add RbacUser* tests and improved http status codes

2022-08-05 15:00:00 +02:00 · 2022-08-05 15:00:00 +02:00 · f16953877f
commit f16953877f
parent bef358eda6
1 changed files with 20 additions and 0 deletions
--- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserRepositoryIntegrationTest.java
+++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserRepositoryIntegrationTest.java
@ -267,6 +267,18 @@ class RbacUserRepositoryIntegrationTest {
            );
        }

+        @Test
+        public void customerAdmin_withoutAssumedRole_canNotViewPermissionsOfUnrelatedUsers() {
+            // given
+            currentUser("admin@aaa.example.com");
+
+            // when
+            final var result = rbacUserRepository.findPermissionsOfUser("aab00@aab.example.com");
+
+            // then
+            noRbacPermissionsAreReturned(result);
+        }
+
        @Test
        public void packetAdmin_withoutAssumedRole_canViewAllPermissionsWithinThePacketsRealm() {
            // given
@ -304,6 +316,14 @@ class RbacUserRepositoryIntegrationTest {
            .containsExactlyInAnyOrder(expectedUserNames);
    }

+    void noRbacPermissionsAreReturned(
+        final List<RbacUserPermission> actualResult) {
+        assertThat(actualResult)
+            .extracting(p -> p.getRoleName() + " -> " + p.getObjectTable() + "#" + p.getObjectIdName() + ": " + p.getOp())
+            .containsExactlyInAnyOrder();
+    }
+
+
    void exactlyTheseRbacPermissionsAreReturned(
        final List<RbacUserPermission> actualResult,
        final String... expectedRoleNames) {