implements HsOfficeContactController
This commit is contained in:
parent
44eb59c918
commit
863f0e2811
@ -95,11 +95,11 @@ public class Context {
|
||||
.getSingleResult();
|
||||
}
|
||||
|
||||
private static String getCallerMethodNameFromStack() {
|
||||
public static String getCallerMethodNameFromStackFrame(final int skipFrames) {
|
||||
final Optional<StackWalker.StackFrame> caller =
|
||||
StackWalker.getInstance(StackWalker.Option.RETAIN_CLASS_REFERENCE)
|
||||
.walk(frames -> frames
|
||||
.skip(2)
|
||||
.skip(skipFrames)
|
||||
.filter(c -> c.getDeclaringClass() != Context.class)
|
||||
.filter(c -> c.getDeclaringClass()
|
||||
.getPackageName()
|
||||
@ -115,7 +115,7 @@ public class Context {
|
||||
if (isRequestScopeAvailable()) {
|
||||
return request.getMethod() + " " + request.getRequestURI();
|
||||
} else {
|
||||
return getCallerMethodNameFromStack();
|
||||
return getCallerMethodNameFromStackFrame(2);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -0,0 +1,117 @@
|
||||
package net.hostsharing.hsadminng.hs.office.contact;
|
||||
|
||||
import net.hostsharing.hsadminng.Mapper;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.hs.office.generated.api.v1.api.HsOfficeContactsApi;
|
||||
import net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeContactInsertResource;
|
||||
import net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeContactPatchResource;
|
||||
import net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeContactResource;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.servlet.mvc.method.annotation.MvcUriComponentsBuilder;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
|
||||
import static net.hostsharing.hsadminng.Mapper.map;
|
||||
|
||||
@RestController
|
||||
|
||||
public class HsOfficeContactController implements HsOfficeContactsApi {
|
||||
|
||||
@Autowired
|
||||
private Context context;
|
||||
|
||||
@Autowired
|
||||
private HsOfficeContactRepository contactRepo;
|
||||
|
||||
@Override
|
||||
@Transactional(readOnly = true)
|
||||
public ResponseEntity<List<HsOfficeContactResource>> listContacts(
|
||||
final String currentUser,
|
||||
final String assumedRoles,
|
||||
final String label) {
|
||||
context.define(currentUser, assumedRoles);
|
||||
|
||||
final var entities = contactRepo.findContactByOptionalLabelLike(label);
|
||||
|
||||
final var resources = Mapper.mapList(entities, HsOfficeContactResource.class);
|
||||
return ResponseEntity.ok(resources);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public ResponseEntity<HsOfficeContactResource> addContact(
|
||||
final String currentUser,
|
||||
final String assumedRoles,
|
||||
final HsOfficeContactInsertResource body) {
|
||||
|
||||
context.define(currentUser, assumedRoles);
|
||||
|
||||
final var entityToSave = map(body, HsOfficeContactEntity.class);
|
||||
entityToSave.setUuid(UUID.randomUUID());
|
||||
|
||||
final var saved = contactRepo.save(entityToSave);
|
||||
|
||||
final var uri =
|
||||
MvcUriComponentsBuilder.fromController(getClass())
|
||||
.path("/api/hs/office/contacts/{id}")
|
||||
.buildAndExpand(entityToSave.getUuid())
|
||||
.toUri();
|
||||
final var mapped = map(saved, HsOfficeContactResource.class);
|
||||
return ResponseEntity.created(uri).body(mapped);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(readOnly = true)
|
||||
public ResponseEntity<HsOfficeContactResource> getContactByUuid(
|
||||
final String currentUser,
|
||||
final String assumedRoles,
|
||||
final UUID contactUuid) {
|
||||
|
||||
context.define(currentUser, assumedRoles);
|
||||
|
||||
final var result = contactRepo.findByUuid(contactUuid);
|
||||
if (result.isEmpty()) {
|
||||
return ResponseEntity.notFound().build();
|
||||
}
|
||||
return ResponseEntity.ok(map(result.get(), HsOfficeContactResource.class));
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public ResponseEntity<Void> deleteContactByUuid(
|
||||
final String currentUser,
|
||||
final String assumedRoles,
|
||||
final UUID contactUuid) {
|
||||
context.define(currentUser, assumedRoles);
|
||||
|
||||
final var result = contactRepo.deleteByUuid(contactUuid);
|
||||
if (result == 0) {
|
||||
return ResponseEntity.notFound().build();
|
||||
}
|
||||
|
||||
return ResponseEntity.noContent().build();
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public ResponseEntity<HsOfficeContactResource> patchContact(
|
||||
final String currentUser,
|
||||
final String assumedRoles,
|
||||
final UUID contactUuid,
|
||||
final HsOfficeContactPatchResource body) {
|
||||
|
||||
context.define(currentUser, assumedRoles);
|
||||
|
||||
final var current = contactRepo.findByUuid(contactUuid).orElseThrow();
|
||||
|
||||
new HsOfficeContactEntityPatch(current).apply(body);
|
||||
|
||||
final var saved = contactRepo.save(current);
|
||||
final var mapped = map(saved, HsOfficeContactResource.class);
|
||||
return ResponseEntity.ok(mapped);
|
||||
}
|
||||
}
|
@ -0,0 +1,20 @@
|
||||
package net.hostsharing.hsadminng.hs.office.contact;
|
||||
|
||||
import net.hostsharing.hsadminng.OptionalFromJson;
|
||||
import net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeContactPatchResource;
|
||||
|
||||
class HsOfficeContactEntityPatch {
|
||||
|
||||
private final HsOfficeContactEntity entity;
|
||||
|
||||
HsOfficeContactEntityPatch(final HsOfficeContactEntity entity) {
|
||||
this.entity = entity;
|
||||
}
|
||||
|
||||
void apply(final HsOfficeContactPatchResource resource) {
|
||||
OptionalFromJson.of(resource.getLabel()).ifPresent(entity::setLabel);
|
||||
OptionalFromJson.of(resource.getPostalAddress()).ifPresent(entity::setPostalAddress);
|
||||
OptionalFromJson.of(resource.getEmailAddresses()).ifPresent(entity::setEmailAddresses);
|
||||
OptionalFromJson.of(resource.getPhoneNumbers()).ifPresent(entity::setPhoneNumbers);
|
||||
}
|
||||
}
|
@ -14,3 +14,5 @@ map:
|
||||
paths:
|
||||
/api/hs/office/partners/{partnerUUID}:
|
||||
null: org.openapitools.jackson.nullable.JsonNullable
|
||||
/api/hs/office/contacts/{contactUUID}:
|
||||
null: org.openapitools.jackson.nullable.JsonNullable
|
||||
|
@ -3,7 +3,22 @@ components:
|
||||
|
||||
schemas:
|
||||
|
||||
HsOfficeContactBase:
|
||||
HsOfficeContact:
|
||||
type: object
|
||||
properties:
|
||||
uuid:
|
||||
type: string
|
||||
format: uuid
|
||||
label:
|
||||
type: string
|
||||
postalAddress:
|
||||
type: string
|
||||
emailAddresses:
|
||||
type: string
|
||||
phoneNumbers:
|
||||
type: string
|
||||
|
||||
HsOfficeContactInsert:
|
||||
type: object
|
||||
properties:
|
||||
label:
|
||||
@ -14,15 +29,21 @@ components:
|
||||
type: string
|
||||
phoneNumbers:
|
||||
type: string
|
||||
required:
|
||||
- label
|
||||
|
||||
HsOfficeContact:
|
||||
allOf:
|
||||
- type: object
|
||||
HsOfficeContactPatch:
|
||||
type: object
|
||||
properties:
|
||||
uuid:
|
||||
label:
|
||||
type: string
|
||||
format: uuid
|
||||
- $ref: '#/components/schemas/HsOfficeContactBase'
|
||||
|
||||
HsOfficeContactUpdate:
|
||||
$ref: '#/components/schemas/HsOfficeContactBase'
|
||||
nullable: true
|
||||
postalAddress:
|
||||
type: string
|
||||
nullable: true
|
||||
emailAddresses:
|
||||
type: string
|
||||
nullable: true
|
||||
phoneNumbers:
|
||||
type: string
|
||||
nullable: true
|
||||
|
@ -0,0 +1,83 @@
|
||||
get:
|
||||
tags:
|
||||
- hs-office-contacts
|
||||
description: 'Fetch a single business contact by its uuid, if visible for the current subject.'
|
||||
operationId: getContactByUuid
|
||||
parameters:
|
||||
- $ref: './auth.yaml#/components/parameters/currentUser'
|
||||
- $ref: './auth.yaml#/components/parameters/assumedRoles'
|
||||
- name: contactUUID
|
||||
in: path
|
||||
required: true
|
||||
schema:
|
||||
type: string
|
||||
format: uuid
|
||||
description: UUID of the contact to fetch.
|
||||
responses:
|
||||
"200":
|
||||
description: OK
|
||||
content:
|
||||
'application/json':
|
||||
schema:
|
||||
$ref: './hs-office-contact-schemas.yaml#/components/schemas/HsOfficeContact'
|
||||
|
||||
"401":
|
||||
$ref: './error-responses.yaml#/components/responses/Unauthorized'
|
||||
"403":
|
||||
$ref: './error-responses.yaml#/components/responses/Forbidden'
|
||||
|
||||
patch:
|
||||
tags:
|
||||
- hs-office-contacts
|
||||
description: 'Updates a single business contact by its uuid, if permitted for the current subject.'
|
||||
operationId: patchContact
|
||||
parameters:
|
||||
- $ref: './auth.yaml#/components/parameters/currentUser'
|
||||
- $ref: './auth.yaml#/components/parameters/assumedRoles'
|
||||
- name: contactUUID
|
||||
in: path
|
||||
required: true
|
||||
schema:
|
||||
type: string
|
||||
format: uuid
|
||||
requestBody:
|
||||
content:
|
||||
'application/json':
|
||||
schema:
|
||||
$ref: './hs-office-contact-schemas.yaml#/components/schemas/HsOfficeContactPatch'
|
||||
responses:
|
||||
"200":
|
||||
description: OK
|
||||
content:
|
||||
'application/json':
|
||||
schema:
|
||||
$ref: './hs-office-contact-schemas.yaml#/components/schemas/HsOfficeContact'
|
||||
"401":
|
||||
$ref: './error-responses.yaml#/components/responses/Unauthorized'
|
||||
"403":
|
||||
$ref: './error-responses.yaml#/components/responses/Forbidden'
|
||||
|
||||
delete:
|
||||
tags:
|
||||
- hs-office-contacts
|
||||
description: 'Delete a single business contact by its uuid, if permitted for the current subject.'
|
||||
operationId: deleteContactByUuid
|
||||
parameters:
|
||||
- $ref: './auth.yaml#/components/parameters/currentUser'
|
||||
- $ref: './auth.yaml#/components/parameters/assumedRoles'
|
||||
- name: contactUUID
|
||||
in: path
|
||||
required: true
|
||||
schema:
|
||||
type: string
|
||||
format: uuid
|
||||
description: UUID of the contact to delete.
|
||||
responses:
|
||||
"204":
|
||||
description: No Content
|
||||
"401":
|
||||
$ref: './error-responses.yaml#/components/responses/Unauthorized'
|
||||
"403":
|
||||
$ref: './error-responses.yaml#/components/responses/Forbidden'
|
||||
"404":
|
||||
$ref: './error-responses.yaml#/components/responses/NotFound'
|
@ -0,0 +1,56 @@
|
||||
get:
|
||||
summary: Returns a list of (optionally filtered) contacts.
|
||||
description: Returns the list of (optionally filtered) contacts which are visible to the current user or any of it's assumed roles.
|
||||
tags:
|
||||
- hs-office-contacts
|
||||
operationId: listContacts
|
||||
parameters:
|
||||
- $ref: './auth.yaml#/components/parameters/currentUser'
|
||||
- $ref: './auth.yaml#/components/parameters/assumedRoles'
|
||||
- name: name
|
||||
in: query
|
||||
required: false
|
||||
schema:
|
||||
type: string
|
||||
description: Prefix of label to filter the results.
|
||||
responses:
|
||||
"200":
|
||||
description: OK
|
||||
content:
|
||||
'application/json':
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
$ref: './hs-office-contact-schemas.yaml#/components/schemas/HsOfficeContact'
|
||||
"401":
|
||||
$ref: './error-responses.yaml#/components/responses/Unauthorized'
|
||||
"403":
|
||||
$ref: './error-responses.yaml#/components/responses/Forbidden'
|
||||
|
||||
post:
|
||||
summary: Adds a new contact.
|
||||
tags:
|
||||
- hs-office-contacts
|
||||
operationId: addContact
|
||||
parameters:
|
||||
- $ref: './auth.yaml#/components/parameters/currentUser'
|
||||
- $ref: './auth.yaml#/components/parameters/assumedRoles'
|
||||
requestBody:
|
||||
content:
|
||||
'application/json':
|
||||
schema:
|
||||
$ref: './hs-office-contact-schemas.yaml#/components/schemas/HsOfficeContactInsert'
|
||||
required: true
|
||||
responses:
|
||||
"201":
|
||||
description: Created
|
||||
content:
|
||||
'application/json':
|
||||
schema:
|
||||
$ref: './hs-office-contact-schemas.yaml#/components/schemas/HsOfficeContact'
|
||||
"401":
|
||||
$ref: './error-responses.yaml#/components/responses/Unauthorized'
|
||||
"403":
|
||||
$ref: './error-responses.yaml#/components/responses/Forbidden'
|
||||
"409":
|
||||
$ref: './error-responses.yaml#/components/responses/Conflict'
|
@ -12,7 +12,7 @@ get:
|
||||
required: false
|
||||
schema:
|
||||
type: string
|
||||
description: Customer-prefix to filter the results. TODO
|
||||
description: Prefix of name properties from person or contact to filter the results.
|
||||
responses:
|
||||
"200":
|
||||
description: OK
|
||||
|
@ -8,9 +8,20 @@ servers:
|
||||
|
||||
paths:
|
||||
|
||||
# Partners
|
||||
|
||||
/api/hs/office/partners:
|
||||
$ref: "./hs-office-partners.yaml"
|
||||
|
||||
/api/hs/office/partners/{partnerUUID}:
|
||||
$ref: "./hs-office-partners-with-uuid.yaml"
|
||||
|
||||
|
||||
# Contacts
|
||||
|
||||
/api/hs/office/contacts:
|
||||
$ref: "./hs-office-contacts.yaml"
|
||||
|
||||
/api/hs/office/contacts/{contactUUID}:
|
||||
$ref: "./hs-office-contacts-with-uuid.yaml"
|
||||
|
||||
|
@ -0,0 +1,377 @@
|
||||
package net.hostsharing.hsadminng.hs.office.contact;
|
||||
|
||||
import io.restassured.RestAssured;
|
||||
import io.restassured.http.ContentType;
|
||||
import net.hostsharing.hsadminng.Accepts;
|
||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.test.JpaAttempt;
|
||||
import org.apache.commons.lang3.RandomStringUtils;
|
||||
import org.json.JSONException;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
import java.util.UUID;
|
||||
|
||||
import static net.hostsharing.test.IsValidUuidMatcher.isUuidValid;
|
||||
import static net.hostsharing.test.JsonMatcher.lenientlyEquals;
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.startsWith;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
)
|
||||
@Transactional
|
||||
class HsOfficeContactControllerAcceptanceTest {
|
||||
|
||||
@LocalServerPort
|
||||
private Integer port;
|
||||
|
||||
@Autowired
|
||||
Context context;
|
||||
|
||||
@Autowired
|
||||
Context contextMock;
|
||||
|
||||
@Autowired
|
||||
HsOfficeContactRepository contactRepo;
|
||||
|
||||
@Autowired
|
||||
JpaAttempt jpaAttempt;
|
||||
|
||||
Set<UUID> tempContactUuids = new HashSet<>();
|
||||
|
||||
@Nested
|
||||
@Accepts({ "Contact:F(Find)" })
|
||||
class ListContacts {
|
||||
|
||||
@Test
|
||||
void globalAdmin_withoutAssumedRoles_canViewAllContacts_ifNoCriteriaGiven() throws JSONException {
|
||||
|
||||
RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "superuser-alex@hostsharing.net")
|
||||
.port(port)
|
||||
.when()
|
||||
.get("http://localhost/api/hs/office/contacts")
|
||||
.then().log().all().assertThat()
|
||||
.statusCode(200)
|
||||
.contentType("application/json")
|
||||
.body("", lenientlyEquals("""
|
||||
[
|
||||
{ "label": "first contact" },
|
||||
{ "label": "second contact" },
|
||||
{ "label": "third contact" },
|
||||
{ "label": "forth contact" },
|
||||
{ "label": "fifth contact" },
|
||||
{ "label": "sixth contact" },
|
||||
{ "label": "eighth contact" },
|
||||
{ "label": "ninth contact" },
|
||||
{ "label": "tenth contact" },
|
||||
{ "label": "eleventh contact" },
|
||||
{ "label": "twelfth contact" }
|
||||
]
|
||||
"""
|
||||
));
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
@Nested
|
||||
@Accepts({ "Contact:C(Create)" })
|
||||
class AddContact {
|
||||
|
||||
@Test
|
||||
void globalAdmin_withoutAssumedRole_canAddContact() {
|
||||
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
|
||||
final var location = RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "superuser-alex@hostsharing.net")
|
||||
.contentType(ContentType.JSON)
|
||||
.body("""
|
||||
{
|
||||
"label": "Test Contact",
|
||||
"emailAddresses": "test@example.org"
|
||||
}
|
||||
""")
|
||||
.port(port)
|
||||
.when()
|
||||
.post("http://localhost/api/hs/office/contacts")
|
||||
.then().assertThat()
|
||||
.statusCode(201)
|
||||
.contentType(ContentType.JSON)
|
||||
.body("uuid", isUuidValid())
|
||||
.body("label", is("Test Contact"))
|
||||
.body("emailAddresses", is("test@example.org"))
|
||||
.header("Location", startsWith("http://localhost"))
|
||||
.extract().header("Location"); // @formatter:on
|
||||
|
||||
// finally, the new contact can be accessed under the generated UUID
|
||||
final var newUserUuid = toCleanup(UUID.fromString(
|
||||
location.substring(location.lastIndexOf('/') + 1)));
|
||||
assertThat(newUserUuid).isNotNull();
|
||||
}
|
||||
}
|
||||
|
||||
@Nested
|
||||
@Accepts({ "Contact:R(Read)" })
|
||||
class GetContact {
|
||||
|
||||
@Test
|
||||
void globalAdmin_withoutAssumedRole_canGetArbitraryContact() {
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
final var givenContactUuid = contactRepo.findContactByOptionalLabelLike("first").get(0).getUuid();
|
||||
|
||||
RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "superuser-alex@hostsharing.net")
|
||||
.port(port)
|
||||
.when()
|
||||
.get("http://localhost/api/hs/office/contacts/" + givenContactUuid)
|
||||
.then().log().body().assertThat()
|
||||
.statusCode(200)
|
||||
.contentType("application/json")
|
||||
.body("", lenientlyEquals("""
|
||||
{
|
||||
"label": "first contact"
|
||||
}
|
||||
""")); // @formatter:on
|
||||
}
|
||||
|
||||
@Test
|
||||
@Accepts({ "Contact:X(Access Control)" })
|
||||
void normalUser_canNotGetUnrelatedContact() {
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
final var givenContactUuid = contactRepo.findContactByOptionalLabelLike("first").get(0).getUuid();
|
||||
|
||||
RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "selfregistered-user-drew@hostsharing.org")
|
||||
.port(port)
|
||||
.when()
|
||||
.get("http://localhost/api/hs/office/contacts/" + givenContactUuid)
|
||||
.then().log().body().assertThat()
|
||||
.statusCode(404); // @formatter:on
|
||||
}
|
||||
|
||||
@Test
|
||||
@Accepts({ "Contact:X(Access Control)" })
|
||||
void contactAdminUser_canGetRelatedContact() {
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
final var givenContactUuid = contactRepo.findContactByOptionalLabelLike("first").get(0).getUuid();
|
||||
|
||||
RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "customer-admin@firstcontact.example.com")
|
||||
.port(port)
|
||||
.when()
|
||||
.get("http://localhost/api/hs/office/contacts/" + givenContactUuid)
|
||||
.then().log().body().assertThat()
|
||||
.statusCode(200)
|
||||
.contentType("application/json")
|
||||
.body("", lenientlyEquals("""
|
||||
{
|
||||
"label": "first contact",
|
||||
"emailAddresses": "customer-admin@firstcontact.example.com",
|
||||
"phoneNumbers": "+49 123 1234567"
|
||||
}
|
||||
""")); // @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
@Nested
|
||||
@Accepts({ "Contact:U(Update)" })
|
||||
class PatchContact {
|
||||
|
||||
@Test
|
||||
void globalAdmin_withoutAssumedRole_canPatchAllPropertiesOfArbitraryContact() {
|
||||
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org");
|
||||
|
||||
final var location = RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "superuser-alex@hostsharing.net")
|
||||
.contentType(ContentType.JSON)
|
||||
.body("""
|
||||
{
|
||||
"label": "patched contact",
|
||||
"emailAddresses": "patched@example.org",
|
||||
"postalAddress": "Patched Address",
|
||||
"phoneNumbers": "+01 100 123456"
|
||||
}
|
||||
""")
|
||||
.port(port)
|
||||
.when()
|
||||
.patch("http://localhost/api/hs/office/contacts/" + givenContact.getUuid())
|
||||
.then().assertThat()
|
||||
.statusCode(200)
|
||||
.contentType(ContentType.JSON)
|
||||
.body("uuid", isUuidValid())
|
||||
.body("label", is("patched contact"))
|
||||
.body("emailAddresses", is("patched@example.org"))
|
||||
.body("postalAddress", is("Patched Address"))
|
||||
.body("phoneNumbers", is("+01 100 123456"));
|
||||
// @formatter:on
|
||||
|
||||
// finally, the contact is actually updated
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
assertThat(contactRepo.findByUuid(givenContact.getUuid())).isPresent().get()
|
||||
.matches(person -> {
|
||||
assertThat(person.getLabel()).isEqualTo("patched contact");
|
||||
assertThat(person.getEmailAddresses()).isEqualTo("patched@example.org");
|
||||
assertThat(person.getPostalAddress()).isEqualTo("Patched Address");
|
||||
assertThat(person.getPhoneNumbers()).isEqualTo("+01 100 123456");
|
||||
return true;
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void globalAdmin_withoutAssumedRole_canPatchPartialPropertiesOfArbitraryContact() {
|
||||
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org");
|
||||
|
||||
final var location = RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "superuser-alex@hostsharing.net")
|
||||
.contentType(ContentType.JSON)
|
||||
.body("""
|
||||
{
|
||||
"emailAddresses": "patched@example.org",
|
||||
"phoneNumbers": "+01 100 123456"
|
||||
}
|
||||
""")
|
||||
.port(port)
|
||||
.when()
|
||||
.patch("http://localhost/api/hs/office/contacts/" + givenContact.getUuid())
|
||||
.then().assertThat()
|
||||
.statusCode(200)
|
||||
.contentType(ContentType.JSON)
|
||||
.body("uuid", isUuidValid())
|
||||
.body("label", is(givenContact.getLabel()))
|
||||
.body("emailAddresses", is("patched@example.org"))
|
||||
.body("postalAddress", is(givenContact.getPostalAddress()))
|
||||
.body("phoneNumbers", is("+01 100 123456"));
|
||||
// @formatter:on
|
||||
|
||||
// finally, the contact is actually updated
|
||||
assertThat(contactRepo.findByUuid(givenContact.getUuid())).isPresent().get()
|
||||
.matches(person -> {
|
||||
assertThat(person.getLabel()).isEqualTo(givenContact.getLabel());
|
||||
assertThat(person.getEmailAddresses()).isEqualTo("patched@example.org");
|
||||
assertThat(person.getPostalAddress()).isEqualTo(givenContact.getPostalAddress());
|
||||
assertThat(person.getPhoneNumbers()).isEqualTo("+01 100 123456");
|
||||
return true;
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Nested
|
||||
@Accepts({ "Contact:D(Delete)" })
|
||||
class DeleteContact {
|
||||
|
||||
@Test
|
||||
void globalAdmin_withoutAssumedRole_canDeleteArbitraryContact() {
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org");
|
||||
|
||||
RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "superuser-alex@hostsharing.net")
|
||||
.port(port)
|
||||
.when()
|
||||
.delete("http://localhost/api/hs/office/contacts/" + givenContact.getUuid())
|
||||
.then().log().body().assertThat()
|
||||
.statusCode(204); // @formatter:on
|
||||
|
||||
// then the given contact is gone
|
||||
assertThat(contactRepo.findByUuid(givenContact.getUuid())).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
@Accepts({ "Contact:X(Access Control)" })
|
||||
void contactOwner_canDeleteRelatedContact() {
|
||||
final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org");
|
||||
|
||||
RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "selfregistered-test-user@hostsharing.org")
|
||||
.port(port)
|
||||
.when()
|
||||
.delete("http://localhost/api/hs/office/contacts/" + givenContact.getUuid())
|
||||
.then().log().body().assertThat()
|
||||
.statusCode(204); // @formatter:on
|
||||
|
||||
// then the given contact is still there
|
||||
assertThat(contactRepo.findByUuid(givenContact.getUuid())).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
@Accepts({ "Contact:X(Access Control)" })
|
||||
void normalUser_canNotDeleteUnrelatedContact() {
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
final var givenContact = givenSomeTemporaryContactCreatedBy("selfregistered-test-user@hostsharing.org");
|
||||
|
||||
RestAssured // @formatter:off
|
||||
.given()
|
||||
.header("current-user", "selfregistered-user-drew@hostsharing.org")
|
||||
.port(port)
|
||||
.when()
|
||||
.delete("http://localhost/api/hs/office/contacts/" + givenContact.getUuid())
|
||||
.then().log().body().assertThat()
|
||||
.statusCode(404); // unrelated user cannot even view the contact
|
||||
// @formatter:on
|
||||
|
||||
// then the given contact is still there
|
||||
assertThat(contactRepo.findByUuid(givenContact.getUuid())).isNotEmpty();
|
||||
}
|
||||
}
|
||||
|
||||
private HsOfficeContactEntity givenSomeTemporaryContactCreatedBy(final String creatingUser) {
|
||||
return jpaAttempt.transacted(() -> {
|
||||
context.define(creatingUser);
|
||||
final var newContact = HsOfficeContactEntity.builder()
|
||||
.uuid(UUID.randomUUID())
|
||||
.label("Temp from " + Context.getCallerMethodNameFromStackFrame(1) )
|
||||
.emailAddresses(RandomStringUtils.randomAlphabetic(10) + "@example.org")
|
||||
.postalAddress("Postal Address " + RandomStringUtils.randomAlphabetic(10))
|
||||
.phoneNumbers("+01 200 " + RandomStringUtils.randomNumeric(8))
|
||||
.build();
|
||||
|
||||
toCleanup(newContact.getUuid());
|
||||
|
||||
return contactRepo.save(newContact);
|
||||
}).assertSuccessful().returnedValue();
|
||||
}
|
||||
|
||||
private UUID toCleanup(final UUID tempContactUuid) {
|
||||
tempContactUuids.add(tempContactUuid);
|
||||
return tempContactUuid;
|
||||
}
|
||||
|
||||
@AfterEach
|
||||
void cleanup() {
|
||||
tempContactUuids.forEach(uuid -> {
|
||||
jpaAttempt.transacted(() -> {
|
||||
context.define("superuser-alex@hostsharing.net", null);
|
||||
System.out.println("DELETING temporary contact: " + uuid);
|
||||
final var count = contactRepo.deleteByUuid(uuid);
|
||||
System.out.println("DELETED temporary contact: " + uuid + (count > 0 ? " successful" : " failed"));
|
||||
}).assertSuccessful();
|
||||
});
|
||||
}
|
||||
|
||||
}
|
@ -7,6 +7,7 @@ import net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleRepository;
|
||||
import net.hostsharing.test.Array;
|
||||
import net.hostsharing.test.JpaAttempt;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.modelmapper.internal.bytebuddy.utility.RandomString;
|
||||
@ -270,6 +271,7 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
|
||||
}).assumeSuccessful().returnedValue();
|
||||
}
|
||||
|
||||
@BeforeEach
|
||||
@AfterEach
|
||||
void cleanup() {
|
||||
context("superuser-alex@hostsharing.net", null);
|
||||
|
Loading…
Reference in New Issue
Block a user