    }
 
+    @Nested
+    class FindByName {
+
+        @Test
+        void customerAdmin_withoutAssumedRole_canFindItsOwnRolesByName() {
+            currentUser("admin@aaa.example.com");
+
+            final var result = rbacRoleRepository.findByRoleName("customer#aaa.admin");
+
+            assertThat(result).isNotNull();
+            assertThat(result.getObjectTable()).isEqualTo("customer");
+            assertThat(result.getObjectIdName()).isEqualTo("aaa");
+            assertThat(result.getRoleType()).isEqualTo(RbacRoleType.admin);
+        }
+
+        @Test
+        void customerAdmin_withoutAssumedRole_canNotFindAlienRolesByName() {
+            currentUser("admin@aaa.example.com");
+
+            final var result = rbacRoleRepository.findByRoleName("customer#bbb.admin");
+
+            assertThat(result).isNull();
+        }
     }
 
     void currentUser(final String currentUser) {