get endpoints for coopassets+coopshares

This commit is contained in:
Michael Hoennig 2022-10-25 10:32:57 +02:00
parent 6f3c03e6b6
commit e5ec867819
7 changed files with 316 additions and 195 deletions

View File

@ -4,6 +4,7 @@ import net.hostsharing.hsadminng.context.Context;
import net.hostsharing.hsadminng.hs.office.generated.api.v1.api.HsOfficeCoopAssetsApi;
import net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeCoopAssetsTransactionInsertResource;
import net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeCoopAssetsTransactionResource;
import net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeCoopSharesTransactionResource;
import net.hostsharing.hsadminng.mapper.Mapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.format.annotation.DateTimeFormat;
@ -78,6 +79,22 @@ public class HsOfficeCoopAssetsTransactionController implements HsOfficeCoopAsse
return ResponseEntity.created(uri).body(mapped);
}
@Override
@Transactional(readOnly = true)
public ResponseEntity<HsOfficeCoopAssetsTransactionResource> getCoopAssetTransactionByUuid(
final String currentUser, final String assumedRoles, final UUID assetTransactionUuid) {
context.define(currentUser, assumedRoles);
final var result = coopAssetsTransactionRepo.findByUuid(assetTransactionUuid);
if (result.isEmpty()) {
return ResponseEntity.notFound().build();
}
return ResponseEntity.ok(mapper.map(result.get(), HsOfficeCoopAssetsTransactionResource.class));
}
private void validate(final HsOfficeCoopAssetsTransactionInsertResource requestBody) {
final var violations = new ArrayList<String>();
validateDebitTransaction(requestBody, violations);

View File

@ -1,5 +1,6 @@
package net.hostsharing.hsadminng.hs.office.coopshares;
import net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeContactResource;
import net.hostsharing.hsadminng.mapper.Mapper;
import net.hostsharing.hsadminng.context.Context;
import net.hostsharing.hsadminng.hs.office.generated.api.v1.api.HsOfficeCoopSharesApi;
@ -79,6 +80,21 @@ public class HsOfficeCoopSharesTransactionController implements HsOfficeCoopShar
return ResponseEntity.created(uri).body(mapped);
}
@Override
@Transactional(readOnly = true)
public ResponseEntity<HsOfficeCoopSharesTransactionResource> getCoopShareTransactionByUuid(
final String currentUser, final String assumedRoles, final UUID shareTransactionUuid) {
context.define(currentUser, assumedRoles);
final var result = coopSharesTransactionRepo.findByUuid(shareTransactionUuid);
if (result.isEmpty()) {
return ResponseEntity.notFound().build();
}
return ResponseEntity.ok(mapper.map(result.get(), HsOfficeCoopSharesTransactionResource.class));
}
private void validate(final HsOfficeCoopSharesTransactionInsertResource requestBody) {
final var violations = new ArrayList<String>();
validateSubscriptionTransaction(requestBody, violations);

View File

@ -0,0 +1,27 @@
get:
tags:
- hs-office-coopAssets
description: 'Fetch a single asset transaction by its uuid, if visible for the current subject.'
operationId: getCoopAssetTransactionByUuid
parameters:
- $ref: './auth.yaml#/components/parameters/currentUser'
- $ref: './auth.yaml#/components/parameters/assumedRoles'
- name: assetTransactionUUID
in: path
required: true
schema:
type: string
format: uuid
description: UUID of the asset transaction to fetch.
responses:
"200":
description: OK
content:
'application/json':
schema:
$ref: './hs-office-coopassets-schemas.yaml#/components/schemas/HsOfficeCoopAssetsTransaction'
"401":
$ref: './error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: './error-responses.yaml#/components/responses/Forbidden'

View File

@ -0,0 +1,27 @@
get:
tags:
- hs-office-coopShares
description: 'Fetch a single share transaction by its uuid, if visible for the current subject.'
operationId: getCoopShareTransactionByUuid
parameters:
- $ref: './auth.yaml#/components/parameters/currentUser'
- $ref: './auth.yaml#/components/parameters/assumedRoles'
- name: shareTransactionUUID
in: path
required: true
schema:
type: string
format: uuid
description: UUID of the share transaction to fetch.
responses:
"200":
description: OK
content:
'application/json':
schema:
$ref: './hs-office-coopshares-schemas.yaml#/components/schemas/HsOfficeCoopSharesTransaction'
"401":
$ref: './error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: './error-responses.yaml#/components/responses/Forbidden'

View File

@ -85,8 +85,13 @@ paths:
/api/hs/office/coopsharestransactions:
$ref: "./hs-office-coopshares.yaml"
/api/hs/office/coopsharestransactions/{shareTransactionUUID}:
$ref: "./hs-office-coopshares-with-uuid.yaml"
# Coop Assets Transaction
/api/hs/office/coopassetstransactions:
$ref: "./hs-office-coopassets.yaml"
/api/hs/office/coopassetstransactions/{assetTransactionUUID}:
$ref: "./hs-office-coopassets-with-uuid.yaml"

View File

@ -5,6 +5,7 @@ import io.restassured.http.ContentType;
import net.hostsharing.hsadminng.HsadminNgApplication;
import net.hostsharing.hsadminng.context.Context;
import net.hostsharing.hsadminng.hs.office.coopassets.HsOfficeCoopAssetsTransactionRepository;
import net.hostsharing.hsadminng.hs.office.coopassets.HsOfficeCoopAssetsTransactionRepository;
import net.hostsharing.hsadminng.hs.office.membership.HsOfficeMembershipRepository;
import net.hostsharing.test.Accepts;
import net.hostsharing.test.JpaAttempt;
@ -18,6 +19,7 @@ import org.springframework.boot.test.web.server.LocalServerPort;
import org.springframework.transaction.annotation.Transactional;
import javax.persistence.EntityManager;
import java.time.LocalDate;
import java.util.UUID;
import static net.hostsharing.test.IsValidUuidMatcher.isUuidValid;
@ -39,6 +41,9 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest {
@Autowired
Context context;
@Autowired
HsOfficeCoopAssetsTransactionRepository coopAssetsTransactionRepo;
@Autowired
HsOfficeMembershipRepository membershipRepo;
@ -228,6 +233,49 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest {
}
}
@Nested
@Accepts({"CoopAssetTransaction:R(Read)"})
class GetCoopAssetTransaction {
@Test
void globalAdmin_withoutAssumedRole_canGetArbitraryCoopAssetTransaction() {
context.define("superuser-alex@hostsharing.net");
final var givenCoopAssetTransactionUuid = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid();
RestAssured // @formatter:off
.given().header("current-user", "superuser-alex@hostsharing.net").port(port).when().get("http://localhost/api/hs/office/coopassetstransactions/" + givenCoopAssetTransactionUuid).then().log().body().assertThat().statusCode(200).contentType("application/json").body("", lenientlyEquals("""
{
"transactionType": "DEPOSIT"
}
""")); // @formatter:on
}
@Test
@Accepts({"CoopAssetTransaction:X(Access Control)"})
void normalUser_canNotGetUnrelatedCoopAssetTransaction() {
context.define("superuser-alex@hostsharing.net");
final var givenCoopAssetTransactionUuid = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid();
RestAssured // @formatter:off
.given().header("current-user", "selfregistered-user-drew@hostsharing.org").port(port).when().get("http://localhost/api/hs/office/coopassetstransactions/" + givenCoopAssetTransactionUuid).then().log().body().assertThat().statusCode(404); // @formatter:on
}
@Test
@Accepts({"CoopAssetTransaction:X(Access Control)"})
void contactAdminUser_canGetRelatedCoopAssetTransaction() {
context.define("superuser-alex@hostsharing.net");
final var givenCoopAssetTransactionUuid = coopAssetsTransactionRepo.findCoopAssetsTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid();
RestAssured // @formatter:off
.given().header("current-user", "contact-admin@firstcontact.example.com").port(port).when().get("http://localhost/api/hs/office/coopassetstransactions/" + givenCoopAssetTransactionUuid).then().log().body().assertThat().statusCode(200).contentType("application/json").body("", lenientlyEquals("""
{
"transactionType": "DEPOSIT",
"assetValue": 320
}
""")); // @formatter:on
}
}
@BeforeEach
@AfterEach
void cleanup() {

View File

@ -17,6 +17,7 @@ import org.springframework.boot.test.web.server.LocalServerPort;
import org.springframework.transaction.annotation.Transactional;
import javax.persistence.EntityManager;
import java.time.LocalDate;
import java.util.UUID;
import static net.hostsharing.test.IsValidUuidMatcher.isUuidValid;
@ -25,33 +26,35 @@ import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.hasSize;
import static org.hamcrest.Matchers.startsWith;
@SpringBootTest(
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
classes = { HsadminNgApplication.class, JpaAttempt.class }
)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = {HsadminNgApplication.class, JpaAttempt.class})
@Transactional
class HsOfficeCoopSharesTransactionControllerAcceptanceTest {
@Autowired
Context context;
@Autowired
Context contextMock;
@Autowired
HsOfficeCoopSharesTransactionRepository coopSharesTransactionRepo;
@Autowired
HsOfficeMembershipRepository membershipRepo;
@Autowired
JpaAttempt jpaAttempt;
@Autowired
EntityManager em;
@LocalServerPort
private Integer port;
@Autowired
Context context;
@Autowired
Context contextMock;
@Autowired
HsOfficeCoopSharesTransactionRepository coopSharesTransactionRepo;
@Autowired
HsOfficeMembershipRepository membershipRepo;
@Autowired
JpaAttempt jpaAttempt;
@Autowired
EntityManager em;
@BeforeEach
@AfterEach
void cleanup() {
jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null);
// HsOfficeCoopSharesTransactionEntity respectively hs_office_coopsharestransaction_rv
// cannot be deleted at all, but the underlying table record can be deleted.
em.createNativeQuery("delete from hs_office_coopsharestransaction where reference like 'temp %'").executeUpdate();
}).assertSuccessful();
}
@Nested
@Accepts({"CoopSharesTransaction:F(Find)"})
@ -61,34 +64,17 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest {
void globalAdmin_canViewAllCoopSharesTransactions() {
RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.port(port)
.when()
.get("http://localhost/api/hs/office/coopsharestransactions")
.then().log().all().assertThat()
.statusCode(200)
.contentType("application/json")
.body("", hasSize(9)); // @formatter:on
.given().header("current-user", "superuser-alex@hostsharing.net").port(port).when().get("http://localhost/api/hs/office/coopsharestransactions").then().log().all().assertThat().statusCode(200).contentType("application/json").body("", hasSize(9)); // @formatter:on
}
@Test
void globalAdmin_canFindCoopSharesTransactionsByMemberNumber() {
context.define("superuser-alex@hostsharing.net");
final var givenMembership = membershipRepo.findMembershipsByOptionalPartnerUuidAndOptionalMemberNumber(null, 10002)
.get(0);
final var givenMembership = membershipRepo.findMembershipsByOptionalPartnerUuidAndOptionalMemberNumber(null, 10002).get(0);
RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.port(port)
.when()
.get("http://localhost/api/hs/office/coopsharestransactions?membershipUuid="+givenMembership.getUuid())
.then().log().all().assertThat()
.statusCode(200)
.contentType("application/json")
.body("", lenientlyEquals("""
.given().header("current-user", "superuser-alex@hostsharing.net").port(port).when().get("http://localhost/api/hs/office/coopsharestransactions?membershipUuid=" + givenMembership.getUuid()).then().log().all().assertThat().statusCode(200).contentType("application/json").body("", lenientlyEquals("""
[
{
"transactionType": "SUBSCRIPTION",
@ -119,20 +105,10 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest {
void globalAdmin_canFindCoopSharesTransactionsByMemberNumberAndDateRange() {
context.define("superuser-alex@hostsharing.net");
final var givenMembership = membershipRepo.findMembershipsByOptionalPartnerUuidAndOptionalMemberNumber(null, 10002)
.get(0);
final var givenMembership = membershipRepo.findMembershipsByOptionalPartnerUuidAndOptionalMemberNumber(null, 10002).get(0);
RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.port(port)
.when()
.get("http://localhost/api/hs/office/coopsharestransactions?membershipUuid="
+ givenMembership.getUuid() + "&fromValueDate=2020-01-01&toValueDate=2021-12-31")
.then().log().all().assertThat()
.statusCode(200)
.contentType("application/json")
.body("", lenientlyEquals("""
.given().header("current-user", "superuser-alex@hostsharing.net").port(port).when().get("http://localhost/api/hs/office/coopsharestransactions?membershipUuid=" + givenMembership.getUuid() + "&fromValueDate=2020-01-01&toValueDate=2021-12-31").then().log().all().assertThat().statusCode(200).contentType("application/json").body("", lenientlyEquals("""
[
{
"transactionType": "CANCELLATION",
@ -154,14 +130,10 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest {
void globalAdmin_canAddCoopSharesTransaction() {
context.define("superuser-alex@hostsharing.net");
final var givenMembership = membershipRepo.findMembershipsByOptionalPartnerUuidAndOptionalMemberNumber(null, 10001)
.get(0);
final var givenMembership = membershipRepo.findMembershipsByOptionalPartnerUuidAndOptionalMemberNumber(null, 10001).get(0);
final var location = RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.contentType(ContentType.JSON)
.body("""
.given().header("current-user", "superuser-alex@hostsharing.net").contentType(ContentType.JSON).body("""
{
"membershipUuid": "%s",
"transactionType": "SUBSCRIPTION",
@ -170,15 +142,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest {
"reference": "temp ref A",
"comment": "just some test coop shares transaction"
}
""".formatted(givenMembership.getUuid()))
.port(port)
.when()
.post("http://localhost/api/hs/office/coopsharestransactions")
.then().log().all().assertThat()
.statusCode(201)
.contentType(ContentType.JSON)
.body("uuid", isUuidValid())
.body("", lenientlyEquals("""
""".formatted(givenMembership.getUuid())).port(port).when().post("http://localhost/api/hs/office/coopsharestransactions").then().log().all().assertThat().statusCode(201).contentType(ContentType.JSON).body("uuid", isUuidValid()).body("", lenientlyEquals("""
{
"transactionType": "SUBSCRIPTION",
"shareCount": 8,
@ -186,13 +150,10 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest {
"reference": "temp ref A",
"comment": "just some test coop shares transaction"
}
"""))
.header("Location", startsWith("http://localhost"))
.extract().header("Location"); // @formatter:on
""")).header("Location", startsWith("http://localhost")).extract().header("Location"); // @formatter:on
// finally, the new coopSharesTransaction can be accessed under the generated UUID
final var newUserUuid = UUID.fromString(
location.substring(location.lastIndexOf('/') + 1));
final var newUserUuid = UUID.fromString(location.substring(location.lastIndexOf('/') + 1));
assertThat(newUserUuid).isNotNull();
}
@ -200,14 +161,10 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest {
void globalAdmin_canNotCancelMoreSharesThanCurrentlySubscribed() {
context.define("superuser-alex@hostsharing.net");
final var givenMembership = membershipRepo.findMembershipsByOptionalPartnerUuidAndOptionalMemberNumber(null, 10001)
.get(0);
final var givenMembership = membershipRepo.findMembershipsByOptionalPartnerUuidAndOptionalMemberNumber(null, 10001).get(0);
final var location = RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.contentType(ContentType.JSON)
.body("""
.given().header("current-user", "superuser-alex@hostsharing.net").contentType(ContentType.JSON).body("""
{
"membershipUuid": "%s",
"transactionType": "CANCELLATION",
@ -216,14 +173,7 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest {
"reference": "temp ref X",
"comment": "just some test coop shares transaction"
}
""".formatted(givenMembership.getUuid()))
.port(port)
.when()
.post("http://localhost/api/hs/office/coopsharestransactions")
.then().log().all().assertThat()
.statusCode(400)
.contentType(ContentType.JSON)
.body("", lenientlyEquals("""
""".formatted(givenMembership.getUuid())).port(port).when().post("http://localhost/api/hs/office/coopsharestransactions").then().log().all().assertThat().statusCode(400).contentType(ContentType.JSON).body("", lenientlyEquals("""
{
"status": 400,
"error": "Bad Request",
@ -233,15 +183,46 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest {
}
}
@BeforeEach
@AfterEach
void cleanup() {
jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null);
// HsOfficeCoopSharesTransactionEntity respectively hs_office_coopsharestransaction_rv
// cannot be deleted at all, but the underlying table record can be deleted.
em.createNativeQuery("delete from hs_office_coopsharestransaction where reference like 'temp %'")
.executeUpdate();
}).assertSuccessful();
@Nested
@Accepts({"CoopShareTransaction:R(Read)"})
class GetCoopShareTransaction {
@Test
void globalAdmin_withoutAssumedRole_canGetArbitraryCoopShareTransaction() {
context.define("superuser-alex@hostsharing.net");
final var givenCoopShareTransactionUuid = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid();
RestAssured // @formatter:off
.given().header("current-user", "superuser-alex@hostsharing.net").port(port).when().get("http://localhost/api/hs/office/coopsharestransactions/" + givenCoopShareTransactionUuid).then().log().body().assertThat().statusCode(200).contentType("application/json").body("", lenientlyEquals("""
{
"transactionType": "SUBSCRIPTION"
}
""")); // @formatter:on
}
@Test
@Accepts({"CoopShareTransaction:X(Access Control)"})
void normalUser_canNotGetUnrelatedCoopShareTransaction() {
context.define("superuser-alex@hostsharing.net");
final var givenCoopShareTransactionUuid = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid();
RestAssured // @formatter:off
.given().header("current-user", "selfregistered-user-drew@hostsharing.org").port(port).when().get("http://localhost/api/hs/office/coopsharestransactions/" + givenCoopShareTransactionUuid).then().log().body().assertThat().statusCode(404); // @formatter:on
}
@Test
@Accepts({"CoopShareTransaction:X(Access Control)"})
void contactAdminUser_canGetRelatedCoopShareTransaction() {
context.define("superuser-alex@hostsharing.net");
final var givenCoopShareTransactionUuid = coopSharesTransactionRepo.findCoopSharesTransactionByOptionalMembershipUuidAndDateRange(null, LocalDate.of(2010, 3, 15), LocalDate.of(2010, 3, 15)).get(0).getUuid();
RestAssured // @formatter:off
.given().header("current-user", "contact-admin@firstcontact.example.com").port(port).when().get("http://localhost/api/hs/office/coopsharestransactions/" + givenCoopShareTransactionUuid).then().log().body().assertThat().statusCode(200).contentType("application/json").body("", lenientlyEquals("""
{
"transactionType": "SUBSCRIPTION",
"shareCount": 4
}
""")); // @formatter:on
}
}
}