From eb7dea54b57c3bfd4d2924b25b26be1181d3f2cd Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Thu, 7 Mar 2024 18:12:33 +0100 Subject: [PATCH] fix TestCustomerControllerAcceptanceTest --- .../hsadminng/rbac/rbacdef/InsertTriggerGenerator.java | 2 +- .../hsadminng/test/cust/TestCustomerController.java | 7 ++++++- src/main/resources/db/changelog/113-test-customer-rbac.sql | 4 ++-- src/main/resources/db/changelog/123-test-package-rbac.sql | 4 ++-- .../test/cust/TestCustomerControllerAcceptanceTest.java | 6 +++--- .../test/cust/TestCustomerRepositoryIntegrationTest.java | 4 ++-- 6 files changed, 16 insertions(+), 11 deletions(-) diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/InsertTriggerGenerator.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/InsertTriggerGenerator.java index 1f48d045..7afd1941 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/InsertTriggerGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/InsertTriggerGenerator.java @@ -104,7 +104,7 @@ public class InsertTriggerGenerator { returns trigger language plpgsql as $$ begin - raise exception 'insert into ${rawSubTable} not allowed for current subjects % (%)', + raise exception '[403] insert into ${rawSubTable} not allowed for current subjects % (%)', currentSubjects(), currentSubjectsUuids(); end; $$; """, diff --git a/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java b/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java index 1bd000ba..78752d9d 100644 --- a/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java +++ b/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java @@ -10,6 +10,8 @@ import org.springframework.transaction.annotation.Transactional; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.servlet.mvc.method.annotation.MvcUriComponentsBuilder; +import jakarta.persistence.EntityManager; +import jakarta.persistence.PersistenceContext; import java.util.List; @RestController @@ -24,6 +26,9 @@ public class TestCustomerController implements TestCustomersApi { @Autowired private TestCustomerRepository testCustomerRepository; + @PersistenceContext + EntityManager em; + @Override @Transactional(readOnly = true) public ResponseEntity> listCustomers( @@ -48,7 +53,7 @@ public class TestCustomerController implements TestCustomersApi { context.define(currentUser, assumedRoles); final var saved = testCustomerRepository.save(mapper.map(customer, TestCustomerEntity.class)); - + em.flush(); final var uri = MvcUriComponentsBuilder.fromController(getClass()) .path("/api/test/customers/{id}") diff --git a/src/main/resources/db/changelog/113-test-customer-rbac.sql b/src/main/resources/db/changelog/113-test-customer-rbac.sql index bdd01a62..a082d1ed 100644 --- a/src/main/resources/db/changelog/113-test-customer-rbac.sql +++ b/src/main/resources/db/changelog/113-test-customer-rbac.sql @@ -1,5 +1,5 @@ --liquibase formatted sql --- This code generated was by RbacViewPostgresGenerator at 2024-03-07T15:57:25.487712422. +-- This code generated was by RbacViewPostgresGenerator at 2024-03-07T18:03:21.967830771. -- ============================================================================ @@ -88,7 +88,7 @@ create or replace function test_customer_insert_permission_missing_tf() returns trigger language plpgsql as $$ begin - raise exception 'insert into test_customer not allowed for current subjects % (%)', + raise exception '[403] insert into test_customer not allowed for current subjects % (%)', currentSubjects(), currentSubjectsUuids(); end; $$; diff --git a/src/main/resources/db/changelog/123-test-package-rbac.sql b/src/main/resources/db/changelog/123-test-package-rbac.sql index f36eacee..676ec6c0 100644 --- a/src/main/resources/db/changelog/123-test-package-rbac.sql +++ b/src/main/resources/db/changelog/123-test-package-rbac.sql @@ -1,5 +1,5 @@ --liquibase formatted sql --- This code generated was by RbacViewPostgresGenerator at 2024-03-07T15:57:25.536171618. +-- This code generated was by RbacViewPostgresGenerator at 2024-03-07T18:03:22.000977525. -- ============================================================================ @@ -194,7 +194,7 @@ create or replace function test_package_insert_permission_missing_tf() returns trigger language plpgsql as $$ begin - raise exception 'insert into test_package not allowed for current subjects % (%)', + raise exception '[403] insert into test_package not allowed for current subjects % (%)', currentSubjects(), currentSubjectsUuids(); end; $$; diff --git a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java index 6c695caa..942351c0 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerControllerAcceptanceTest.java @@ -148,7 +148,7 @@ class TestCustomerControllerAcceptanceTest { // finally, the new customer can be viewed by its own admin final var newUserUuid = UUID.fromString( location.substring(location.lastIndexOf('/') + 1)); - context.define("customer-admin@uuu.example.com"); + context.define("superuser-fran@hostsharing.net", "test_customer#uuu.admin"); assertThat(testCustomerRepository.findByUuid(newUserUuid)) .hasValueSatisfying(c -> assertThat(c.getPrefix()).isEqualTo("uuu")); } @@ -175,7 +175,7 @@ class TestCustomerControllerAcceptanceTest { .statusCode(403) .contentType(ContentType.JSON) .statusCode(403) - .body("message", containsString("add-customer not permitted for test_customer#xxx.admin")); + .body("message", containsString("insert into test_customer not allowed for current subjects {test_customer#xxx.admin}")); // @formatter:on // finally, the new customer was not created @@ -204,7 +204,7 @@ class TestCustomerControllerAcceptanceTest { .statusCode(403) .contentType(ContentType.JSON) .statusCode(403) - .body("message", containsString("add-customer not permitted for customer-admin@yyy.example.com")); + .body("message", containsString("insert into test_customer not allowed for current subjects {customer-admin@yyy.example.com}")); // @formatter:on // finally, the new customer was not created diff --git a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java index 01f09d26..01aa0760 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerRepositoryIntegrationTest.java @@ -74,7 +74,7 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest { // then result.assertExceptionWithRootCauseMessage( PersistenceException.class, - "ERROR: insert into test_customer not allowed for current subjects {test_customer#xxx.admin}"); + "ERROR: [403] insert into test_customer not allowed for current subjects {test_customer#xxx.admin}"); } @Test @@ -92,7 +92,7 @@ class TestCustomerRepositoryIntegrationTest extends ContextBasedTest { // then result.assertExceptionWithRootCauseMessage( PersistenceException.class, - "ERROR: insert into test_customer not allowed for current subjects {customer-admin@xxx.example.com}"); + "ERROR: [403] insert into test_customer not allowed for current subjects {customer-admin@xxx.example.com}"); }