7 changed files with 53 additions and 82 deletions
--- a/src/main/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemEntity.java
+++ b/src/main/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemEntity.java
@ -24,7 +24,6 @@ import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
 import jakarta.persistence.EnumType;
 import jakarta.persistence.Enumerated;
-import jakarta.persistence.FetchType;
 import jakarta.persistence.GeneratedValue;
 import jakarta.persistence.Id;
 import jakarta.persistence.JoinColumn;
@ -83,11 +82,11 @@ public class HsBookingItemEntity implements Stringifyable, RbacObject {
    @Version
    private int version;

-    @ManyToOne(fetch = FetchType.LAZY)
+    @ManyToOne
    @JoinColumn(name = "projectuuid")
    private HsBookingProjectEntity project;

-    @ManyToOne(fetch = FetchType.LAZY)
+    @ManyToOne
    @JoinColumn(name = "parentitemuuid")
    private HsBookingItemEntity parentItem;

--- a/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetEntity.java
+++ b/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetEntity.java
@ -21,7 +21,6 @@ import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
 import jakarta.persistence.EnumType;
 import jakarta.persistence.Enumerated;
-import jakarta.persistence.FetchType;
 import jakarta.persistence.GeneratedValue;
 import jakarta.persistence.Id;
 import jakarta.persistence.JoinColumn;
@ -78,15 +77,15 @@ public class HsHostingAssetEntity implements Stringifyable, RbacObject {
    @Version
    private int version;

-    @ManyToOne(fetch = FetchType.LAZY)
+    @ManyToOne
    @JoinColumn(name = "bookingitemuuid")
    private HsBookingItemEntity bookingItem;

-    @ManyToOne(fetch = FetchType.LAZY)
+    @ManyToOne
    @JoinColumn(name = "parentassetuuid")
    private HsHostingAssetEntity parentAsset;

-    @ManyToOne(fetch = FetchType.LAZY)
+    @ManyToOne
    @JoinColumn(name = "assignedtoassetuuid")
    private HsHostingAssetEntity assignedToAsset;

@ -94,12 +93,12 @@ public class HsHostingAssetEntity implements Stringifyable, RbacObject {
    @Enumerated(EnumType.STRING)
    private HsHostingAssetType type;

-    @OneToMany(cascade = CascadeType.REFRESH, orphanRemoval = true, fetch = FetchType.LAZY)
+    @OneToMany(cascade = CascadeType.REFRESH, orphanRemoval = true)
    @JoinColumn(name="parentassetuuid", referencedColumnName="uuid")
-    private List<HsHostingAssetEntity> subHostingAssets; // FIXME: can only be one
+    private List<HsHostingAssetEntity> subHostingAssets;

    @Column(name = "identifier")
-    private String identifier; // e.g. vm1234, xyz00, example.org, xyz00_abc
+    private String identifier; // vm1234, xyz00, example.org, xyz00_abc

    @Column(name = "caption")
    private String caption;
--- a/src/test/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemControllerAcceptanceTest.java
+++ b/src/test/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemControllerAcceptanceTest.java
@ -4,17 +4,13 @@ import io.hypersistence.utils.hibernate.type.range.Range;
 import io.restassured.RestAssured;
 import io.restassured.http.ContentType;
 import net.hostsharing.hsadminng.HsadminNgApplication;
+import net.hostsharing.hsadminng.hs.booking.project.HsBookingProjectEntity;
 import net.hostsharing.hsadminng.hs.booking.project.HsBookingProjectRepository;
 import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
 import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
 import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
-import org.junit.jupiter.api.ClassOrderer;
-import org.junit.jupiter.api.MethodOrderer;
 import org.junit.jupiter.api.Nested;
-import org.junit.jupiter.api.Order;
 import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.TestClassOrder;
-import org.junit.jupiter.api.TestMethodOrder;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.web.server.LocalServerPort;
@ -37,7 +33,6 @@ import static org.hamcrest.Matchers.matchesRegex;
        classes = { HsadminNgApplication.class, JpaAttempt.class }
 )
@Transactional
-@TestClassOrder(ClassOrderer.OrderAnnotation.class) // fail early on fetching problems
 class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup {

    @LocalServerPort
@ -56,7 +51,6 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
    JpaAttempt jpaAttempt;

    @Nested
-    @Order(2)
    class ListBookingItems {

        @Test
@ -125,7 +119,6 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
    }

    @Nested
-    @Order(3)
    class AddBookingItem {

        @Test
@ -177,16 +170,13 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
    }

    @Nested
-    @Order(1)
-    @TestMethodOrder(MethodOrderer.OrderAnnotation.class)
    class GetBookingItem {

        @Test
-        @Order(1)
        void globalAdmin_canGetArbitraryBookingItem() {
            context.define("superuser-alex@hostsharing.net");
            final var givenBookingItemUuid = bookingItemRepo.findByCaption("separate ManagedWebspace").stream()
-                            .filter(bi -> belongsToProject(bi, "D-1000111 default project"))
+                            .filter(bi -> belongsToDebitorWithDefaultPrefix(bi, "fir"))
                            .map(HsBookingItemEntity::getUuid)
                            .findAny().orElseThrow();

@ -216,11 +206,10 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
        }

        @Test
-        @Order(2)
        void normalUser_canNotGetUnrelatedBookingItem() {
            context.define("superuser-alex@hostsharing.net");
            final var givenBookingItemUuid = bookingItemRepo.findByCaption("separate ManagedServer").stream()
-                    .filter(bi -> belongsToProject(bi, "D-1000212 default project"))
+                    .filter(bi -> belongsToDebitorWithDefaultPrefix(bi, "sec"))
                    .map(HsBookingItemEntity::getUuid)
                    .findAny().orElseThrow();

@ -235,21 +224,23 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
        }

        @Test
-        @Order(3)
-        // TODO.impl: For unknown reason this test fails in about 50%, not finding the uuid (404).
+        // TODO.impl: For unknown reason, this test fails in about 50%, not finding the uuid (404), maybe no SELECT permission?
        void projectAdmin_canGetRelatedBookingItem() {
            context.define("superuser-alex@hostsharing.net");
-            final var givenBookingItem = bookingItemRepo.findByCaption("separate ManagedServer").stream()
-                    .filter(bi -> belongsToProject(bi, "D-1000313 default project"))
+            final var givenBookingItemUuid = bookingItemRepo.findByCaption("separate ManagedServer").stream()
+                    .filter(bi -> belongsToDebitorWithDefaultPrefix(bi, "sec"))
+                    .map(HsBookingItemEntity::getUuid)
                    .findAny().orElseThrow();

+            generateRbacDiagramForObjectPermission(givenBookingItemUuid, "SELECT", "select");
+
            RestAssured // @formatter:off
                .given()
                    .header("current-user", "superuser-alex@hostsharing.net")
-                    .header("assumed-roles", "hs_booking_project#D-1000313-D-1000313defaultproject:ADMIN")
+                    .header("assumed-roles", "hs_booking_project#D-1000212-D-1000212defaultproject:ADMIN")
                    .port(port)
                .when()
-                    .get("http://localhost/api/hs/booking/items/" + givenBookingItem.getUuid())
+                    .get("http://localhost/api/hs/booking/items/" + givenBookingItemUuid)
                .then().log().all().assertThat()
                    .statusCode(200)
                    .contentType("application/json")
@ -269,22 +260,22 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
                    """)); // @formatter:on
        }

-        private static boolean belongsToProject(final HsBookingItemEntity bi, final String projectCaption) {
+        private static boolean belongsToDebitorWithDefaultPrefix(final HsBookingItemEntity bi, final String defaultPrefix) {
            return ofNullable(bi)
                    .map(HsBookingItemEntity::getProject)
-                    .filter(bp -> bp.getCaption().equals(projectCaption))
+                    .map(HsBookingProjectEntity::getDebitor)
+                    .filter(bd -> bd.getDefaultPrefix().equals(defaultPrefix))
                    .isPresent();
        }
    }

    @Nested
-    @Order(4)
    class PatchBookingItem {

        @Test
        void globalAdmin_canPatchAllUpdatablePropertiesOfBookingItem() {

-            final var givenBookingItem = givenSomeNewBookingItem("D-1000111 default project", MANAGED_WEBSPACE,
+            final var givenBookingItem = givenSomeBookingItem(1000111, MANAGED_WEBSPACE,
                    resource("HDD", 100), resource("SSD", 50), resource("Traffic", 250));

            RestAssured // @formatter:off
@ -333,13 +324,12 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
    }

    @Nested
-    @Order(5)
    class DeleteBookingItem {

        @Test
        void globalAdmin_canDeleteArbitraryBookingItem() {
            context.define("superuser-alex@hostsharing.net");
-            final var givenBookingItem = givenSomeNewBookingItem("D-1000111 default project", MANAGED_WEBSPACE,
+            final var givenBookingItem = givenSomeBookingItem(1000111, MANAGED_WEBSPACE,
                    resource("HDD", 100), resource("SSD", 50), resource("Traffic", 250));

            RestAssured // @formatter:off
@ -358,7 +348,7 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
        @Test
        void normalUser_canNotDeleteUnrelatedBookingItem() {
            context.define("superuser-alex@hostsharing.net");
-            final var givenBookingItem = givenSomeNewBookingItem("D-1000111 default project", MANAGED_WEBSPACE,
+            final var givenBookingItem = givenSomeBookingItem(1000111, MANAGED_WEBSPACE,
                    resource("HDD", 100), resource("SSD", 50), resource("Traffic", 250));

            RestAssured // @formatter:off
@ -376,11 +366,13 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
    }

    @SafeVarargs
-    private HsBookingItemEntity givenSomeNewBookingItem(final String projectCaption,
+    private HsBookingItemEntity givenSomeBookingItem(final int debitorNumber,
            final HsBookingItemType hsBookingItemType, final Map.Entry<String, Object>... resources) {
        return jpaAttempt.transacted(() -> {
            context.define("superuser-alex@hostsharing.net");
-            final var givenProject = projectRepo.findByCaption(projectCaption).stream()
+            final var givenProject = debitorRepo.findDebitorByDebitorNumber(debitorNumber).stream()
+                    .map(d -> projectRepo.findAllByDebitorUuid(d.getUuid()))
+                    .flatMap(java.util.List::stream)
                    .findAny().orElseThrow();
            final var newBookingItem = HsBookingItemEntity.builder()
                    .uuid(UUID.randomUUID())
--- a/src/test/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemRepositoryIntegrationTest.java
+++ b/src/test/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemRepositoryIntegrationTest.java
@ -231,9 +231,7 @@ class HsBookingItemRepositoryIntegrationTest extends ContextBasedTestWithCleanup
        private void assertThatBookingItemActuallyInDatabase(final HsBookingItemEntity saved) {
            final var found = bookingItemRepo.findByUuid(saved.getUuid());
            assertThat(found).isNotEmpty().get().isNotSameAs(saved)
-                    .extracting(HsBookingItemEntity::getResources)
-                    .extracting(Object::toString)
-                    .isEqualTo(saved.getResources().toString());
+                    .extracting(Object::toString).isEqualTo(saved.toString());
        }
    }

--- a/src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetControllerAcceptanceTest.java
+++ b/src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetControllerAcceptanceTest.java
@ -458,8 +458,8 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
            context.define("superuser-alex@hostsharing.net");
            assertThat(assetRepo.findByUuid(givenAsset.getUuid())).isPresent().get()
                    .matches(asset -> {
-                        assertThat(asset.getConfig().toString()).isEqualTo(
-                                "{ monit_max_cpu_usage: 90, monit_max_ram_usage: 70, monit_max_ssd_usage: 85, monit_min_free_ssd: 5 }");
+                        assertThat(asset.toString()).isEqualTo(
+                                "HsHostingAssetEntity(MANAGED_SERVER, vm2001, some test-asset, D-1000111:D-1000111 default project:some ManagedServer, { monit_max_cpu_usage: 90, monit_max_ram_usage: 70, monit_max_ssd_usage: 85, monit_min_free_ssd: 5 })");
                        return true;
                    });
        }
--- a/src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetRepositoryIntegrationTest.java
+++ b/src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetRepositoryIntegrationTest.java
@ -24,8 +24,6 @@ import jakarta.servlet.http.HttpServletRequest;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
-import java.util.concurrent.TimeUnit;
-import java.util.function.Supplier;

 import static java.util.Map.entry;
 import static net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType.CLOUD_SERVER;
@ -155,7 +153,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu

        private void assertThatAssetIsPersisted(final HsHostingAssetEntity saved) {
            final var found = assetRepo.findByUuid(saved.getUuid());
-            assertThat(found).isNotEmpty().map(HsHostingAssetEntity::getVersion).get().isEqualTo(saved.getVersion());
+            assertThat(found).isNotEmpty().map(HsHostingAssetEntity::toString).get().isEqualTo(saved.toString());
        }
    }

@ -178,14 +176,6 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
                    "HsHostingAssetEntity(MANAGED_WEBSPACE, thi01, some Webspace, MANAGED_SERVER:vm1013, D-1000313:D-1000313 default project:separate ManagedWebspace)");
        }

-        public <R> R stopWatch(final String caption, final Supplier<R> operation) {
-            long start = System.nanoTime();
-            final R result  = operation.get();
-            System.out.printf("StopWatch %s: %dms\n",
-                    caption, TimeUnit.NANOSECONDS.toMillis(System.nanoTime() - start));
-            return result;
-        }
-
        @Test
        public void normalUser_canViewOnlyRelatedAsset() {
            // given:
@ -194,9 +184,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
                    .findAny().orElseThrow().getUuid();

            // when:
-            final var result = stopWatch("findAllByCriteria", () ->
-                assetRepo.findAllByCriteria(projectUuid, null, null)
-            );
+            final var result = assetRepo.findAllByCriteria(projectUuid, null, null);

            // then:
            exactlyTheseAssetsAreReturned(
@ -252,7 +240,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
        private void assertThatAssetActuallyInDatabase(final HsHostingAssetEntity saved) {
            final var found = assetRepo.findByUuid(saved.getUuid());
            assertThat(found).isNotEmpty().get().isNotSameAs(saved)
-                    .extracting(HsHostingAssetEntity::getVersion).isEqualTo(saved.getVersion());
+                    .extracting(Object::toString).isEqualTo(saved.toString());
        }
    }

--- a/src/test/java/net/hostsharing/hsadminng/rbac/test/ContextBasedTestWithCleanup.java
+++ b/src/test/java/net/hostsharing/hsadminng/rbac/test/ContextBasedTestWithCleanup.java
@ -63,6 +63,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
        return merged;
    }

+    // remove HsOfficeCoopAssetsTransactionRawEntity, which is not needed anymore after this change
    public UUID toCleanup(final Class<? extends RbacObject> entityClass, final UUID uuidToCleanup) {
        out.println("toCleanup(" + entityClass.getSimpleName() + ", " + uuidToCleanup + ")");
        entitiesToCleanup.put(uuidToCleanup, entityClass);
@ -175,8 +176,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
    }

    private void cleanupTemporaryTestData() {
-        // For better performance in a single transaction ...
-        final var exception = jpaAttempt.transacted(() -> {
+        jpaAttempt.transacted(() -> {
            context.define("superuser-alex@hostsharing.net", null);
            entitiesToCleanup.reversed().forEach((uuid, entityClass) -> {
                final var rvTableName = entityClass.getAnnotation(Table.class).name();
@ -188,12 +188,7 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
                        .setParameter("uuid", uuid).executeUpdate();
                out.println("DELETING temporary " + entityClass.getSimpleName() + "#" + uuid + " deleted " + deletedRows + " rows");
            });
-        }).caughtException();
-
-        // ... and in case of foreign key violations, we rely on the RbacObject cleanup.
-        if (exception != null) {
-            System.err.println(exception);
-        }
+        }).assertSuccessful();
    }

    private long assertNoNewRbacObjectsRolesAndGrantsLeaked() {
@ -219,24 +214,24 @@ public abstract class ContextBasedTestWithCleanup extends ContextBasedTest {
    }

    private void deleteLeakedRbacObjects() {
-        rbacObjectRepo.findAll().stream()
-            .filter(o -> o.serialId > latestIntialTestDataSerialId)
-            .sorted(comparing(o -> o.serialId))
-            .forEach(o -> {
-                final var exception = jpaAttempt.transacted(() -> {
-                    context.define("superuser-alex@hostsharing.net", null);
+        jpaAttempt.transacted(() -> rbacObjectRepo.findAll()).returnedValue().stream()
+                .filter(o -> o.serialId > latestIntialTestDataSerialId)
+                .sorted(comparing(o -> o.serialId))
+                .forEach(o -> {
+                    final var exception = jpaAttempt.transacted(() -> {
+                        context.define("superuser-alex@hostsharing.net", null);

-                    em.createNativeQuery("DELETE FROM " + o.objectTable + " WHERE uuid=:uuid")
-                            .setParameter("uuid", o.uuid)
-                            .executeUpdate();
+                        em.createNativeQuery("DELETE FROM " + o.objectTable + " WHERE uuid=:uuid")
+                                .setParameter("uuid", o.uuid)
+                                .executeUpdate();

-                    out.println("DELETING leaked " + o.objectTable + "#" + o.uuid + " SUCCEEDED");
-                }).caughtException();
+                        out.println("DELETING leaked " + o.objectTable + "#" + o.uuid + " SUCCEEDED");
+                    }).caughtException();

-                if (exception != null) {
-                    out.println("DELETING leaked " + o.objectTable + "#" + o.uuid + " FAILED " + exception);
-                }
-            });
+                    if (exception != null) {
+                        out.println("DELETING leaked " + o.objectTable + "#" + o.uuid + " FAILED " + exception);
+                    }
+                });
    }

    private void assertEqual(final Set<String> before, final Set<String> after) {