for now, make give all users the role of a HOSTMASTER

src/main/java/org/hostsharing/hsadminng/HsadminNgApp.java

@@ -1,11 +1,11 @@
 package org.hostsharing.hsadminng;
 
+import io.github.jhipster.config.JHipsterConstants;
+import org.apache.commons.lang3.StringUtils;
 import org.hostsharing.hsadminng.config.ApplicationProperties;
 import org.hostsharing.hsadminng.config.DefaultProfileUtil;
-
+import org.hostsharing.hsadminng.security.SecurityUtils;
-import io.github.jhipster.config.JHipsterConstants;
+import org.hostsharing.hsadminng.service.accessfilter.Role;
-
-import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.SpringApplication;
@@ -41,6 +41,10 @@ public class HsadminNgApp {
      */
     @PostConstruct
     public void initApplication() {
+
+        // TODO: remove this hack once proper user roles are implemented
+        SecurityUtils.addUserRole(null, null, Role.HOSTMASTER);
+
         Collection<String> activeProfiles = Arrays.asList(env.getActiveProfiles());
         if (activeProfiles.contains(JHipsterConstants.SPRING_PROFILE_DEVELOPMENT) && activeProfiles.contains(JHipsterConstants.SPRING_PROFILE_PRODUCTION)) {
             log.error("You have misconfigured your application! It should not run " +

src/main/java/org/hostsharing/hsadminng/security/AuthoritiesConstants.java

@@ -5,8 +5,12 @@ package org.hostsharing.hsadminng.security;
  */
 public final class AuthoritiesConstants {
 
+    public static final String HOSTMASTER = "ROLE_HOSTMASTER";
+
     public static final String ADMIN = "ROLE_ADMIN";
 
+    public static final String SUPPORTER = "ROLE_SUPPORTER";
+
     public static final String USER = "ROLE_USER";
 
     public static final String ANONYMOUS = "ROLE_ANONYMOUS";

src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializerWithAccessFilter.java

@@ -3,10 +3,7 @@ package org.hostsharing.hsadminng.service.accessfilter;
 import com.fasterxml.jackson.core.JsonParser;
 import com.fasterxml.jackson.core.TreeNode;
 import com.fasterxml.jackson.databind.DeserializationContext;
-import com.fasterxml.jackson.databind.node.ArrayNode;
+import com.fasterxml.jackson.databind.node.*;
-import com.fasterxml.jackson.databind.node.IntNode;
-import com.fasterxml.jackson.databind.node.LongNode;
-import com.fasterxml.jackson.databind.node.TextNode;
 import org.apache.commons.lang3.NotImplementedException;
 import org.apache.commons.lang3.ObjectUtils;
 import org.hostsharing.hsadminng.service.util.ReflectionUtil;
@@ -79,21 +76,30 @@ public class JSonDeserializerWithAccessFilter<T> extends JSonAccessFilter<T> {
 
     private Object readValue(final TreeNode treeNode, final String fieldName, final Class<?> fieldClass) {
         final TreeNode fieldNode = treeNode.get(fieldName);
+        if (fieldNode instanceof NullNode) {
+            return null;
+        }
         if (fieldNode instanceof TextNode) {
             return ((TextNode) fieldNode).asText();
-        } else if (fieldNode instanceof IntNode) {
+        }
+        if (fieldNode instanceof IntNode) {
             return ((IntNode) fieldNode).asInt();
-        } else if (fieldNode instanceof LongNode) {
+        }
+        if (fieldNode instanceof LongNode) {
             return ((LongNode) fieldNode).asLong();
-        } else if (fieldNode instanceof ArrayNode && LocalDate.class.isAssignableFrom(fieldClass)) {
+        }
+        if (fieldNode instanceof ArrayNode && LocalDate.class.isAssignableFrom(fieldClass)) {
             return LocalDate.of(((ArrayNode) fieldNode).get(0).asInt(), ((ArrayNode) fieldNode).get(1).asInt(), ((ArrayNode) fieldNode).get(2).asInt());
-        } else {
+        }
+        {
             throw new NotImplementedException("property type not yet implemented: " + fieldNode + " -> " + fieldName + ": " + fieldClass);
         }
     }
 
     private void writeValue(final T dto, final Field field, final Object value) {
-        if (field.getType().isAssignableFrom(value.getClass())) {
+        if (value == null) {
+            ReflectionUtil.setValue(dto, field, null);
+        } else if (field.getType().isAssignableFrom(value.getClass())) {
             ReflectionUtil.setValue(dto, field, value);
         } else if (Integer.class.isAssignableFrom(field.getType()) || int.class.isAssignableFrom(field.getType())) {
             ReflectionUtil.setValue(dto, field, ((Number) value).intValue());

src/main/resources/.h2.server.properties

@@ -1,5 +1,5 @@
 #H2 Server Properties
-#Wed Apr 03 13:36:25 CEST 2019
+#Thu Apr 25 12:42:42 CEST 2019
 0=JHipster H2 (Memory)|org.h2.Driver|jdbc\:h2\:mem\:hsadminng|hsadminNg
 webAllowOthers=true
 webPort=8082

src/main/resources/config/liquibase/authorities.csv

@@ -1,3 +1,5 @@
 name
+ROLE_HOSTMASTER
 ROLE_ADMIN
+ROLE_SUPPORTER
 ROLE_USER

src/main/resources/config/liquibase/users_authorities.csv

@@ -1,4 +1,5 @@
 user_id;authority_name
+1;ROLE_HOSTMASTER
 1;ROLE_ADMIN
 1;ROLE_USER
 3;ROLE_ADMIN

src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonBuilder.java

@@ -21,7 +21,7 @@ public class JSonBuilder {
     }
 
     private static String inQuotes(Object value) {
-        return "\"" + value.toString() + "\"";
+        return value != null ? "\"" + value.toString() + "\"" : "null";
     }
 
 }

src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializerWithAccessFilterUnitTest.java

@@ -72,6 +72,20 @@ public class JSonDeserializerWithAccessFilterUnitTest {
         given(jsonParser.getCodec()).willReturn(codec);
     }
 
+    @Test
+    public void shouldDeserializeNullField() throws IOException {
+        // given
+        givenJSonTree(asJSon(
+            ImmutablePair.of("id", 1234L),
+            ImmutablePair.of("openStringField", null)));
+
+        // when
+        GivenDto actualDto = new JSonDeserializerWithAccessFilter<>(ctx, jsonParser, null, GivenDto.class).deserialize();
+
+        // then
+        assertThat(actualDto.openStringField).isNull();
+    }
+
     @Test
     public void shouldDeserializeStringField() throws IOException {
         // given