separated MockSecurityContext into SecurityContextMock+SecurityContextMock

This commit is contained in:
Michael Hoennig 2019-05-10 17:21:50 +02:00
parent 72e79e2134
commit a2b90b0a36
22 changed files with 236 additions and 179 deletions

View File

@ -4,7 +4,7 @@ package org.hostsharing.hsadminng.service.accessfilter;
import static com.google.common.base.Verify.verify;
import static com.google.common.collect.Sets.union;
import static java.util.Collections.EMPTY_SET;
import static org.thymeleaf.util.SetUtils.singletonSet;
import static java.util.Collections.emptySet;
import org.hostsharing.hsadminng.security.SecurityUtils;
import org.hostsharing.hsadminng.service.IdToDtoResolver;
@ -71,7 +71,7 @@ abstract class JSonAccessFilter<T> {
final Field parentIdField = determineFieldWithAnnotation(dto.getClass(), ParentId.class);
if (parentIdField == null) {
return singletonSet(Role.ANYBODY);
return emptySet();
}
final ParentId parentIdAnnot = parentIdField.getAnnotation(ParentId.class);
@ -88,12 +88,12 @@ abstract class JSonAccessFilter<T> {
private Set<Role> getLoginUserDirectRolesFor(final Class<?> dtoClass, final Long id) {
if (!SecurityUtils.isAuthenticated()) {
return singletonSet(Role.ANYBODY);
return emptySet();
}
final EntityTypeId entityTypeId = dtoClass.getAnnotation(EntityTypeId.class);
if (entityTypeId == null) {
return singletonSet(Role.ANYBODY); // TODO mhoennig: all of such singletonSets -> emptySet
return emptySet();
}
return userRoleAssignmentService.getEffectiveRoleOfCurrentUser(entityTypeId.value(), id);

View File

@ -160,13 +160,13 @@ public class JSonDeserializationWithAccessFilter<T> extends JSonAccessFilter<T>
if (!field.equals(parentIdField)) {
throw new BadRequestAlertException(
"Initialization of field " + toDisplay(field)
+ " prohibited for current user roles "
+ " prohibited for current user role(s): "
+ Joiner.on("+").join(roles),
toDisplay(field),
"initializationProhibited");
} else {
throw new BadRequestAlertException(
"Referencing field " + toDisplay(field) + " prohibited for current user roles "
"Referencing field " + toDisplay(field) + " prohibited for current user role(s): "
+ Joiner.on("+").join(roles),
toDisplay(field),
"referencingProhibited");
@ -174,7 +174,7 @@ public class JSonDeserializationWithAccessFilter<T> extends JSonAccessFilter<T>
}
} else if (!Role.toBeIgnoredForUpdates(field) && !isAllowedToUpdate(getLoginUserRoles(), field)) {
throw new BadRequestAlertException(
"Update of field " + toDisplay(field) + " prohibited for current user roles "
"Update of field " + toDisplay(field) + " prohibited for current user role(s): "
+ Joiner.on("+").join(roles),
toDisplay(field),
"updateProhibited");

View File

@ -86,7 +86,7 @@ public class JSonSerializationWithAccessFilter<T> extends JSonAccessFilter<T> {
return true;
}
}
return false;
return Role.ANYBODY.isAllowedToRead(field);
}
}

View File

@ -139,7 +139,7 @@ public enum Role {
* @return true if this role is independent of a target object, false otherwise.
*/
public boolean isIndependent() {
return this != NOBODY && covers(Role.SUPPORTER);
return this != NOBODY && (this == ANYBODY || covers(Role.SUPPORTER));
}
/**

View File

@ -7,8 +7,8 @@ import static org.mockito.BDDMockito.given;
import org.hostsharing.hsadminng.domain.UserRoleAssignment;
import org.hostsharing.hsadminng.repository.UserRoleAssignmentRepository;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextFake;
import com.google.common.base.VerifyException;
@ -45,7 +45,7 @@ public class UserRoleAssignmentServiceUnitTest {
@Test
public void getEffectiveRoleOfCurrentUserReturnsEmptySetIfUserAuthenticatedButNoRolesAssigned() {
// given
new MockSecurityContext().havingAuthenticatedUser();
SecurityContextFake.havingAuthenticatedUser();
// when
final Set<Role> actual = userRoleAssignmentService.getEffectiveRoleOfCurrentUser("test.Something", 1L);
@ -58,7 +58,7 @@ public class UserRoleAssignmentServiceUnitTest {
public void getEffectiveRoleOfCurrentUserReturnsExactlyAssignedRoles() {
// given
final String givenUserLogin = "someUser";
new MockSecurityContext().havingAuthenticatedUser(givenUserLogin);
SecurityContextFake.havingAuthenticatedUser(givenUserLogin);
final long givenEntityObjectId = 2L;
final String givenEntityTypeId = "test.Something";
given(userRoleAssignmentRepository.findByLogin(givenUserLogin)).willReturn(

View File

@ -8,6 +8,7 @@ import static org.hostsharing.hsadminng.service.accessfilter.JSonAccessFilterTes
import static org.hostsharing.hsadminng.service.accessfilter.JSonBuilder.asJSon;
import static org.mockito.BDDMockito.given;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException;
@ -71,13 +72,13 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Mock
private GivenCustomerService givenCustomerService;
private MockSecurityContext givenSecurityContext;
private SecurityContextMock securityContext;
@Before
public void init() {
givenSecurityContext = new MockSecurityContext(userRoleAssignmentService);
givenSecurityContext.havingAuthenticatedUser().withRole(GivenDto.class, 1234L, Role.ACTUAL_CUSTOMER_USER);
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withRole(GivenDto.class, 1234L, Role.ACTUAL_CUSTOMER_USER);
given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory);
given(autowireCapableBeanFactory.createBean(GivenService.class)).willReturn(givenService);
@ -261,7 +262,8 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Test
public void shouldDeserializeStringFieldIfRequiredRoleIsCoveredByUser() throws IOException {
// given
givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT);
givenJSonTree(
asJSon(
ImmutablePair.of("id", 1234L),
@ -283,7 +285,8 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Test
public void shouldDeserializeUnchangedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT);
givenJSonTree(
asJSon(
ImmutablePair.of("id", 1234L),
@ -305,7 +308,8 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Test
public void shouldNotDeserializeUpatedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
givenJSonTree(
asJSon(
ImmutablePair.of("customerId", 888L),
@ -330,7 +334,8 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Test
public void shouldInitializeFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
givenJSonTree(
asJSon(
ImmutablePair.of("customerId", 888L),
@ -355,7 +360,8 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Test
public void shouldNotCreateIfRoleRequiredByParentEntityIsNotCoveredByUser() throws IOException {
// given
givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 9999L, Role.CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 9999L, Role.CONTRACTUAL_CONTACT);
givenJSonTree(
asJSon(
ImmutablePair.of("parentId", 1234L)));
@ -379,7 +385,8 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Test
public void shouldCreateIfRoleRequiredByReferencedEntityIsCoveredByUser() throws IOException {
// given
givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.CONTRACTUAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.CONTRACTUAL_CONTACT);
givenJSonTree(
asJSon(
ImmutablePair.of("parentId", 1234L)));
@ -400,7 +407,8 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Test
public void shouldNotUpdateFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
// given
givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
securityContext.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER);
givenJSonTree(
asJSon(
ImmutablePair.of("id", 1234L),
@ -446,7 +454,7 @@ public class JSonDeserializationWithAccessFilterUnitTest {
@Test
public void shouldDetectUnknownFieldType() throws IOException {
// given
givenSecurityContext.havingAuthenticatedUser().withRole(Role.ADMIN);
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
givenJSonTree(asJSon(ImmutablePair.of("unknown", new Arbitrary())));
// when

View File

@ -45,13 +45,14 @@ public class JSonSerializationWithAccessFilterUnitTest {
@Mock
private GivenCustomerService givenCustomerService;
private MockSecurityContext securityContext;
private SecurityContextMock securityContext;
private final GivenDto givenDTO = createSampleDto();
@Before
public void init() {
securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser()
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withRole(GivenCustomerDto.class, 888L, Role.ANY_CUSTOMER_USER);
given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory);
@ -190,6 +191,7 @@ public class JSonSerializationWithAccessFilterUnitTest {
Arbitrary fieldWithUnimplementedType = new Arbitrary();
}
final GivenDtoWithUnimplementedFieldType givenDtoWithUnimplementedFieldType = new GivenDtoWithUnimplementedFieldType();
SecurityContextFake.havingAuthenticatedUser();
// when
final Throwable actual = catchThrowable(

View File

@ -1,96 +0,0 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.accessfilter;
import static org.assertj.core.api.Assumptions.assumeThat;
import static org.mockito.BDDMockito.given;
import org.hostsharing.hsadminng.security.SecurityUtils;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.mockito.Mockito;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
public class MockSecurityContext {
private final UserRoleAssignmentService userRoleAssignmentService;
private final Collection<GrantedAuthority> authorities;
// TODO mhoennig: refactor this ctor to method withMock(...) returning a subclass to avoid null checks
public MockSecurityContext(final UserRoleAssignmentService userRoleAssignmentService) {
this.userRoleAssignmentService = userRoleAssignmentService;
this.authorities = new ArrayList<>();
}
public MockSecurityContext() {
this(null);
}
public MockSecurityContext havingAuthenticatedUser() {
return havingAuthenticatedUser("dummyUser");
}
public MockSecurityContext havingAuthenticatedUser(final String login) {
SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
securityContext.setAuthentication(new UsernamePasswordAuthenticationToken(login, "dummyPassword") {
@Override
public Collection<GrantedAuthority> getAuthorities() {
return authorities;
}
});
SecurityContextHolder.setContext(securityContext);
assumeThat(SecurityUtils.getCurrentUserLogin()).hasValue(login);
if (userRoleAssignmentService != null) {
Mockito.reset(userRoleAssignmentService);
}
authorities.clear();
return this;
}
public MockSecurityContext withRole(final Class<?> onClass, final Long onId, final Role... roles) {
if (userRoleAssignmentService == null) {
throw new IllegalStateException("mock not registered for: " + UserRoleAssignmentService.class.getSimpleName());
}
final EntityTypeId entityTypeId = onClass.getAnnotation(EntityTypeId.class);
assumeThat(entityTypeId).as("@" + EntityTypeId.class.getSimpleName() + " missing on class " + onClass.toString())
.isNotNull();
given(userRoleAssignmentService.getEffectiveRoleOfCurrentUser(entityTypeId.value(), onId))
.willReturn(new HashSet(Arrays.asList(roles)));
return this;
}
public MockSecurityContext withRole(final Role role) {
authorities.add(new GrantedAuthority() {
@Override
public String getAuthority() {
return role.asAuthority();
}
});
return this;
}
private static class FakePrincipal {
private final String username;
public FakePrincipal(final String username) {
this.username = username;
}
@Override
public String toString() {
return username;
}
}
}

View File

@ -95,6 +95,22 @@ public class RoleUnitTest {
assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny((Role[]) null))).isInstanceOf(VerifyException.class);
}
@Test
public void isNdependend() {
assertThat(Role.NOBODY.isIndependent()).isFalse();
assertThat(Role.HOSTMASTER.isIndependent()).isTrue();
assertThat(Role.ADMIN.isIndependent()).isTrue();
assertThat(Role.SUPPORTER.isIndependent()).isTrue();
assertThat(Role.CONTRACTUAL_CONTACT.isIndependent()).isFalse();
assertThat(Role.FINANCIAL_CONTACT.isIndependent()).isFalse();
assertThat(Role.ACTUAL_CUSTOMER_USER.isIndependent()).isFalse();
assertThat(Role.ANY_CUSTOMER_USER.isIndependent()).isFalse();
assertThat(Role.ANYBODY.isIndependent()).isTrue();
}
@Test
public void isIgnored() {
for (Role role : Role.values()) {

View File

@ -0,0 +1,57 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.accessfilter;
import static org.assertj.core.api.Assumptions.assumeThat;
import org.hostsharing.hsadminng.security.SecurityUtils;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import java.util.ArrayList;
import java.util.Collection;
abstract class SecurityContextDouble<T extends SecurityContextDouble> {
private final Collection<GrantedAuthority> authorities = new ArrayList<>();
protected SecurityContextDouble() {
}
protected SecurityContextDouble withAuthenticatedUser(final String login) {
SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
securityContext.setAuthentication(new UsernamePasswordAuthenticationToken(login, "dummyPassword") {
@Override
public Collection<GrantedAuthority> getAuthorities() {
return authorities;
}
});
SecurityContextHolder.setContext(securityContext);
assumeThat(SecurityUtils.getCurrentUserLogin()).hasValue(login);
return this;
}
public T withAuthority(final String authority) {
authorities.add((GrantedAuthority) () -> authority);
return (T) this;
}
private static class FakePrincipal {
private final String username;
public FakePrincipal(final String username) {
this.username = username;
}
@Override
public String toString() {
return username;
}
}
}

View File

@ -0,0 +1,18 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.accessfilter;
public class SecurityContextFake extends SecurityContextDouble<SecurityContextFake> {
public static SecurityContextFake havingAuthenticatedUser() {
return havingAuthenticatedUser("dummyUser");
}
public static SecurityContextFake havingAuthenticatedUser(final String login) {
final SecurityContextFake securityContext = new SecurityContextFake();
securityContext.withAuthenticatedUser(login);
return securityContext;
}
protected SecurityContextFake() {
}
}

View File

@ -0,0 +1,47 @@
// Licensed under Apache-2.0
package org.hostsharing.hsadminng.service.accessfilter;
import static org.assertj.core.api.Assumptions.assumeThat;
import static org.mockito.BDDMockito.given;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.mockito.Mockito;
import java.util.Arrays;
import java.util.HashSet;
public class SecurityContextMock extends SecurityContextDouble<SecurityContextMock> {
private final UserRoleAssignmentService userRoleAssignmentService;
public static SecurityContextMock usingMock(final UserRoleAssignmentService userRoleAssignmentService) {
return new SecurityContextMock(userRoleAssignmentService);
}
public SecurityContextMock(final UserRoleAssignmentService userRoleAssignmentService) {
this.userRoleAssignmentService = userRoleAssignmentService;
}
public SecurityContextMock havingAuthenticatedUser() {
return havingAuthenticatedUser("dummyUser");
}
public SecurityContextMock havingAuthenticatedUser(final String login) {
super.withAuthenticatedUser(login);
Mockito.reset(userRoleAssignmentService);
return this;
}
public SecurityContextMock withRole(final Class<?> onClass, final long onId, final Role... roles) {
if (userRoleAssignmentService == null) {
throw new IllegalStateException("mock not registered for: " + UserRoleAssignmentService.class.getSimpleName());
}
final EntityTypeId entityTypeId = onClass.getAnnotation(EntityTypeId.class);
assumeThat(entityTypeId).as("@" + EntityTypeId.class.getSimpleName() + " missing on class " + onClass.toString())
.isNotNull();
given(userRoleAssignmentService.getEffectiveRoleOfCurrentUser(entityTypeId.value(), onId))
.willReturn(new HashSet(Arrays.asList(roles)));
return this;
}
}

View File

@ -13,13 +13,14 @@ import org.hostsharing.hsadminng.domain.enumeration.AssetAction;
import org.hostsharing.hsadminng.repository.AssetRepository;
import org.hostsharing.hsadminng.repository.CustomerRepository;
import org.hostsharing.hsadminng.repository.MembershipRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.AssetService;
import org.hostsharing.hsadminng.service.AssetValidator;
import org.hostsharing.hsadminng.service.MembershipValidator;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.mapper.AssetMapper;
import org.hostsharing.hsadminng.service.mapper.AssetMapperImpl;
import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl;
@ -113,22 +114,23 @@ public class AssetDTOIntTest {
@MockBean
private UserRoleAssignmentService userRoleAssignmentService;
private MockSecurityContext securityContext;
private SecurityContextMock securityContext;
@Before
public void init() {
given(customerRepository.findById(SOME_CUSTOMER_ID)).willReturn(Optional.of(SOME_CUSTOMER));
given(membershipRepository.findById(SOME_MEMBERSHIP_ID)).willReturn(Optional.of(SOME_MEMBERSHIP));
given(assetRepository.findById(SOME_ASSET_ID)).willReturn((Optional.of(SOME_ASSET)));
securityContext = new MockSecurityContext(userRoleAssignmentService);
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService);
}
@Test
public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT);
final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID);
// when
@ -143,7 +145,7 @@ public class AssetDTOIntTest {
public void shouldSerializeCompletelyForSupporter() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(Role.SUPPORTER);
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER);
final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID);
// when
@ -170,13 +172,13 @@ public class AssetDTOIntTest {
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage())
.isEqualTo(
"Update of field AssetDTO.remark prohibited for current user roles CONTRACTUAL_CONTACT+ANYBODY"));
"Update of field AssetDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
}
@Test
public void shouldDeserializeForAdminIfRemarkIsChanged() throws IOException {
// given
securityContext.havingAuthenticatedUser().withRole(Role.ADMIN);
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_ASSET_ID)
.withFieldValue("remark", "Updated Remark")

View File

@ -9,11 +9,12 @@ import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.enumeration.CustomerKind;
import org.hostsharing.hsadminng.domain.enumeration.VatRegion;
import org.hostsharing.hsadminng.repository.CustomerRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.CustomerService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.mapper.CustomerMapper;
import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl;
@ -64,11 +65,11 @@ public class CustomerDTOUnitTest {
@MockBean
private UserRoleAssignmentService userRoleAssignmentService;
private MockSecurityContext securityContext;
private SecurityContextMock securityContext;
@Before
public void init() {
securityContext = new MockSecurityContext(userRoleAssignmentService);
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService);
}
@Test
@ -111,7 +112,7 @@ public class CustomerDTOUnitTest {
public void testSerializationAsSupporter() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(Role.SUPPORTER);
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER);
CustomerDTO given = createSomeCustomerDTO(1234L);
// when

View File

@ -6,12 +6,13 @@ import static org.assertj.core.api.Assertions.catchThrowable;
import static org.hostsharing.hsadminng.service.accessfilter.JSonBuilder.asJSon;
import static org.mockito.BDDMockito.given;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.CustomerService;
import org.hostsharing.hsadminng.service.MembershipService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonDeserializationWithAccessFilter;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException;
import com.fasterxml.jackson.core.JsonParser;
@ -61,7 +62,7 @@ public class MembershipDTOUnitTest {
@Mock
private CustomerService customerService;
private MockSecurityContext securityContext;
private SecurityContextMock securityContext;
@Before
public void init() {
@ -75,12 +76,12 @@ public class MembershipDTOUnitTest {
new CustomerDTO()
.with(dto -> dto.setId(1234L))));
securityContext = new MockSecurityContext(userRoleAssignmentService);
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService);
}
@Test
public void adminShouldHaveRightToCreate() throws IOException {
securityContext.havingAuthenticatedUser().withRole(Role.ADMIN);
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
givenJSonTree(asJSon(ImmutablePair.of("customerId", 1234L)));
// when

View File

@ -12,12 +12,13 @@ import org.hostsharing.hsadminng.domain.SepaMandate;
import org.hostsharing.hsadminng.repository.CustomerRepository;
import org.hostsharing.hsadminng.repository.MembershipRepository;
import org.hostsharing.hsadminng.repository.SepaMandateRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.MembershipValidator;
import org.hostsharing.hsadminng.service.SepaMandateService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl;
import org.hostsharing.hsadminng.service.mapper.MembershipMapperImpl;
import org.hostsharing.hsadminng.service.mapper.SepaMandateMapper;
@ -101,14 +102,14 @@ public class SepaMandateDTOIntTest {
@MockBean
public UserRoleAssignmentService userRoleAssignmentService;
private MockSecurityContext securityContext;
private SecurityContextMock securityContext;
@Before
public void init() {
given(customerRepository.findById(SOME_CUSTOMER_ID)).willReturn(Optional.of(SOME_CUSTOMER));
given(sepaMandateRepository.findById(SOME_SEPA_MANDATE_ID)).willReturn((Optional.of(SOME_SEPA_MANDATE)));
securityContext = new MockSecurityContext(userRoleAssignmentService);
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService);
}
@Test
@ -130,7 +131,7 @@ public class SepaMandateDTOIntTest {
public void shouldSerializeCompletelyForSupporter() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(Role.SUPPORTER);
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER);
final SepaMandateDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID);
// when
@ -156,13 +157,13 @@ public class SepaMandateDTOIntTest {
assertThat(actual).isInstanceOfSatisfying(
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage()).isEqualTo(
"Update of field SepaMandateDTO.remark prohibited for current user roles CONTRACTUAL_CONTACT+ANYBODY"));
"Update of field SepaMandateDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
}
@Test
public void shouldDeserializeForAdminIfRemarkIsChanged() throws IOException {
// given
securityContext.havingAuthenticatedUser().withRole(Role.ADMIN);
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_SEPA_MANDATE_ID)
.withFieldValue("remark", "Updated Remark")

View File

@ -13,13 +13,14 @@ import org.hostsharing.hsadminng.domain.enumeration.ShareAction;
import org.hostsharing.hsadminng.repository.CustomerRepository;
import org.hostsharing.hsadminng.repository.MembershipRepository;
import org.hostsharing.hsadminng.repository.ShareRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.MembershipValidator;
import org.hostsharing.hsadminng.service.ShareService;
import org.hostsharing.hsadminng.service.ShareValidator;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl;
import org.hostsharing.hsadminng.service.mapper.MembershipMapperImpl;
import org.hostsharing.hsadminng.service.mapper.ShareMapper;
@ -112,7 +113,7 @@ public class ShareDTOIntTest {
@MockBean
private UserRoleAssignmentService userRoleAssignmentService;
private MockSecurityContext securityContext;
private SecurityContextMock securityContext;
@Before
public void init() {
@ -120,7 +121,7 @@ public class ShareDTOIntTest {
given(membershipRepository.findById(SOME_MEMBERSHIP_ID)).willReturn(Optional.of(SOME_MEMBERSHIP));
given(shareRepository.findById(SOME_SHARE_ID)).willReturn((Optional.of(SOME_SHARE)));
securityContext = new MockSecurityContext(userRoleAssignmentService);
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService);
}
@Test
@ -142,7 +143,7 @@ public class ShareDTOIntTest {
public void shouldSerializeCompletelyForSupporter() throws JsonProcessingException {
// given
securityContext.havingAuthenticatedUser().withRole(Role.SUPPORTER);
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER);
final ShareDTO given = createSomeShareDTO(SOME_SHARE_ID);
// when
@ -169,13 +170,13 @@ public class ShareDTOIntTest {
BadRequestAlertException.class,
bre -> assertThat(bre.getMessage())
.isEqualTo(
"Update of field ShareDTO.remark prohibited for current user roles CONTRACTUAL_CONTACT+ANYBODY"));
"Update of field ShareDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT"));
}
@Test
public void shouldDeserializeForAdminIfRemarkIsChanged() throws IOException {
// given
securityContext.havingAuthenticatedUser().withRole(Role.ADMIN);
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
final String json = new JSonBuilder()
.withFieldValue("id", SOME_SHARE_ID)
.withFieldValue("remark", "Updated Remark")

View File

@ -12,11 +12,11 @@ import org.hostsharing.hsadminng.domain.Asset;
import org.hostsharing.hsadminng.domain.Membership;
import org.hostsharing.hsadminng.domain.enumeration.AssetAction;
import org.hostsharing.hsadminng.repository.AssetRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.AssetQueryService;
import org.hostsharing.hsadminng.service.AssetService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.dto.AssetDTO;
import org.hostsharing.hsadminng.service.mapper.AssetMapper;
import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator;
@ -99,15 +99,15 @@ public class AssetResourceIntTest {
@MockBean
private UserRoleAssignmentService userRoleAssignmentService;
private MockSecurityContext securityContext;
private MockMvc restAssetMockMvc;
private Asset asset;
@Before
public void setup() {
securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN);
SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withAuthority(AuthoritiesConstants.ADMIN);
MockitoAnnotations.initMocks(this);
final AssetResource assetResource = new AssetResource(assetService, assetQueryService);

View File

@ -14,11 +14,11 @@ import org.hostsharing.hsadminng.domain.SepaMandate;
import org.hostsharing.hsadminng.domain.enumeration.CustomerKind;
import org.hostsharing.hsadminng.domain.enumeration.VatRegion;
import org.hostsharing.hsadminng.repository.CustomerRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.CustomerQueryService;
import org.hostsharing.hsadminng.service.CustomerService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.dto.CustomerDTO;
import org.hostsharing.hsadminng.service.mapper.CustomerMapper;
import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator;
@ -144,8 +144,6 @@ public class CustomerResourceIntTest {
@MockBean
private UserRoleAssignmentService userRoleAssignmentService;
private MockSecurityContext securityContext;
private MockMvc restCustomerMockMvc;
private Customer customer;
@ -153,7 +151,9 @@ public class CustomerResourceIntTest {
@Before
public void setup() {
MockitoAnnotations.initMocks(this);
securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN);
SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withAuthority(AuthoritiesConstants.ADMIN);
final CustomerResource customerResource = new CustomerResource(customerService, customerQueryService);
this.restCustomerMockMvc = MockMvcBuilders.standaloneSetup(customerResource)

View File

@ -13,11 +13,11 @@ import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.Membership;
import org.hostsharing.hsadminng.domain.Share;
import org.hostsharing.hsadminng.repository.MembershipRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.MembershipQueryService;
import org.hostsharing.hsadminng.service.MembershipService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.dto.MembershipDTO;
import org.hostsharing.hsadminng.service.mapper.MembershipMapper;
import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator;
@ -105,7 +105,7 @@ public class MembershipResourceIntTest {
@MockBean
private UserRoleAssignmentService userRoleAssignmentService;
private MockSecurityContext securityContext;
private SecurityContextMock securityContext;
private MockMvc restMembershipMockMvc;
@ -113,7 +113,9 @@ public class MembershipResourceIntTest {
@Before
public void setup() {
securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN);
securityContext = SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withAuthority(AuthoritiesConstants.ADMIN);
MockitoAnnotations.initMocks(this);
final MembershipResource membershipResource = new MembershipResource(membershipService, membershipQueryService);

View File

@ -11,12 +11,11 @@ import org.hostsharing.hsadminng.HsadminNgApp;
import org.hostsharing.hsadminng.domain.Customer;
import org.hostsharing.hsadminng.domain.SepaMandate;
import org.hostsharing.hsadminng.repository.SepaMandateRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.SepaMandateQueryService;
import org.hostsharing.hsadminng.service.SepaMandateService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.dto.CustomerDTO;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.dto.SepaMandateDTO;
import org.hostsharing.hsadminng.service.mapper.SepaMandateMapper;
import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator;
@ -109,15 +108,15 @@ public class SepaMandateResourceIntTest {
@MockBean
private UserRoleAssignmentService userRoleAssignmentService;
private MockSecurityContext securityContext;
private MockMvc restSepaMandateMockMvc;
private SepaMandate sepaMandate;
@Before
public void setup() {
securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN);
SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withAuthority(AuthoritiesConstants.ADMIN);
MockitoAnnotations.initMocks(this);
final SepaMandateResource sepaMandateResource = new SepaMandateResource(sepaMandateService, sepaMandateQueryService);
@ -132,7 +131,7 @@ public class SepaMandateResourceIntTest {
/**
* Create an entity for this test.
*
* <p>
* This is a static method, as tests for other entities might also need it,
* if they test an entity which requires the current entity.
*/
@ -157,7 +156,7 @@ public class SepaMandateResourceIntTest {
/**
* Create an entity for tests with a specific customer.
*
* <p>
* This is a static method, as tests for other entities might also need it,
* if they test an entity which requires the current entity.
*/
@ -193,8 +192,6 @@ public class SepaMandateResourceIntTest {
sepaMandateDTO.setRemark(null);
sepaMandateDTO.setRevokationDocumentDate(null);
sepaMandateDTO.setLastUsedDate(null);
securityContext.havingAuthenticatedUser()
.withRole(CustomerDTO.class, sepaMandateDTO.getCustomerId(), Role.FINANCIAL_CONTACT);
restSepaMandateMockMvc.perform(
post("/api/sepa-mandates")

View File

@ -12,11 +12,11 @@ import org.hostsharing.hsadminng.domain.Membership;
import org.hostsharing.hsadminng.domain.Share;
import org.hostsharing.hsadminng.domain.enumeration.ShareAction;
import org.hostsharing.hsadminng.repository.ShareRepository;
import org.hostsharing.hsadminng.security.AuthoritiesConstants;
import org.hostsharing.hsadminng.service.ShareQueryService;
import org.hostsharing.hsadminng.service.ShareService;
import org.hostsharing.hsadminng.service.UserRoleAssignmentService;
import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext;
import org.hostsharing.hsadminng.service.accessfilter.Role;
import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock;
import org.hostsharing.hsadminng.service.dto.ShareDTO;
import org.hostsharing.hsadminng.service.mapper.ShareMapper;
import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator;
@ -97,15 +97,15 @@ public class ShareResourceIntTest {
@MockBean
private UserRoleAssignmentService userRoleAssignmentService;
private MockSecurityContext securityContext;
private MockMvc restShareMockMvc;
private Share share;
@Before
public void setup() {
securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN);
SecurityContextMock.usingMock(userRoleAssignmentService)
.havingAuthenticatedUser()
.withAuthority(AuthoritiesConstants.ADMIN);
MockitoAnnotations.initMocks(this);
final ShareResource shareResource = new ShareResource(shareService, shareQueryService);