From da793ee546a9ecddb68de8fa80f5d35cb42021c4 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Tue, 6 Sep 2022 13:48:30 +0200 Subject: [PATCH] refactor to only a single global admin object global#global.admin --- README.md | 8 +- sql/28-hs-tests.sql | 12 +-- sql/rbac-tests.sql | 6 +- sql/rbac-view-option-experiments.sql | 4 +- .../db/changelog/080-rbac-global.sql | 86 ++++++++++++++++++- .../resources/db/changelog/100-test-base.sql | 83 ------------------ .../db/changelog/113-test-customer-rbac.sql | 8 +- .../changelog/118-test-customer-test-data.sql | 2 +- .../resources/db/changelog/200-hs-base.sql | 83 ------------------ .../db/changelog/db.changelog-master.yaml | 2 - .../context/ContextIntegrationTests.java | 10 +-- ...AdminPartnerRepositoryIntegrationTest.java | 10 +-- .../RbacGrantControllerAcceptanceTest.java | 22 ++--- .../RbacGrantRepositoryIntegrationTest.java | 2 +- .../RbacRoleControllerAcceptanceTest.java | 10 +-- .../rbacrole/RbacRoleControllerRestTest.java | 4 +- .../RbacRoleRepositoryIntegrationTest.java | 12 +-- .../hsadminng/rbac/rbacrole/TestRbacRole.java | 2 +- .../RbacUserControllerAcceptanceTest.java | 36 ++++---- .../RbacUserRepositoryIntegrationTest.java | 24 +++--- .../TestCustomerControllerAcceptanceTest.java | 28 +++--- ...TestCustomerRepositoryIntegrationTest.java | 20 ++--- .../TestPackageControllerAcceptanceTest.java | 14 +-- .../TestPackageRepositoryIntegrationTest.java | 18 ++-- 24 files changed, 211 insertions(+), 295 deletions(-) delete mode 100644 src/main/resources/db/changelog/100-test-base.sql delete mode 100644 src/main/resources/db/changelog/200-hs-base.sql diff --git a/README.md b/README.md index aeeb960c..f443f344 100644 --- a/README.md +++ b/README.md @@ -65,21 +65,21 @@ If you have at least Docker, the Java JDK and Gradle installed in appropriate ve # the following command should return a JSON array with just all customers: curl \ - -H 'current-user: mike@example.org' \ + -H 'current-user: alex@hostsharing.net' \ http://localhost:8080/api/test/customers # the following command should return a JSON array with just all packages visible for the admin of the customer yyy: curl \ - -H 'current-user: mike@example.org' -H 'assumed-roles: test_customer#yyy.admin' \ + -H 'current-user: alex@hostsharing.net' -H 'assumed-roles: test_customer#yyy.admin' \ http://localhost:8080/api/test/packages # add a new customer curl \ - -H 'current-user: mike@example.org' -H "Content-Type: application/json" \ + -H 'current-user: alex@hostsharing.net' -H "Content-Type: application/json" \ -d '{ "prefix":"ttt", "reference":80001, "adminUserName":"admin@ttt.example.com" }' \ -X POST http://localhost:8080/api/test/customers -If you wonder who 'mike@example.org' and 'sven@example.org' are and where the data comes from: +If you wonder who 'alex@hostsharing.net' and 'fran@hostsharing.net' are and where the data comes from: Mike and Sven are just example global admin accounts as part of the example data which is automatically inserted in Testcontainers and Development environments. Also try for example 'admin@xxx.example.com' or 'unknown@example.org'. diff --git a/sql/28-hs-tests.sql b/sql/28-hs-tests.sql index e11dd526..3e10c2f5 100644 --- a/sql/28-hs-tests.sql +++ b/sql/28-hs-tests.sql @@ -17,7 +17,7 @@ BEGIN -- hostmaster accessing a single customer SET SESSION SESSION AUTHORIZATION restricted; - SET LOCAL hsadminng.currentUser = 'mike@example.org'; + SET LOCAL hsadminng.currentUser = 'alex@hostsharing.net'; SET LOCAL hsadminng.assumedRoles = ''; -- SELECT * SELECT count(*) INTO resultCount @@ -27,7 +27,7 @@ BEGIN -- hostmaster listing all customers SET SESSION SESSION AUTHORIZATION restricted; - SET LOCAL hsadminng.currentUser = 'mike@example.org'; + SET LOCAL hsadminng.currentUser = 'alex@hostsharing.net'; SET LOCAL hsadminng.assumedRoles = ''; -- SELECT * SELECT count(*) INTO resultCount @@ -54,7 +54,7 @@ BEGIN -- hostsharing admin assuming customer role and listing all accessible packages SET SESSION SESSION AUTHORIZATION restricted; - SET LOCAL hsadminng.currentUser = 'mike@example.org'; + SET LOCAL hsadminng.currentUser = 'alex@hostsharing.net'; SET LOCAL hsadminng.assumedRoles = 'test_customer#aaa.admin;test_customer#aab.admin'; -- SELECT * SELECT count(*) INTO resultCount @@ -63,7 +63,7 @@ BEGIN -- hostsharing admin assuming two customer admin roles and listing all accessible domains SET SESSION SESSION AUTHORIZATION restricted; - SET LOCAL hsadminng.currentUser = 'mike@example.org'; + SET LOCAL hsadminng.currentUser = 'alex@hostsharing.net'; SET LOCAL hsadminng.assumedRoles = 'test_customer#aab.admin;test_customer#aac.admin'; -- SELECT c.prefix, c.reference, uu.* SELECT count(*) INTO resultCount @@ -75,7 +75,7 @@ BEGIN -- hostsharing admin assuming two customer admin roles and listing all accessible domains -- ABORT; START TRANSACTION; SET SESSION SESSION AUTHORIZATION restricted; - SET LOCAL hsadminng.currentUser = 'mike@example.org'; + SET LOCAL hsadminng.currentUser = 'alex@hostsharing.net'; SET LOCAL hsadminng.assumedRoles = 'test_customer#aac.admin;test_customer#aad.admin'; -- SELECT p.name, uu.name, dom.name SELECT count(*) INTO resultCount @@ -88,7 +88,7 @@ BEGIN -- hostsharing admin assuming two customer admin roles and listing all accessible email addresses -- ABORT; START TRANSACTION; SET SESSION SESSION AUTHORIZATION restricted; - SET LOCAL hsadminng.currentUser = 'mike@example.org'; + SET LOCAL hsadminng.currentUser = 'alex@hostsharing.net'; SET LOCAL hsadminng.assumedRoles = 'test_customer#aae.admin;test_customer#aaf.admin'; -- SELECT c.prefix, p.name as "package", ema.localPart || '@' || dom.name as "email-address" SELECT count(*) INTO resultCount diff --git a/sql/rbac-tests.sql b/sql/rbac-tests.sql index 8d78bab8..c9c6fa9f 100644 --- a/sql/rbac-tests.sql +++ b/sql/rbac-tests.sql @@ -9,10 +9,10 @@ select isGranted(findRoleId('test_package#aaa00.owner'), findRoleId('administrat -- call grantRoleToRole(findRoleId('administrators'), findRoleId('test_package#aaa00.owner')); select count(*) -FROM queryAllPermissionsOfSubjectIdForObjectUuids(findRbacUser('sven@example.org'), +FROM queryAllPermissionsOfSubjectIdForObjectUuids(findRbacUser('fran@hostsharing.net'), ARRAY(select uuid from customer where reference < 1100000)); select count(*) -FROM queryAllPermissionsOfSubjectId(findRbacUser('sven@example.org')); +FROM queryAllPermissionsOfSubjectId(findRbacUser('fran@hostsharing.net')); select * FROM queryAllPermissionsOfSubjectId(findRbacUser('alex@example.com')); select * @@ -33,7 +33,7 @@ $$ userId uuid; result bool; BEGIN - userId = findRbacUser('mike@example.org'); + userId = findRbacUser('alex@hostsharing.net'); result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'add-package'), userId)); IF (result) THEN RAISE EXCEPTION 'expected permission NOT to be granted, but it is'; diff --git a/sql/rbac-view-option-experiments.sql b/sql/rbac-view-option-experiments.sql index 3cea0aee..47e93c48 100644 --- a/sql/rbac-view-option-experiments.sql +++ b/sql/rbac-view-option-experiments.sql @@ -38,7 +38,7 @@ CREATE OR REPLACE RULE "_RETURN" AS SELECT * FROM customer WHERE isPermissionGrantedToSubject(findPermissionId('test_customer', id, 'view'), currentUserUuid()); SELECT * from cust_view LIMIT 10; -select queryAllPermissionsOfSubjectId(findRbacUser('mike@example.org')); +select queryAllPermissionsOfSubjectId(findRbacUser('alex@hostsharing.net')); -- access control via view-rule with join to recursive permissions - really fast (38ms for 1 million rows) SET SESSION SESSION AUTHORIZATION DEFAULT; @@ -73,7 +73,7 @@ GRANT ALL PRIVILEGES ON cust_view TO restricted; SET SESSION SESSION AUTHORIZATION restricted; -- SET hsadminng.currentUser TO 'alex@example.com'; -SET hsadminng.currentUser TO 'mike@example.org'; +SET hsadminng.currentUser TO 'alex@hostsharing.net'; -- SET hsadminng.currentUser TO 'aaaaouq@example.com'; SELECT * from cust_view where reference=1144150; diff --git a/src/main/resources/db/changelog/080-rbac-global.sql b/src/main/resources/db/changelog/080-rbac-global.sql index 0d839ea7..531bf85c 100644 --- a/src/main/resources/db/changelog/080-rbac-global.sql +++ b/src/main/resources/db/changelog/080-rbac-global.sql @@ -16,7 +16,7 @@ create table Global uuid uuid primary key references RbacObject (uuid) on delete cascade, name varchar(63) unique ); --- create unique index Global_Singleton on Global ((0)); +create unique index Global_Singleton on Global ((0)); grant select on global to restricted; --// @@ -70,3 +70,87 @@ create or replace function globalIdNameByUuid(uuid uuid) select idName from global_iv iv where iv.uuid = globalIdNameByUuid.uuid; $$; --// + +--liquibase formatted sql + +-- ============================================================================ +--changeset rbac-global-PSEUDO-OBJECT:1 endDelimiter:--// +-- ---------------------------------------------------------------------------- + +/** + A single row to be referenced as a global object. + */ +begin transaction; +call defineContext('initializing table "global"', null, null, null); +insert + into RbacObject (objecttable) values ('global'); +insert + into Global (uuid, name) values ((select uuid from RbacObject where objectTable = 'global'), 'global'); +commit; +--// + + +-- ============================================================================ +--changeset rbac-global-ADMIN-ROLE:1 endDelimiter:--// +-- ---------------------------------------------------------------------------- +/* + A global administrator role. + */ +create or replace function globalAdmin() + returns RbacRoleDescriptor + returns null on null input + stable leakproof + language sql as $$ +select 'global', (select uuid from RbacObject where objectTable = 'global'), 'admin'::RbacRoleType; +$$; + +begin transaction; +call defineContext('creating global admin role', null, null, null); +select createRole(globalAdmin()); +commit; + +-- ============================================================================ +--changeset rbac-global-ADMIN-USERS:1 context:dev,tc endDelimiter:--// +-- ---------------------------------------------------------------------------- +/* + Create two users and assign both to the administrators role. + */ +do language plpgsql $$ + declare + admins uuid ; + begin + call defineContext('creating fake test-realm admin users', null, null, null); + + admins = findRoleId(globalAdmin()); + call grantRoleToUserUnchecked(admins, admins, createRbacUser('alex@hostsharing.net')); + call grantRoleToUserUnchecked(admins, admins, createRbacUser('fran@hostsharing.net')); + end; +$$; +--// + + +-- ============================================================================ +--changeset rbac-global-TEST:1 context:dev,tc runAlways:true endDelimiter:--// +-- ---------------------------------------------------------------------------- + +/* + Tests if currentUserUuid() can fetch the user from the session variable. + */ + +do language plpgsql $$ + declare + userName varchar; + begin + call defineContext('testing currentUserUuid', null, 'fran@hostsharing.net', null); + select userName from RbacUser where uuid = currentUserUuid() into userName; + if userName <> 'fran@hostsharing.net' then + raise exception 'setting or fetching initial currentUser failed, got: %', userName; + end if; + + call defineContext('testing currentUserUuid', null, 'alex@hostsharing.net', null); + select userName from RbacUser where uuid = currentUserUuid() into userName; + if userName = 'alex@hostsharing.net' then + raise exception 'currentUser should not change in one transaction, but did change, got: %', userName; + end if; + end; $$; +--// diff --git a/src/main/resources/db/changelog/100-test-base.sql b/src/main/resources/db/changelog/100-test-base.sql deleted file mode 100644 index 18b94cbf..00000000 --- a/src/main/resources/db/changelog/100-test-base.sql +++ /dev/null @@ -1,83 +0,0 @@ ---liquibase formatted sql - --- ============================================================================ ---changeset test-base-GLOBAL-OBJECT:1 endDelimiter:--// --- ---------------------------------------------------------------------------- - -/** - A single row to be referenced as a global object. - */ -begin transaction; - call defineContext('initializing table "global"', null, null, null); - insert - into RbacObject (objecttable) values ('global'); - insert - into Global (uuid, name) values ((select uuid from RbacObject where objectTable = 'global'), 'test-global'); -commit; ---// - - --- ============================================================================ ---changeset test-base-ADMIN-ROLE:1 endDelimiter:--// --- ---------------------------------------------------------------------------- -/* - A global administrator role. - */ -create or replace function testGlobalAdmin() -returns RbacRoleDescriptor -returns null on null input - stable leakproof - language sql as $$ -select 'global', (select uuid from RbacObject where objectTable = 'global'), 'admin'::RbacRoleType; -$$; - -begin transaction; - call defineContext('creating test-global admin role', null, null, null); - select createRole(testGlobalAdmin()); -commit; - --- ============================================================================ ---changeset test-base-ADMIN-USERS:1 context:dev,tc endDelimiter:--// --- ---------------------------------------------------------------------------- -/* - Create two users and assign both to the administrators role. - */ -do language plpgsql $$ - declare - admins uuid ; - begin - call defineContext('creating fake test-realm admin users', null, null, null); - - admins = findRoleId(testGlobalAdmin()); - call grantRoleToUserUnchecked(admins, admins, createRbacUser('mike@example.org')); - call grantRoleToUserUnchecked(admins, admins, createRbacUser('sven@example.org')); - end; -$$; ---// - - --- ============================================================================ ---changeset test-base-hostsharing-TEST:1 context:dev,tc runAlways:true endDelimiter:--// --- ---------------------------------------------------------------------------- - -/* - Tests if currentUserUuid() can fetch the user from the session variable. - */ - -do language plpgsql $$ - declare - userName varchar; - begin - call defineContext('testing currentUserUuid', null, 'sven@example.org', null); - select userName from RbacUser where uuid = currentUserUuid() into userName; - if userName <> 'sven@example.org' then - raise exception 'setting or fetching initial currentUser failed, got: %', userName; - end if; - - call defineContext('testing currentUserUuid', null, 'mike@example.org', null); - select userName from RbacUser where uuid = currentUserUuid() into userName; - if userName = 'mike@example.org' then - raise exception 'currentUser should not change in one transaction, but did change, got: %', userName; - end if; - end; $$; ---// diff --git a/src/main/resources/db/changelog/113-test-customer-rbac.sql b/src/main/resources/db/changelog/113-test-customer-rbac.sql index 89271586..3124883f 100644 --- a/src/main/resources/db/changelog/113-test-customer-rbac.sql +++ b/src/main/resources/db/changelog/113-test-customer-rbac.sql @@ -69,7 +69,7 @@ begin testCustomerOwnerUuid = createRole( testCustomerOwner(NEW), grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['*']), - beneathRole(testGlobalAdmin()) + beneathRole(globalAdmin()) ); -- the admin role for the customer's admins, who can view and add products @@ -78,7 +78,7 @@ begin grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['view', 'add-package']), -- NO auto assume for customer owner to avoid exploding permissions for administrators withUser(NEW.adminUserName, 'create'), -- implicitly ignored if null - grantedByRole(testGlobalAdmin()) + grantedByRole(globalAdmin()) ); -- allow the customer owner role (thus administrators) to assume the customer admin role @@ -208,7 +208,7 @@ do language plpgsql $$ begin call defineContext('granting global add-customer permission to global admin role', null, null, null); - globalAdminRoleUuid := findRoleId(testGlobalAdmin()); + globalAdminRoleUuid := findRoleId(globalAdmin()); globalObjectUuid := (select uuid from global); addCustomerPermissions := createPermissions(globalObjectUuid, array ['add-customer']); call grantPermissionsToRole(globalAdminRoleUuid, addCustomerPermissions); @@ -234,7 +234,7 @@ create trigger test_customer_insert_trigger before insert on test_customer for each row - when ( currentUser() <> 'mike@example.org' or not hasGlobalPermission('add-customer') ) + when ( currentUser() <> 'alex@hostsharing.net' or not hasGlobalPermission('add-customer') ) execute procedure addTestCustomerNotAllowedForCurrentSubjects(); --// diff --git a/src/main/resources/db/changelog/118-test-customer-test-data.sql b/src/main/resources/db/changelog/118-test-customer-test-data.sql index 1960fc5c..ff8d1ac7 100644 --- a/src/main/resources/db/changelog/118-test-customer-test-data.sql +++ b/src/main/resources/db/changelog/118-test-customer-test-data.sql @@ -30,7 +30,7 @@ declare custAdminName varchar; begin currentTask = 'creating RBAC test customer #' || custReference || '/' || custPrefix; - call defineContext(currentTask, null, 'mike@example.org', 'global#test-global.admin'); + call defineContext(currentTask, null, 'alex@hostsharing.net', 'global#global.admin'); execute format('set local hsadminng.currentTask to %L', currentTask); custRowId = uuid_generate_v4(); diff --git a/src/main/resources/db/changelog/200-hs-base.sql b/src/main/resources/db/changelog/200-hs-base.sql deleted file mode 100644 index ac0f252d..00000000 --- a/src/main/resources/db/changelog/200-hs-base.sql +++ /dev/null @@ -1,83 +0,0 @@ ---liquibase formatted sql - --- ============================================================================ ---changeset hs-base-GLOBAL-OBJECT:1 endDelimiter:--// --- ---------------------------------------------------------------------------- - -/** - A single row to be referenced as a global object. - */ -begin transaction; - call defineContext('initializing table "global"', null, null, null); - insert - into RbacObject (objecttable) values ('global'); - insert - into Global (uuid, name) values ((select uuid from RbacObject where objectTable = 'global'), 'hostsharing'); -commit; ---// - - --- ============================================================================ ---changeset hs-base-ADMIN-ROLE:1 endDelimiter:--// --- ---------------------------------------------------------------------------- -/* - A global administrator role. - */ -create or replace function hsHostsharingAdmin() -returns RbacRoleDescriptor -returns null on null input - stable leakproof - language sql as $$ -select 'global', (select uuid from RbacObject where objectTable = 'global'), 'admin'::RbacRoleType; -$$; - -begin transaction; - call defineContext('creating Hostsharing admin role', null, null, null); - select createRole(hsHostsharingAdmin()); -commit; - --- ============================================================================ ---changeset hs-base-ADMIN-USERS:1 context:dev,tc endDelimiter:--// --- ---------------------------------------------------------------------------- -/* - Create two users and assign both to the administrators role. - */ -do language plpgsql $$ - declare - admins uuid ; - begin - call defineContext('creating fake Hostsharing admin users', null, null, null); - - admins = findRoleId(hsHostsharingAdmin()); - call grantRoleToUserUnchecked(admins, admins, createRbacUser('mike@hostsharing.net')); - call grantRoleToUserUnchecked(admins, admins, createRbacUser('sven@hostsharing.net')); - end; -$$; ---// - - --- ============================================================================ ---changeset hs-base-hostsharing-TEST:1 context:dev,tc runAlways:true endDelimiter:--// --- ---------------------------------------------------------------------------- - -/* - Tests if currentUserUuid() can fetch the user from the session variable. - */ - -do language plpgsql $$ - declare - userName varchar; - begin - call defineContext('testing currentUserUuid', null, 'sven@hostsharing.net', null); - select userName from RbacUser where uuid = currentUserUuid() into userName; - if userName <> 'sven@hostsharing.net' then - raise exception 'setting or fetching initial currentUser failed, got: %', userName; - end if; - - call defineContext('testing currentUserUuid', null, 'mike@hostsharing.net', null); - select userName from RbacUser where uuid = currentUserUuid() into userName; - if userName = 'mike@ehostsharing.net' then - raise exception 'currentUser should not change in one transaction, but did change, got: %', userName; - end if; - end; $$; ---// diff --git a/src/main/resources/db/changelog/db.changelog-master.yaml b/src/main/resources/db/changelog/db.changelog-master.yaml index 6d94156c..160a2388 100644 --- a/src/main/resources/db/changelog/db.changelog-master.yaml +++ b/src/main/resources/db/changelog/db.changelog-master.yaml @@ -27,8 +27,6 @@ databaseChangeLog: file: db/changelog/059-rbac-statistics.sql - include: file: db/changelog/080-rbac-global.sql - - include: - file: db/changelog/100-test-base.sql - include: file: db/changelog/110-test-customer.sql - include: diff --git a/src/test/java/net/hostsharing/hsadminng/context/ContextIntegrationTests.java b/src/test/java/net/hostsharing/hsadminng/context/ContextIntegrationTests.java index 416576ae..c94b3b47 100644 --- a/src/test/java/net/hostsharing/hsadminng/context/ContextIntegrationTests.java +++ b/src/test/java/net/hostsharing/hsadminng/context/ContextIntegrationTests.java @@ -31,7 +31,7 @@ class ContextIntegrationTests { @Test void defineWithoutHttpServletRequestUsesCallStack() { - context.define("mike@example.org", null); + context.define("alex@hostsharing.net", null); assertThat(context.getCurrentTask()) .isEqualTo("ContextIntegrationTests.defineWithoutHttpServletRequestUsesCallStack"); @@ -41,11 +41,11 @@ class ContextIntegrationTests { @Transactional void defineWithCurrentUserButWithoutAssumedRoles() { // when - context.define("mike@example.org"); + context.define("alex@hostsharing.net"); // then assertThat(context.getCurrentUser()). - isEqualTo("mike@example.org"); + isEqualTo("alex@hostsharing.net"); assertThat(context.getCurrentUserUUid()).isNotNull(); @@ -85,11 +85,11 @@ class ContextIntegrationTests { @Transactional void defineWithCurrentUserAndAssumedRoles() { // given - context.define("mike@example.org", "test_customer#xxx.owner;test_customer#yyy.owner"); + context.define("alex@hostsharing.net", "test_customer#xxx.owner;test_customer#yyy.owner"); // when final var currentUser = context.getCurrentUser(); - assertThat(currentUser).isEqualTo("mike@example.org"); + assertThat(currentUser).isEqualTo("alex@hostsharing.net"); // then assertThat(context.getAssumedRoles()) diff --git a/src/test/java/net/hostsharing/hsadminng/hs/admin/partner/HsAdminPartnerRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/hs/admin/partner/HsAdminPartnerRepositoryIntegrationTest.java index 81c12627..32851b0c 100644 --- a/src/test/java/net/hostsharing/hsadminng/hs/admin/partner/HsAdminPartnerRepositoryIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/hs/admin/partner/HsAdminPartnerRepositoryIntegrationTest.java @@ -41,7 +41,7 @@ class HsAdminPartnerRepositoryIntegrationTest extends ContextBasedTest { @Test public void testHostsharingAdmin_withoutAssumedRole_canCreateNewCustomer() { // given - context("mike@example.org", null); + context("alex@hostsharing.net", null); final var count = partnerRepository.count(); // when @@ -67,9 +67,9 @@ class HsAdminPartnerRepositoryIntegrationTest extends ContextBasedTest { class FindAllCustomers { @Test - public void testGlobalAdmin_withoutAssumedRole_canViewAllCustomers() { + public void globalAdmin_withoutAssumedRole_canViewAllCustomers() { // given - context("mike@example.org", null); + context("alex@hostsharing.net", null); // when final var result = partnerRepository.findPartnerByOptionalNameLike(null); @@ -84,9 +84,9 @@ class HsAdminPartnerRepositoryIntegrationTest extends ContextBasedTest { class FindByPrefixLike { @Test - public void testGlobalAdmin_withoutAssumedRole_canViewAllCustomers() { + public void globalAdmin_withoutAssumedRole_canViewAllCustomers() { // given - context("mike@example.org", null); + context("alex@hostsharing.net", null); // when final var result = partnerRepository.findPartnerByOptionalNameLike("Yps"); diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java index d38cf1ab..67915331 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java @@ -61,10 +61,10 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { @Test @Accepts("GRT:L(List)") - void testGlobalAdmin_withoutAssumedRole_canViewAllGrants() { + void globalAdmin_withoutAssumedRole_canViewAllGrants() { RestAssured // @formatter:off .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .port(port) .when() .get("http://localhost/api/rbac/grants") @@ -73,23 +73,23 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { .contentType("application/json") .body("", hasItem( allOf( - hasEntry("grantedByRoleIdName", "global#test-global.admin"), + hasEntry("grantedByRoleIdName", "global#global.admin"), hasEntry("grantedRoleIdName", "test_customer#xxx.admin"), hasEntry("granteeUserName", "customer-admin@xxx.example.com") ) )) .body("", hasItem( allOf( - hasEntry("grantedByRoleIdName", "global#test-global.admin"), + hasEntry("grantedByRoleIdName", "global#global.admin"), hasEntry("grantedRoleIdName", "test_customer#yyy.admin"), hasEntry("granteeUserName", "customer-admin@yyy.example.com") ) )) .body("", hasItem( allOf( - hasEntry("grantedByRoleIdName", "global#test-global.admin"), - hasEntry("grantedRoleIdName", "global#test-global.admin"), - hasEntry("granteeUserName", "sven@example.org") + hasEntry("grantedByRoleIdName", "global#global.admin"), + hasEntry("grantedRoleIdName", "global#global.admin"), + hasEntry("granteeUserName", "fran@hostsharing.net") ) )) .body("", hasItem( @@ -112,10 +112,10 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { @Test @Accepts({ "GRT:L(List)", "GRT:X(Access Control)" }) - void testGlobalAdmin_withAssumedPackageAdminRole_canViewPacketRelatedGrants() { + void globalAdmin_withAssumedPackageAdminRole_canViewPacketRelatedGrants() { RestAssured // @formatter:off .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_package#yyy00.admin") .port(port) .when() @@ -498,14 +498,14 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { RbacUserEntity findRbacUserByName(final String userName) { return jpaAttempt.transacted(() -> { - context("mike@example.org", null); + context("alex@hostsharing.net", null); return rbacUserRepository.findByName(userName); }).returnedValue(); } RbacRoleEntity findRbacRoleByName(final String roleName) { return jpaAttempt.transacted(() -> { - context("mike@example.org", null); + context("alex@hostsharing.net", null); return rbacRoleRepository.findByRoleName(roleName); }).returnedValue(); } diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantRepositoryIntegrationTest.java index eb54ad4a..58772f6e 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantRepositoryIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantRepositoryIntegrationTest.java @@ -83,7 +83,7 @@ class RbacGrantRepositoryIntegrationTest extends ContextBasedTest { // then exactlyTheseRbacGrantsAreReturned( result, - "{ grant assumed role test_customer#xxx.admin to user customer-admin@xxx.example.com by role global#test-global.admin }", + "{ grant assumed role test_customer#xxx.admin to user customer-admin@xxx.example.com by role global#global.admin }", "{ grant assumed role test_package#xxx00.admin to user pac-admin-xxx00@xxx.example.com by role test_customer#xxx.admin }", "{ grant assumed role test_package#xxx01.admin to user pac-admin-xxx01@xxx.example.com by role test_customer#xxx.admin }", "{ grant assumed role test_package#xxx02.admin to user pac-admin-xxx02@xxx.example.com by role test_customer#xxx.admin }"); diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerAcceptanceTest.java index f332fbd0..4f8cecd1 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerAcceptanceTest.java @@ -38,12 +38,12 @@ class RbacRoleControllerAcceptanceTest { @Test @Accepts({ "ROL:L(List)" }) - void testGlobalAdmin_withoutAssumedRole_canViewAllRoles() { + void globalAdmin_withoutAssumedRole_canViewAllRoles() { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .port(port) .when() .get("http://localhost/api/rbac/roles") @@ -54,7 +54,7 @@ class RbacRoleControllerAcceptanceTest { .body("", hasItem(hasEntry("roleName", "test_customer#xxx.owner"))) .body("", hasItem(hasEntry("roleName", "test_customer#xxx.tenant"))) // ... - .body("", hasItem(hasEntry("roleName", "global#test-global.admin"))) + .body("", hasItem(hasEntry("roleName", "global#global.admin"))) .body("", hasItem(hasEntry("roleName", "test_customer#yyy.admin"))) .body("", hasItem(hasEntry("roleName", "test_package#yyy00.admin"))) .body("", hasItem(hasEntry("roleName", "test_domain#yyy00-aaaa.owner"))) @@ -64,12 +64,12 @@ class RbacRoleControllerAcceptanceTest { @Test @Accepts({ "ROL:L(List)", "ROL:X(Access Control)" }) - void testGlobalAdmin_withAssumedPackageAdminRole_canViewPackageAdminRoles() { + void globalAdmin_withAssumedPackageAdminRole_canViewPackageAdminRoles() { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_package#yyy00.admin") .port(port) .when() diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerRestTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerRestTest.java index 599a708a..b11e47d0 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerRestTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleControllerRestTest.java @@ -37,13 +37,13 @@ class RbacRoleControllerRestTest { // when mockMvc.perform(MockMvcRequestBuilders .get("/api/rbac/roles") - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .accept(MediaType.APPLICATION_JSON)) // then .andExpect(status().isOk()) .andExpect(jsonPath("$", hasSize(3))) - .andExpect(jsonPath("$[0].roleName", is("global#test-global.admin"))) + .andExpect(jsonPath("$[0].roleName", is("global#global.admin"))) .andExpect(jsonPath("$[1].roleName", is("test_customer#xxx.owner"))) .andExpect(jsonPath("$[2].roleName", is("test_customer#xxx.admin"))) .andExpect(jsonPath("$[2].uuid", is(customerXxxAdmin.getUuid().toString()))) diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepositoryIntegrationTest.java index b4021b39..e8ed7ad5 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepositoryIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleRepositoryIntegrationTest.java @@ -40,7 +40,7 @@ class RbacRoleRepositoryIntegrationTest { private static final String[] ALL_TEST_DATA_ROLES = Array.of( // @formatter:off - "global#test-global.admin", + "global#global.admin", "test_customer#xxx.admin", "test_customer#xxx.owner", "test_customer#xxx.tenant", "test_package#xxx00.admin", "test_package#xxx00.owner", "test_package#xxx00.tenant", "test_package#xxx01.admin", "test_package#xxx01.owner", "test_package#xxx01.tenant", @@ -57,9 +57,9 @@ class RbacRoleRepositoryIntegrationTest { ); @Test - public void testGlobalAdmin_withoutAssumedRole_canViewAllRbacRoles() { + public void globalAdmin_withoutAssumedRole_canViewAllRbacRoles() { // given - context.define("mike@example.org"); + context.define("alex@hostsharing.net"); // when final var result = rbacRoleRepository.findAll(); @@ -69,9 +69,9 @@ class RbacRoleRepositoryIntegrationTest { } @Test - public void testGlobalAdmin_withAssumedtestGlobalAdminRole_canViewAllRbacRoles() { + public void globalAdmin_withAssumedglobalAdminRole_canViewAllRbacRoles() { given: - context.define("mike@example.org", "global#test-global.admin"); + context.define("alex@hostsharing.net", "global#global.admin"); // when final var result = rbacRoleRepository.findAll(); @@ -111,7 +111,7 @@ class RbacRoleRepositoryIntegrationTest { noneOfTheseRbacRolesIsReturned( result, // @formatter:off - "global#test-global.admin", + "global#global.admin", "test_customer#xxx.owner", "test_package#yyy00.admin", "test_package#yyy00.owner", diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/TestRbacRole.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/TestRbacRole.java index ca7e4607..652679f3 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/TestRbacRole.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacrole/TestRbacRole.java @@ -4,7 +4,7 @@ import static java.util.UUID.randomUUID; public class TestRbacRole { - public static final RbacRoleEntity hostmasterRole = rbacRole("global", "test-global", RbacRoleType.admin); + public static final RbacRoleEntity hostmasterRole = rbacRole("global", "global", RbacRoleType.admin); static final RbacRoleEntity customerXxxOwner = rbacRole("test_customer", "xxx", RbacRoleType.owner); static final RbacRoleEntity customerXxxAdmin = rbacRole("test_customer", "xxx", RbacRoleType.admin); diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerAcceptanceTest.java index aff07c51..d05d7f43 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserControllerAcceptanceTest.java @@ -82,13 +82,13 @@ class RbacUserControllerAcceptanceTest { @Test @Accepts({ "USR:R(Read)" }) - void testGlobalAdmin_withoutAssumedRole_canGetArbitraryUser() { + void globalAdmin_withoutAssumedRole_canGetArbitraryUser() { final var givenUser = findRbacUserByName("pac-admin-xxx00@xxx.example.com"); // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .port(port) .when() .get("http://localhost/api/rbac/users/" + givenUser.getUuid()) @@ -101,13 +101,13 @@ class RbacUserControllerAcceptanceTest { @Test @Accepts({ "USR:R(Read)", "USR:X(Access Control)" }) - void testGlobalAdmin_withAssumedCustomerAdminRole_canGetUserWithinInItsRealm() { + void globalAdmin_withAssumedCustomerAdminRole_canGetUserWithinInItsRealm() { final var givenUser = findRbacUserByName("pac-admin-yyy00@yyy.example.com"); // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#yyy.admin") .port(port) .when() @@ -161,12 +161,12 @@ class RbacUserControllerAcceptanceTest { @Test @Accepts({ "USR:L(List)" }) - void testGlobalAdmin_withoutAssumedRole_canViewAllUsers() { + void globalAdmin_withoutAssumedRole_canViewAllUsers() { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .port(port) .when() .get("http://localhost/api/rbac/users") @@ -176,23 +176,23 @@ class RbacUserControllerAcceptanceTest { .body("", hasItem(hasEntry("name", "customer-admin@xxx.example.com"))) .body("", hasItem(hasEntry("name", "customer-admin@yyy.example.com"))) .body("", hasItem(hasEntry("name", "customer-admin@zzz.example.com"))) - .body("", hasItem(hasEntry("name", "mike@example.org"))) + .body("", hasItem(hasEntry("name", "alex@hostsharing.net"))) // ... .body("", hasItem(hasEntry("name", "pac-admin-zzz01@zzz.example.com"))) .body("", hasItem(hasEntry("name", "pac-admin-zzz02@zzz.example.com"))) - .body("", hasItem(hasEntry("name", "sven@example.org"))) + .body("", hasItem(hasEntry("name", "fran@hostsharing.net"))) .body("size()", greaterThanOrEqualTo(14)); // @formatter:on } @Test @Accepts({ "USR:F(Filter)" }) - void testGlobalAdmin_withoutAssumedRole_canViewAllUsersByName() { + void globalAdmin_withoutAssumedRole_canViewAllUsersByName() { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .port(port) .when() .get("http://localhost/api/rbac/users?name=pac-admin-zzz0") @@ -208,12 +208,12 @@ class RbacUserControllerAcceptanceTest { @Test @Accepts({ "USR:L(List)", "USR:X(Access Control)" }) - void testGlobalAdmin_withAssumedCustomerAdminRole_canViewUsersInItsRealm() { + void globalAdmin_withAssumedCustomerAdminRole_canViewUsersInItsRealm() { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#yyy.admin") .port(port) .when() @@ -276,13 +276,13 @@ class RbacUserControllerAcceptanceTest { @Test @Accepts({ "PRM:L(List)" }) - void testGlobalAdmin_withoutAssumedRole_canViewArbitraryUsersPermissions() { + void globalAdmin_withoutAssumedRole_canViewArbitraryUsersPermissions() { final var givenUser = findRbacUserByName("pac-admin-yyy00@yyy.example.com"); // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .port(port) .when() .get("http://localhost/api/rbac/users/" + givenUser.getUuid() + "/permissions") @@ -310,13 +310,13 @@ class RbacUserControllerAcceptanceTest { @Test @Accepts({ "PRM:L(List)" }) - void testGlobalAdmin_withAssumedCustomerAdminRole_canViewArbitraryUsersPermissions() { + void globalAdmin_withAssumedCustomerAdminRole_canViewArbitraryUsersPermissions() { final var givenUser = findRbacUserByName("pac-admin-yyy00@yyy.example.com"); // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_package#yyy00.admin") .port(port) .when() @@ -455,7 +455,7 @@ class RbacUserControllerAcceptanceTest { // @formatter:off final var location = RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .port(port) .when() .delete("http://localhost/api/rbac/users/" + givenUser.getUuid()) @@ -470,7 +470,7 @@ class RbacUserControllerAcceptanceTest { RbacUserEntity findRbacUserByName(final String userName) { return jpaAttempt.transacted(() -> { - context.define("mike@example.org"); + context.define("alex@hostsharing.net"); return rbacUserRepository.findByName(userName); }).returnedValue(); } diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserRepositoryIntegrationTest.java index 4d701240..1e6e13cf 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserRepositoryIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserRepositoryIntegrationTest.java @@ -99,7 +99,7 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest { private static final String[] ALL_TEST_DATA_USERS = Array.of( // @formatter:off - "mike@example.org", "sven@example.org", + "alex@hostsharing.net", "fran@hostsharing.net", "customer-admin@xxx.example.com", "pac-admin-xxx00@xxx.example.com", "pac-admin-xxx01@xxx.example.com", "pac-admin-xxx02@xxx.example.com", "customer-admin@yyy.example.com", @@ -110,9 +110,9 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest { ); @Test - public void testGlobalAdmin_withoutAssumedRole_canViewAllRbacUsers() { + public void globalAdmin_withoutAssumedRole_canViewAllRbacUsers() { // given - context("mike@example.org"); + context("alex@hostsharing.net"); // when final var result = rbacUserRepository.findByOptionalNameLike(null); @@ -122,9 +122,9 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest { } @Test - public void testGlobalAdmin_withAssumedtestGlobalAdminRole_canViewAllRbacUsers() { + public void globalAdmin_withAssumedglobalAdminRole_canViewAllRbacUsers() { given: - context("mike@example.org", "global#test-global.admin"); + context("alex@hostsharing.net", "global#global.admin"); // when final var result = rbacUserRepository.findByOptionalNameLike(null); @@ -134,9 +134,9 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest { } @Test - public void testGlobalAdmin_withAssumedCustomerAdminRole_canViewOnlyUsersHavingRolesInThatCustomersRealm() { + public void globalAdmin_withAssumedCustomerAdminRole_canViewOnlyUsersHavingRolesInThatCustomersRealm() { given: - context("mike@example.org", "test_customer#xxx.admin"); + context("alex@hostsharing.net", "test_customer#xxx.admin"); // when final var result = rbacUserRepository.findByOptionalNameLike(null); @@ -190,7 +190,7 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest { private static final String[] ALL_USER_PERMISSIONS = Array.of( // @formatter:off - "global#test-global.admin -> global#test-global: add-customer", + "global#global.admin -> global#global: add-customer", "test_customer#xxx.admin -> test_customer#xxx: add-package", "test_customer#xxx.admin -> test_customer#xxx: view", @@ -237,12 +237,12 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest { ); @Test - public void testGlobalAdmin_withoutAssumedRole_canViewTheirOwnPermissions() { + public void globalAdmin_withoutAssumedRole_canViewTheirOwnPermissions() { // given - context("mike@example.org"); + context("alex@hostsharing.net"); // when - final var result = rbacUserRepository.findPermissionsOfUserByUuid(userUUID("mike@example.org")); + final var result = rbacUserRepository.findPermissionsOfUserByUuid(userUUID("alex@hostsharing.net")); // then allTheseRbacPermissionsAreReturned(result, ALL_USER_PERMISSIONS); @@ -294,7 +294,7 @@ class RbacUserRepositoryIntegrationTest extends ContextBasedTest { public void customerAdmin_withoutAssumedRole_isNotAllowedToViewGlobalAdminsPermissions() { // given context("customer-admin@xxx.example.com"); - final UUID userUuid = userUUID("mike@example.org"); + final UUID userUuid = userUUID("alex@hostsharing.net"); // when final var result = attempt(em, () -> diff --git a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java index a388d58b..64c92fcd 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java @@ -39,10 +39,10 @@ class TestCustomerControllerAcceptanceTest { class ListCustomers { @Test - void testGlobalAdmin_withoutAssumedRoles_canViewAllCustomers_ifNoCriteriaGiven() { + void globalAdmin_withoutAssumedRoles_canViewAllCustomers_ifNoCriteriaGiven() { RestAssured // @formatter:off .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .port(port) .when() .get("http://localhost/api/test/customers") @@ -57,10 +57,10 @@ class TestCustomerControllerAcceptanceTest { } @Test - void testGlobalAdmin_withoutAssumedRoles_canViewMatchingCustomers_ifCriteriaGiven() { + void globalAdmin_withoutAssumedRoles_canViewMatchingCustomers_ifCriteriaGiven() { RestAssured // @formatter:off .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .port(port) .when() .get("http://localhost/api/test/customers?prefix=y") @@ -73,10 +73,10 @@ class TestCustomerControllerAcceptanceTest { } @Test - void testGlobalAdmin_withoutAssumedCustomerAdminRole_canOnlyViewOwnCustomer() { + void globalAdmin_withoutAssumedCustomerAdminRole_canOnlyViewOwnCustomer() { RestAssured // @formatter:off .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#yyy.admin") .port(port) .when() @@ -110,11 +110,11 @@ class TestCustomerControllerAcceptanceTest { class AddCustomer { @Test - void testGlobalAdmin_withoutAssumedRole_canAddCustomer() { + void globalAdmin_withoutAssumedRole_canAddCustomer() { final var location = RestAssured // @formatter:off .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .contentType(ContentType.JSON) .body(""" { @@ -142,13 +142,13 @@ class TestCustomerControllerAcceptanceTest { } @Test - void testGlobalAdmin_withoutAssumedRole_canAddCustomerWithGivenUuid() { + void globalAdmin_withoutAssumedRole_canAddCustomerWithGivenUuid() { final var givenUuid = UUID.randomUUID(); final var location = RestAssured // @formatter:off .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .contentType(ContentType.JSON) .body(""" { @@ -180,11 +180,11 @@ class TestCustomerControllerAcceptanceTest { } @Test - void testGlobalAdmin_withAssumedCustomerAdminRole_canNotAddCustomer() { + void globalAdmin_withAssumedCustomerAdminRole_canNotAddCustomer() { RestAssured // @formatter:off .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#xxx.admin") .contentType(ContentType.JSON) .body(""" @@ -205,7 +205,7 @@ class TestCustomerControllerAcceptanceTest { // @formatter:on // finally, the new customer was not created - context.define("sven@example.org"); + context.define("fran@hostsharing.net"); assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0); } @@ -234,7 +234,7 @@ class TestCustomerControllerAcceptanceTest { // @formatter:on // finally, the new customer was not created - context.define("sven@example.org"); + context.define("fran@hostsharing.net"); assertThat(testCustomerRepository.findCustomerByOptionalPrefixLike("uuu")).hasSize(0); } } diff --git a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java index b82ac71b..22cc470d 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java @@ -37,9 +37,9 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest { class CreateCustomer { @Test - public void testGlobalAdmin_withoutAssumedRole_canCreateNewCustomer() { + public void globalAdmin_withoutAssumedRole_canCreateNewCustomer() { // given - context("mike@example.org", null); + context("alex@hostsharing.net", null); final var count = testCustomerRepository.count(); // when @@ -58,9 +58,9 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest { } @Test - public void testGlobalAdmin_withAssumedCustomerRole_cannotCreateNewCustomer() { + public void globalAdmin_withAssumedCustomerRole_cannotCreateNewCustomer() { // given - context("mike@example.org", "test_customer#xxx.admin"); + context("alex@hostsharing.net", "test_customer#xxx.admin"); // when final var result = attempt(em, () -> { @@ -104,9 +104,9 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest { class FindAllCustomers { @Test - public void testGlobalAdmin_withoutAssumedRole_canViewAllCustomers() { + public void globalAdmin_withoutAssumedRole_canViewAllCustomers() { // given - context("mike@example.org", null); + context("alex@hostsharing.net", null); // when final var result = testCustomerRepository.findCustomerByOptionalPrefixLike(null); @@ -116,9 +116,9 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest { } @Test - public void testGlobalAdmin_withAssumedtestGlobalAdminRole_canViewAllCustomers() { + public void globalAdmin_withAssumedglobalAdminRole_canViewAllCustomers() { given: - context("mike@example.org", "global#test-global.admin"); + context("alex@hostsharing.net", "global#global.admin"); // when final var result = testCustomerRepository.findCustomerByOptionalPrefixLike(null); @@ -153,9 +153,9 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest { class FindByPrefixLike { @Test - public void testGlobalAdmin_withoutAssumedRole_canViewAllCustomers() { + public void globalAdmin_withoutAssumedRole_canViewAllCustomers() { // given - context("mike@example.org", null); + context("alex@hostsharing.net", null); // when final var result = testCustomerRepository.findCustomerByOptionalPrefixLike("yyy"); diff --git a/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageControllerAcceptanceTest.java index ab480d05..ba1f420b 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageControllerAcceptanceTest.java @@ -43,7 +43,7 @@ class TestPackageControllerAcceptanceTest { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#xxx.admin") .port(port) .when() @@ -65,7 +65,7 @@ class TestPackageControllerAcceptanceTest { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#xxx.admin") .port(port) .when() @@ -93,7 +93,7 @@ class TestPackageControllerAcceptanceTest { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#xxx.admin") .contentType(ContentType.JSON) .body(format(""" @@ -123,7 +123,7 @@ class TestPackageControllerAcceptanceTest { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#xxx.admin") .contentType(ContentType.JSON) .body(""" @@ -152,7 +152,7 @@ class TestPackageControllerAcceptanceTest { // @formatter:off RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#xxx.admin") .contentType(ContentType.JSON) .body("{}") @@ -172,7 +172,7 @@ class TestPackageControllerAcceptanceTest { // @formatter:off return UUID.fromString(RestAssured .given() - .header("current-user", "mike@example.org") + .header("current-user", "alex@hostsharing.net") .header("assumed-roles", "test_customer#xxx.admin") .port(port) .when() @@ -185,7 +185,7 @@ class TestPackageControllerAcceptanceTest { } String getDescriptionOfPackage(final String packageName) { - context.define("mike@example.org","test_customer#xxx.admin"); + context.define("alex@hostsharing.net","test_customer#xxx.admin"); return testPackageRepository.findAllByOptionalNameLike(packageName).get(0).getDescription(); } } diff --git a/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageRepositoryIntegrationTest.java index 1f52d66e..39533c45 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageRepositoryIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/pac/TestPackageRepositoryIntegrationTest.java @@ -42,9 +42,9 @@ class TestPackageRepositoryIntegrationTest { class FindAllByOptionalNameLike { @Test - public void testGlobalAdmin_withoutAssumedRole_canNotViewAnyPackages_becauseThoseGrantsAreNotassumedd() { + public void globalAdmin_withoutAssumedRole_canNotViewAnyPackages_becauseThoseGrantsAreNotassumedd() { // given - context.define("mike@example.org"); + context.define("alex@hostsharing.net"); // when final var result = testPackageRepository.findAllByOptionalNameLike(null); @@ -54,9 +54,9 @@ class TestPackageRepositoryIntegrationTest { } @Test - public void testGlobalAdmin_withAssumedtestGlobalAdminRole__canNotViewAnyPackages_becauseThoseGrantsAreNotassumedd() { + public void globalAdmin_withAssumedglobalAdminRole__canNotViewAnyPackages_becauseThoseGrantsAreNotassumedd() { given: - context.define("mike@example.org", "global#test-global.admin"); + context.define("alex@hostsharing.net", "global#global.admin"); // when final var result = testPackageRepository.findAllByOptionalNameLike(null); @@ -93,17 +93,17 @@ class TestPackageRepositoryIntegrationTest { @Test public void supportsOptimisticLocking() throws InterruptedException { // given - testGlobalAdminWithAssumedRole("test_package#xxx00.admin"); + globalAdminWithAssumedRole("test_package#xxx00.admin"); final var pac = testPackageRepository.findAllByOptionalNameLike("%").get(0); // when final var result1 = jpaAttempt.transacted(() -> { - testGlobalAdminWithAssumedRole("test_package#xxx00.admin"); + globalAdminWithAssumedRole("test_package#xxx00.admin"); pac.setDescription("description set by thread 1"); testPackageRepository.save(pac); }); final var result2 = jpaAttempt.transacted(() -> { - testGlobalAdminWithAssumedRole("test_package#xxx00.admin"); + globalAdminWithAssumedRole("test_package#xxx00.admin"); pac.setDescription("description set by thread 2"); testPackageRepository.save(pac); sleep(1500); @@ -125,8 +125,8 @@ class TestPackageRepositoryIntegrationTest { } } - private void testGlobalAdminWithAssumedRole(final String assumedRoles) { - context.define("mike@example.org", assumedRoles); + private void globalAdminWithAssumedRole(final String assumedRoles) { + context.define("alex@hostsharing.net", assumedRoles); } void noPackagesAreReturned(final List actualResult) {