hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 3 Activity

hs-office-debitor: test update of partner and bankaccount and fix null cases

Browse Source
This commit is contained in:
Michael Hoennig 2022-10-21 11:38:31 +02:00
parent 5a296e0a9f
commit 8864a17b2b
3 changed files with 136 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/main/resources/db/changelog/273-hs-office-debitor-rbac.sql
View File

@ -114,17 +114,32 @@ begin
call grantRoleToRole(hsOfficeContactGuest(newContact), hsOfficeDebitorTenant(NEW)); call grantRoleToRole(hsOfficeContactGuest(newContact), hsOfficeDebitorTenant(NEW));
end if; end if;
if OLD.refundBankAccountUuid <> NEW.refundBankAccountUuid then if (OLD.refundBankAccountUuid is not null or NEW.refundBankAccountUuid is not null) and
( OLD.refundBankAccountUuid is null or NEW.refundBankAccountUuid is null or
OLD.refundBankAccountUuid <> NEW.refundBankAccountUuid ) then
select * from hs_office_bankaccount as b where b.uuid = OLD.refundBankAccountUuid into oldBankAccount; select * from hs_office_bankaccount as b where b.uuid = OLD.refundBankAccountUuid into oldBankAccount;
call revokeRoleFromRole(hsOfficeBankAccountTenant(oldBankaccount), hsOfficeDebitorAgent(OLD)); if oldBankAccount is not null then
call grantRoleToRole(hsOfficeBankAccountTenant(newBankaccount), hsOfficeDebitorAgent(NEW)); call revokeRoleFromRole(hsOfficeBankAccountTenant(oldBankaccount), hsOfficeDebitorAgent(OLD));
end if;
if newBankAccount is not null then
call grantRoleToRole(hsOfficeBankAccountTenant(newBankaccount), hsOfficeDebitorAgent(NEW));
end if;
call revokeRoleFromRole(hsOfficeDebitorTenant(OLD), hsOfficeBankAccountAdmin(oldBankaccount)); if oldBankAccount is not null then
call grantRoleToRole(hsOfficeDebitorTenant(NEW), hsOfficeBankAccountAdmin(newBankaccount)); call revokeRoleFromRole(hsOfficeDebitorTenant(OLD), hsOfficeBankAccountAdmin(oldBankaccount));
end if;
if newBankAccount is not null then
call grantRoleToRole(hsOfficeDebitorTenant(NEW), hsOfficeBankAccountAdmin(newBankaccount));
end if;
call revokeRoleFromRole(hsOfficeBankAccountGuest(oldBankaccount), hsOfficeDebitorTenant(OLD)); if oldBankAccount is not null then
call grantRoleToRole(hsOfficeBankAccountGuest(newBankaccount), hsOfficeDebitorTenant(NEW)); call revokeRoleFromRole(hsOfficeBankAccountGuest(oldBankaccount), hsOfficeDebitorTenant(OLD));
end if;
if newBankAccount is not null then
call grantRoleToRole(hsOfficeBankAccountGuest(newBankaccount), hsOfficeDebitorTenant(NEW));
end if;
end if; end if;
else else
raise exception 'invalid usage of TRIGGER'; raise exception 'invalid usage of TRIGGER';
@ -166,10 +181,11 @@ call generateRbacIdentityView('hs_office_debitor', $idName$
-- ============================================================================ -- ============================================================================
--changeset hs-office-debitor-rbac-RESTRICTED-VIEW:1 endDelimiter:--// --changeset hs-office-debitor-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call generateRbacRestrictedView('hs_office_debitor', call generateRbacRestrictedView('hs_office_debitor', 'target.debitorNumber',
'target.debitorNumber', $updates$
$updates$ partnerUuid = new.partnerUuid,
billingContactUuid = new.billingContactUuid, billingContactUuid = new.billingContactUuid,
refundBankAccountUuid = new.refundBankAccountUuid,
vatId = new.vatId, vatId = new.vatId,
vatCountryCode = new.vatCountryCode, vatCountryCode = new.vatCountryCode,
vatBusiness = new.vatBusiness vatBusiness = new.vatBusiness

3
src/test/java/net/hostsharing/hsadminng/context/ContextBasedTest.java
View File

@ -4,7 +4,7 @@ import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.TestInfo; import org.junit.jupiter.api.TestInfo;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
public class ContextBasedTest { public abstract class ContextBasedTest {
@Autowired @Autowired
Context context; Context context;
@ -16,7 +16,6 @@ public class ContextBasedTest {
this.test = testInfo; this.test = testInfo;
} }
// TODO: remove the class and check which task is recorded
protected void context(final String currentUser, final String assumedRoles) { protected void context(final String currentUser, final String assumedRoles) {
context.define(test.getDisplayName(), null, currentUser, assumedRoles); context.define(test.getDisplayName(), null, currentUser, assumedRoles);
} }

138
src/test/java/net/hostsharing/hsadminng/hs/office/debitor/HsOfficeDebitorRepositoryIntegrationTest.java
View File

@ -2,15 +2,15 @@ package net.hostsharing.hsadminng.hs.office.debitor;
import net.hostsharing.hsadminng.context.Context; import net.hostsharing.hsadminng.context.Context;
import net.hostsharing.hsadminng.context.ContextBasedTest; import net.hostsharing.hsadminng.context.ContextBasedTest;
import net.hostsharing.hsadminng.hs.office.contact.HsOfficeContactEntity; import net.hostsharing.hsadminng.hs.office.bankaccount.HsOfficeBankAccountRepository;
import net.hostsharing.hsadminng.hs.office.contact.HsOfficeContactRepository; import net.hostsharing.hsadminng.hs.office.contact.HsOfficeContactRepository;
import net.hostsharing.hsadminng.hs.office.partner.HsOfficePartnerEntity;
import net.hostsharing.hsadminng.hs.office.partner.HsOfficePartnerRepository; import net.hostsharing.hsadminng.hs.office.partner.HsOfficePartnerRepository;
import net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantRepository; import net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantRepository;
import net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleRepository; import net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleRepository;
import net.hostsharing.test.Array; import net.hostsharing.test.Array;
import net.hostsharing.test.JpaAttempt; import net.hostsharing.test.JpaAttempt;
import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested; import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.ParameterizedTest;
@ -45,6 +45,9 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
@Autowired @Autowired
HsOfficeContactRepository contactRepo; HsOfficeContactRepository contactRepo;
@Autowired
HsOfficeBankAccountRepository bankAccountRepo;
@Autowired @Autowired
RawRbacRoleRepository rawRoleRepo; RawRbacRoleRepository rawRoleRepo;
@ -78,8 +81,8 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
final var newDebitor = toCleanup(HsOfficeDebitorEntity.builder() final var newDebitor = toCleanup(HsOfficeDebitorEntity.builder()
.uuid(UUID.randomUUID()) .uuid(UUID.randomUUID())
.debitorNumber(20001) .debitorNumber(20001)
.partner(rawReference(givenPartner)) .partner(givenPartner)
.billingContact(rawReference(givenContact)) .billingContact(givenContact)
.build()); .build());
return debitorRepo.save(newDebitor); return debitorRepo.save(newDebitor);
}); });
@ -111,8 +114,8 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
final var newDebitor = toCleanup(HsOfficeDebitorEntity.builder() final var newDebitor = toCleanup(HsOfficeDebitorEntity.builder()
.uuid(UUID.randomUUID()) .uuid(UUID.randomUUID())
.debitorNumber(20002) .debitorNumber(20002)
.partner(rawReference(givenPartner)) .partner(givenPartner)
.billingContact(rawReference(givenContact)) .billingContact(givenContact)
.build()); .build());
return debitorRepo.save(newDebitor); return debitorRepo.save(newDebitor);
}).assertSuccessful(); }).assertSuccessful();
@ -254,12 +257,14 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
public void globalAdmin_canUpdateArbitraryDebitor() { public void globalAdmin_canUpdateArbitraryDebitor() {
// given // given
context("superuser-alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "fifth contact"); final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "fifth contact", "Fourth");
assertThatDebitorIsVisibleForUserWithRole( assertThatDebitorIsVisibleForUserWithRole(
givenDebitor, givenDebitor,
"hs_office_partner#Fourthe.G.-forthcontact.admin"); "hs_office_partner#Fourthe.G.-forthcontact.admin");
assertThatDebitorActuallyInDatabase(givenDebitor); assertThatDebitorActuallyInDatabase(givenDebitor);
final var givenNewPartner = partnerRepo.findPartnerByOptionalNameLike("First").get(0);
final var givenNewContact = contactRepo.findContactByOptionalLabelLike("sixth contact").get(0); final var givenNewContact = contactRepo.findContactByOptionalLabelLike("sixth contact").get(0);
final var givenNewBankAccount = bankAccountRepo.findByOptionalHolderLike("first").get(0);
final String givenNewVatId = "NEW-VAT-ID"; final String givenNewVatId = "NEW-VAT-ID";
final String givenNewVatCountryCode = "NC"; final String givenNewVatCountryCode = "NC";
final boolean givenNewVatBusiness = !givenDebitor.isVatBusiness(); final boolean givenNewVatBusiness = !givenDebitor.isVatBusiness();
@ -267,10 +272,9 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
givenDebitor.setBillingContact(rawReference(givenNewContact)); givenDebitor.setPartner(givenNewPartner);
// TODO.test: also test update of partner+bankAccount givenDebitor.setBillingContact(givenNewContact);
// givenDebitor.setPartner(rawReference(givenNewPartner)); givenDebitor.setRefundBankAccount(givenNewBankAccount);
// givenDebitor.setRefundBankAccount(rawReference(givenNewBankAccount));
givenDebitor.setVatId(givenNewVatId); givenDebitor.setVatId(givenNewVatId);
givenDebitor.setVatCountryCode(givenNewVatCountryCode); givenDebitor.setVatCountryCode(givenNewVatCountryCode);
givenDebitor.setVatBusiness(givenNewVatBusiness); givenDebitor.setVatBusiness(givenNewVatBusiness);
@ -282,19 +286,96 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
assertThatDebitorIsVisibleForUserWithRole( assertThatDebitorIsVisibleForUserWithRole(
result.returnedValue(), result.returnedValue(),
"global#global.admin"); "global#global.admin");
// ... partner role was reassigned:
assertThatDebitorIsNotVisibleForUserWithRole(
result.returnedValue(),
"hs_office_partner#Fourthe.G.-forthcontact.agent");
assertThatDebitorIsVisibleForUserWithRole( assertThatDebitorIsVisibleForUserWithRole(
result.returnedValue(), result.returnedValue(),
"hs_office_contact#sixthcontact.admin"); "hs_office_partner#FirstGmbH-firstcontact.agent");
// ... contact role was reassigned:
assertThatDebitorIsNotVisibleForUserWithRole( assertThatDebitorIsNotVisibleForUserWithRole(
result.returnedValue(), result.returnedValue(),
"hs_office_contact#fifthcontact.admin"); "hs_office_contact#fifthcontact.admin");
assertThatDebitorIsVisibleForUserWithRole(
result.returnedValue(),
"hs_office_contact#sixthcontact.admin");
// ... bank-account role was reassigned:
assertThatDebitorIsNotVisibleForUserWithRole(
result.returnedValue(),
"hs_office_bankaccount#Fourthe.G..admin");
assertThatDebitorIsVisibleForUserWithRole(
result.returnedValue(),
"hs_office_bankaccount#FirstGmbH.admin");
}
@Test
public void globalAdmin_canUpdateNullRefundBankAccountToNotNullBankAccountForArbitraryDebitor() {
// given
context("superuser-alex@hostsharing.net");
final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "fifth contact", null);
assertThatDebitorIsVisibleForUserWithRole(
givenDebitor,
"hs_office_partner#Fourthe.G.-forthcontact.admin");
assertThatDebitorActuallyInDatabase(givenDebitor);
final var givenNewBankAccount = bankAccountRepo.findByOptionalHolderLike("first").get(0);
// when
final var result = jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
givenDebitor.setRefundBankAccount(givenNewBankAccount);
return toCleanup(debitorRepo.save(givenDebitor));
});
// then
result.assertSuccessful();
assertThatDebitorIsVisibleForUserWithRole(
result.returnedValue(),
"global#global.admin");
// ... bank-account role was assigned:
assertThatDebitorIsVisibleForUserWithRole(
result.returnedValue(),
"hs_office_bankaccount#FirstGmbH.admin");
}
@Test
public void globalAdmin_canUpdateRefundBankAccountToNullForArbitraryDebitor() {
// given
context("superuser-alex@hostsharing.net");
final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "fifth contact", "Fourth");
assertThatDebitorIsVisibleForUserWithRole(
givenDebitor,
"hs_office_partner#Fourthe.G.-forthcontact.admin");
assertThatDebitorActuallyInDatabase(givenDebitor);
// when
final var result = jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
givenDebitor.setRefundBankAccount(null);
return toCleanup(debitorRepo.save(givenDebitor));
});
// then
result.assertSuccessful();
assertThatDebitorIsVisibleForUserWithRole(
result.returnedValue(),
"global#global.admin");
// ... bank-account role was removed from previous bank-account admin:
assertThatDebitorIsNotVisibleForUserWithRole(
result.returnedValue(),
"hs_office_bankaccount#Fourthe.G..admin");
} }
@Test @Test
public void partnerAdmin_canNotUpdateRelatedDebitor() { public void partnerAdmin_canNotUpdateRelatedDebitor() {
// given // given
context("superuser-alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "eighth"); final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "eighth", "Fourth");
assertThatDebitorIsVisibleForUserWithRole( assertThatDebitorIsVisibleForUserWithRole(
givenDebitor, givenDebitor,
"hs_office_partner#Fourthe.G.-forthcontact.admin"); "hs_office_partner#Fourthe.G.-forthcontact.admin");
@ -316,7 +397,7 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
public void contactAdmin_canNotUpdateRelatedDebitor() { public void contactAdmin_canNotUpdateRelatedDebitor() {
// given // given
context("superuser-alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "ninth"); final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "ninth", "Fourth");
assertThatDebitorIsVisibleForUserWithRole( assertThatDebitorIsVisibleForUserWithRole(
givenDebitor, givenDebitor,
"hs_office_contact#ninthcontact.admin"); "hs_office_contact#ninthcontact.admin");
@ -367,7 +448,7 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
public void globalAdmin_canDeleteAnyDebitor() { public void globalAdmin_canDeleteAnyDebitor() {
// given // given
context("superuser-alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "tenth"); final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "tenth", "Fourth");
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
@ -387,7 +468,7 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
public void relatedPerson_canNotDeleteTheirRelatedDebitor() { public void relatedPerson_canNotDeleteTheirRelatedDebitor() {
// given // given
context("superuser-alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);
final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "eleventh"); final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "eleventh", "Fourth");
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
@ -413,11 +494,11 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
context("superuser-alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var initialRoleNames = Array.from(roleNamesOf(rawRoleRepo.findAll())); final var initialRoleNames = Array.from(roleNamesOf(rawRoleRepo.findAll()));
final var initialGrantNames = Array.from(grantDisplaysOf(rawGrantRepo.findAll())); final var initialGrantNames = Array.from(grantDisplaysOf(rawGrantRepo.findAll()));
final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "twelfth"); final var givenDebitor = givenSomeTemporaryDebitor("Fourth", "twelfth", "Fourth");
assertThat(rawRoleRepo.findAll().size()).as("precondition failed: unexpected number of roles created") assertThat(rawRoleRepo.findAll().size()).as("precondition failed: unexpected number of roles created")
.isEqualTo(initialRoleNames.length + 5); .isEqualTo(initialRoleNames.length + 5);
assertThat(rawGrantRepo.findAll().size()).as("precondition failed: unexpected number of grants created") assertThat(rawGrantRepo.findAll().size()).as("precondition failed: unexpected number of grants created")
.isEqualTo(initialGrantNames.length + 14); .isEqualTo(initialGrantNames.length + 17);
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
@ -452,24 +533,22 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
"[creating debitor test-data Seconde.K.-secondcontact, hs_office_debitor, INSERT]"); "[creating debitor test-data Seconde.K.-secondcontact, hs_office_debitor, INSERT]");
} }
private HsOfficePartnerEntity rawReference(final HsOfficePartnerEntity givenPartner) { private HsOfficeDebitorEntity givenSomeTemporaryDebitor(
return em.getReference(HsOfficePartnerEntity.class, givenPartner.getUuid()); final String partner,
} final String contact,
final String bankAccount) {
private HsOfficeContactEntity rawReference(final HsOfficeContactEntity givenContact) {
return em.getReference(HsOfficeContactEntity.class, givenContact.getUuid());
}
private HsOfficeDebitorEntity givenSomeTemporaryDebitor(final String partner, final String contact) {
return jpaAttempt.transacted(() -> { return jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
final var givenPartner = partnerRepo.findPartnerByOptionalNameLike(partner).get(0); final var givenPartner = partnerRepo.findPartnerByOptionalNameLike(partner).get(0);
final var givenContact = contactRepo.findContactByOptionalLabelLike(contact).get(0); final var givenContact = contactRepo.findContactByOptionalLabelLike(contact).get(0);
final var givenBankAccount =
bankAccount != null ? bankAccountRepo.findByOptionalHolderLike(bankAccount).get(0) : null;
final var newDebitor = HsOfficeDebitorEntity.builder() final var newDebitor = HsOfficeDebitorEntity.builder()
.uuid(UUID.randomUUID()) .uuid(UUID.randomUUID())
.debitorNumber(20000) .debitorNumber(20000)
.partner(rawReference(givenPartner)) .partner(givenPartner)
.billingContact(rawReference(givenContact)) .billingContact(givenContact)
.refundBankAccount(givenBankAccount)
.build(); .build();
toCleanup(newDebitor); toCleanup(newDebitor);
@ -483,6 +562,7 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTest {
return tempDebitor; return tempDebitor;
} }
@BeforeEach
@AfterEach @AfterEach
void cleanup() { void cleanup() {
context("superuser-alex@hostsharing.net", null); context("superuser-alex@hostsharing.net", null);