aftermaths from merging master
This commit is contained in:
Michael Hoennig
parent
1202393921
commit
89a29989c7
@ -31,7 +31,7 @@ public class RbacRoleController implements RbacRolesApi {
|
|||||||
|
|
||||||
context.define(currentUser, assumedRoles);
|
context.define(currentUser, assumedRoles);
|
||||||
|
|
||||||
final List<RbacRoleRvEntity> result = rbacRoleRepository.findAll();
|
final List<RbacRoleEntity> result = rbacRoleRepository.findAll();
|
||||||
|
|
||||||
return ResponseEntity.ok(mapper.mapList(result, RbacRoleResource.class));
|
return ResponseEntity.ok(mapper.mapList(result, RbacRoleResource.class));
|
||||||
}
|
}
|
||||||
|
|||||||
@ -15,7 +15,7 @@ import java.util.UUID;
|
|||||||
@Immutable
|
@Immutable
|
||||||
@NoArgsConstructor
|
@NoArgsConstructor
|
||||||
@AllArgsConstructor
|
@AllArgsConstructor
|
||||||
public class RbacRoleRvEntity {
|
public class RbacRoleEntity {
|
||||||
|
|
||||||
@Id
|
@Id
|
||||||
@GeneratedValue
|
@GeneratedValue
|
||||||
@ -5,7 +5,7 @@ import org.springframework.data.repository.Repository;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.UUID;
|
import java.util.UUID;
|
||||||
|
|
||||||
public interface RbacRoleRepository extends Repository<RbacRoleRvEntity, UUID> {
|
public interface RbacRoleRepository extends Repository<RbacRoleEntity, UUID> {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return the number of persistent RbacRoleEntity instances, mostly for testing purposes.
|
* @return the number of persistent RbacRoleEntity instances, mostly for testing purposes.
|
||||||
@ -15,7 +15,7 @@ public interface RbacRoleRepository extends Repository<RbacRoleRvEntity, UUID> {
|
|||||||
/**
|
/**
|
||||||
* @return all persistent RbacRoleEntity instances, assigned to the current subject (user or assumed roles)
|
* @return all persistent RbacRoleEntity instances, assigned to the current subject (user or assumed roles)
|
||||||
*/
|
*/
|
||||||
List<RbacRoleRvEntity> findAll();
|
List<RbacRoleEntity> findAll();
|
||||||
|
|
||||||
RbacRoleRvEntity findByRoleName(String roleName);
|
RbacRoleEntity findByRoleName(String roleName);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -42,7 +42,7 @@ subgraph membership["`**membership**`"]
|
|||||||
|
|
||||||
role:membership:OWNER[[membership:OWNER]]
|
role:membership:OWNER[[membership:OWNER]]
|
||||||
role:membership:ADMIN[[membership:ADMIN]]
|
role:membership:ADMIN[[membership:ADMIN]]
|
||||||
role:membership:REFERRER[[membership:REFERRER]]
|
role:membership:AGENT[[membership:AGENT]]
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph membership:permissions[ ]
|
subgraph membership:permissions[ ]
|
||||||
@ -105,16 +105,16 @@ role:partnerRel.contact:ADMIN -.-> role:partnerRel:TENANT
|
|||||||
role:partnerRel:TENANT -.-> role:partnerRel.anchorPerson:REFERRER
|
role:partnerRel:TENANT -.-> role:partnerRel.anchorPerson:REFERRER
|
||||||
role:partnerRel:TENANT -.-> role:partnerRel.holderPerson:REFERRER
|
role:partnerRel:TENANT -.-> role:partnerRel.holderPerson:REFERRER
|
||||||
role:partnerRel:TENANT -.-> role:partnerRel.contact:REFERRER
|
role:partnerRel:TENANT -.-> role:partnerRel.contact:REFERRER
|
||||||
role:partnerRel:ADMIN ==> role:membership:OWNER
|
|
||||||
role:membership:OWNER ==> role:membership:ADMIN
|
role:membership:OWNER ==> role:membership:ADMIN
|
||||||
role:partnerRel:AGENT ==> role:membership:ADMIN
|
role:partnerRel:ADMIN ==> role:membership:ADMIN
|
||||||
role:membership:ADMIN ==> role:membership:REFERRER
|
role:membership:ADMIN ==> role:membership:AGENT
|
||||||
role:membership:REFERRER ==> role:partnerRel:TENANT
|
role:partnerRel:AGENT ==> role:membership:AGENT
|
||||||
|
role:membership:AGENT ==> role:partnerRel:TENANT
|
||||||
|
|
||||||
%% granting permissions to roles
|
%% granting permissions to roles
|
||||||
role:global:ADMIN ==> perm:membership:INSERT
|
role:global:ADMIN ==> perm:membership:INSERT
|
||||||
role:membership:OWNER ==> perm:membership:DELETE
|
role:membership:ADMIN ==> perm:membership:DELETE
|
||||||
role:membership:ADMIN ==> perm:membership:UPDATE
|
role:membership:ADMIN ==> perm:membership:UPDATE
|
||||||
role:membership:REFERRER ==> perm:membership:SELECT
|
role:membership:AGENT ==> perm:membership:SELECT
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|||||||
@ -54,7 +54,7 @@ subgraph membership["`**membership**`"]
|
|||||||
|
|
||||||
role:membership:OWNER[[membership:OWNER]]
|
role:membership:OWNER[[membership:OWNER]]
|
||||||
role:membership:ADMIN[[membership:ADMIN]]
|
role:membership:ADMIN[[membership:ADMIN]]
|
||||||
role:membership:REFERRER[[membership:REFERRER]]
|
role:membership:AGENT[[membership:AGENT]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -106,15 +106,15 @@ role:membership.partnerRel.contact:ADMIN -.-> role:membership.partnerRel:TENANT
|
|||||||
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.anchorPerson:REFERRER
|
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.anchorPerson:REFERRER
|
||||||
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.holderPerson:REFERRER
|
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.holderPerson:REFERRER
|
||||||
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.contact:REFERRER
|
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.contact:REFERRER
|
||||||
role:membership.partnerRel:ADMIN -.-> role:membership:OWNER
|
|
||||||
role:membership:OWNER -.-> role:membership:ADMIN
|
role:membership:OWNER -.-> role:membership:ADMIN
|
||||||
role:membership.partnerRel:AGENT -.-> role:membership:ADMIN
|
role:membership.partnerRel:ADMIN -.-> role:membership:ADMIN
|
||||||
role:membership:ADMIN -.-> role:membership:REFERRER
|
role:membership:ADMIN -.-> role:membership:AGENT
|
||||||
role:membership:REFERRER -.-> role:membership.partnerRel:TENANT
|
role:membership.partnerRel:AGENT -.-> role:membership:AGENT
|
||||||
|
role:membership:AGENT -.-> role:membership.partnerRel:TENANT
|
||||||
|
|
||||||
%% granting permissions to roles
|
%% granting permissions to roles
|
||||||
role:membership:ADMIN ==> perm:coopSharesTransaction:INSERT
|
role:membership:ADMIN ==> perm:coopSharesTransaction:INSERT
|
||||||
role:membership:ADMIN ==> perm:coopSharesTransaction:UPDATE
|
role:membership:ADMIN ==> perm:coopSharesTransaction:UPDATE
|
||||||
role:membership:ADMIN ==> perm:coopSharesTransaction:SELECT
|
role:membership:AGENT ==> perm:coopSharesTransaction:SELECT
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|||||||
@ -38,7 +38,7 @@ begin
|
|||||||
SELECT * FROM hs_office_membership WHERE uuid = NEW.membershipUuid INTO newMembership;
|
SELECT * FROM hs_office_membership WHERE uuid = NEW.membershipUuid INTO newMembership;
|
||||||
assert newMembership.uuid is not null, format('newMembership must not be null for NEW.membershipUuid = %s', NEW.membershipUuid);
|
assert newMembership.uuid is not null, format('newMembership must not be null for NEW.membershipUuid = %s', NEW.membershipUuid);
|
||||||
|
|
||||||
call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeMembershipADMIN(newMembership));
|
call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeMembershipAGENT(newMembership));
|
||||||
call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeMembershipADMIN(newMembership));
|
call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeMembershipADMIN(newMembership));
|
||||||
|
|
||||||
call leaveTriggerForObjectUuid(NEW.uuid);
|
call leaveTriggerForObjectUuid(NEW.uuid);
|
||||||
|
|||||||
@ -54,7 +54,7 @@ subgraph membership["`**membership**`"]
|
|||||||
|
|
||||||
role:membership:OWNER[[membership:OWNER]]
|
role:membership:OWNER[[membership:OWNER]]
|
||||||
role:membership:ADMIN[[membership:ADMIN]]
|
role:membership:ADMIN[[membership:ADMIN]]
|
||||||
role:membership:REFERRER[[membership:REFERRER]]
|
role:membership:AGENT[[membership:AGENT]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -106,15 +106,15 @@ role:membership.partnerRel.contact:ADMIN -.-> role:membership.partnerRel:TENANT
|
|||||||
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.anchorPerson:REFERRER
|
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.anchorPerson:REFERRER
|
||||||
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.holderPerson:REFERRER
|
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.holderPerson:REFERRER
|
||||||
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.contact:REFERRER
|
role:membership.partnerRel:TENANT -.-> role:membership.partnerRel.contact:REFERRER
|
||||||
role:membership.partnerRel:ADMIN -.-> role:membership:OWNER
|
|
||||||
role:membership:OWNER -.-> role:membership:ADMIN
|
role:membership:OWNER -.-> role:membership:ADMIN
|
||||||
role:membership.partnerRel:AGENT -.-> role:membership:ADMIN
|
role:membership.partnerRel:ADMIN -.-> role:membership:ADMIN
|
||||||
role:membership:ADMIN -.-> role:membership:REFERRER
|
role:membership:ADMIN -.-> role:membership:AGENT
|
||||||
role:membership:REFERRER -.-> role:membership.partnerRel:TENANT
|
role:membership.partnerRel:AGENT -.-> role:membership:AGENT
|
||||||
|
role:membership:AGENT -.-> role:membership.partnerRel:TENANT
|
||||||
|
|
||||||
%% granting permissions to roles
|
%% granting permissions to roles
|
||||||
role:membership:ADMIN ==> perm:coopAssetsTransaction:INSERT
|
role:membership:ADMIN ==> perm:coopAssetsTransaction:INSERT
|
||||||
role:membership:ADMIN ==> perm:coopAssetsTransaction:UPDATE
|
role:membership:ADMIN ==> perm:coopAssetsTransaction:UPDATE
|
||||||
role:membership:ADMIN ==> perm:coopAssetsTransaction:SELECT
|
role:membership:AGENT ==> perm:coopAssetsTransaction:SELECT
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|||||||
@ -38,7 +38,7 @@ begin
|
|||||||
SELECT * FROM hs_office_membership WHERE uuid = NEW.membershipUuid INTO newMembership;
|
SELECT * FROM hs_office_membership WHERE uuid = NEW.membershipUuid INTO newMembership;
|
||||||
assert newMembership.uuid is not null, format('newMembership must not be null for NEW.membershipUuid = %s', NEW.membershipUuid);
|
assert newMembership.uuid is not null, format('newMembership must not be null for NEW.membershipUuid = %s', NEW.membershipUuid);
|
||||||
|
|
||||||
call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeMembershipADMIN(newMembership));
|
call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeMembershipAGENT(newMembership));
|
||||||
call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeMembershipADMIN(newMembership));
|
call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeMembershipADMIN(newMembership));
|
||||||
|
|
||||||
call leaveTriggerForObjectUuid(NEW.uuid);
|
call leaveTriggerForObjectUuid(NEW.uuid);
|
||||||
|
|||||||
@ -6,7 +6,7 @@ import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantEntity;
|
|||||||
import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantRepository;
|
import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantRepository;
|
||||||
import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantsDiagramService;
|
import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantsDiagramService;
|
||||||
import net.hostsharing.hsadminng.rbac.rbacobject.RbacObject;
|
import net.hostsharing.hsadminng.rbac.rbacobject.RbacObject;
|
||||||
import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleRvEntity;
|
import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleEntity;
|
||||||
import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleRepository;
|
import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleRepository;
|
||||||
import net.hostsharing.test.JpaAttempt;
|
import net.hostsharing.test.JpaAttempt;
|
||||||
import org.jetbrains.annotations.NotNull;
|
import org.jetbrains.annotations.NotNull;
|
||||||
@ -255,7 +255,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
|
|||||||
return jpaAttempt.transacted(() -> {
|
return jpaAttempt.transacted(() -> {
|
||||||
context.define("superuser-alex@hostsharing.net", null);
|
context.define("superuser-alex@hostsharing.net", null);
|
||||||
return rbacRoleRepo.findAll().stream()
|
return rbacRoleRepo.findAll().stream()
|
||||||
.map(RbacRoleRvEntity::getRoleName)
|
.map(RbacRoleEntity::getRoleName)
|
||||||
.collect(toSet());
|
.collect(toSet());
|
||||||
}).assertSuccessful().returnedValue();
|
}).assertSuccessful().returnedValue();
|
||||||
}
|
}
|
||||||
|
|||||||
@ -175,21 +175,21 @@ class RbacRoleRepositoryIntegrationTest {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void exactlyTheseRbacRolesAreReturned(final List<RbacRoleRvEntity> actualResult, final String... expectedRoleNames) {
|
void exactlyTheseRbacRolesAreReturned(final List<RbacRoleEntity> actualResult, final String... expectedRoleNames) {
|
||||||
assertThat(actualResult)
|
assertThat(actualResult)
|
||||||
.extracting(RbacRoleRvEntity::getRoleName)
|
.extracting(RbacRoleEntity::getRoleName)
|
||||||
.containsExactlyInAnyOrder(expectedRoleNames);
|
.containsExactlyInAnyOrder(expectedRoleNames);
|
||||||
}
|
}
|
||||||
|
|
||||||
void allTheseRbacRolesAreReturned(final List<RbacRoleRvEntity> actualResult, final String... expectedRoleNames) {
|
void allTheseRbacRolesAreReturned(final List<RbacRoleEntity> actualResult, final String... expectedRoleNames) {
|
||||||
assertThat(actualResult)
|
assertThat(actualResult)
|
||||||
.extracting(RbacRoleRvEntity::getRoleName)
|
.extracting(RbacRoleEntity::getRoleName)
|
||||||
.contains(expectedRoleNames);
|
.contains(expectedRoleNames);
|
||||||
}
|
}
|
||||||
|
|
||||||
void noneOfTheseRbacRolesIsReturned(final List<RbacRoleRvEntity> actualResult, final String... unexpectedRoleNames) {
|
void noneOfTheseRbacRolesIsReturned(final List<RbacRoleEntity> actualResult, final String... unexpectedRoleNames) {
|
||||||
assertThat(actualResult)
|
assertThat(actualResult)
|
||||||
.extracting(RbacRoleRvEntity::getRoleName)
|
.extracting(RbacRoleEntity::getRoleName)
|
||||||
.doesNotContain(unexpectedRoleNames);
|
.doesNotContain(unexpectedRoleNames);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user