working hasGlobalAdminRole and prepare for Micrometer metrics with Spring Security #127
5
Jenkinsfile
vendored
5
Jenkinsfile
vendored
@ -76,7 +76,10 @@ pipeline {
|
||||
sh '''
|
||||
./gradlew convertMarkdownToHtml
|
||||
'''
|
||||
archiveArtifacts artifacts: 'doc/scenarios/*.html', allowEmptyArchive: true
|
||||
archiveArtifacts artifacts:
|
||||
'build/doc/scenarios/*.html, ' +
|
||||
'build/reports/dependency-license/dependencies-without-allowed-license.json',
|
||||
allowEmptyArchive: true
|
||||
|
||||
// cleanup workspace
|
||||
cleanWs()
|
||||
|
||||
26
README.md
26
README.md
@ -60,36 +60,40 @@ If you have at least Docker and the Java JDK installed in appropriate versions a
|
||||
|
||||
cd your-hsadmin-ng-directory
|
||||
|
||||
source .aliases # creates some comfortable bash aliases, e.g. 'gw'='./gradlew'
|
||||
gw # initially downloads the configured Gradle version into the project
|
||||
source .aliases # creates some comfortable bash aliases, e.g. 'gw'='./gradlew'
|
||||
gw # initially downloads the configured Gradle version into the project
|
||||
|
||||
gw test # compiles and runs unit- and integration-tests
|
||||
gw test # compiles and runs unit- and integration-tests - takes >10min even on a fast machine
|
||||
gw scenarioTests # compiles and scenario-tests - takes ~1min on a decent machine
|
||||
|
||||
# if the container has not been built yet, run this:
|
||||
pg-sql-run # downloads + runs PostgreSQL in a Docker container on localhost:5432
|
||||
# if the container has been built already, run this:
|
||||
# if the container has been built already and you want to keep the data, run this:
|
||||
pg-sql-start
|
||||
|
||||
gw bootRun # compiles and runs the application on localhost:8080
|
||||
|
||||
# the following command should reply with "pong":
|
||||
curl http://localhost:8080/api/ping
|
||||
curl -f http://localhost:8080/api/ping
|
||||
|
||||
# the following command should return a JSON array with just all customers:
|
||||
curl \
|
||||
curl -f\
|
||||
-H 'current-subject: superuser-alex@hostsharing.net' \
|
||||
http://localhost:8080/api/test/customers
|
||||
http://localhost:8080/api/test/customers \
|
||||
| jq # just if `jq` is installed, to prettyprint the output
|
||||
|
||||
# the following command should return a JSON array with just all packages visible for the admin of the customer yyy:
|
||||
curl \
|
||||
curl -f\
|
||||
-H 'current-subject: superuser-alex@hostsharing.net' -H 'assumed-roles: rbactest.customer#yyy:ADMIN' \
|
||||
http://localhost:8080/api/test/packages
|
||||
http://localhost:8080/api/test/packages \
|
||||
| jq
|
||||
|
||||
# add a new customer
|
||||
curl \
|
||||
curl -f\
|
||||
-H 'current-subject: superuser-alex@hostsharing.net' -H "Content-Type: application/json" \
|
||||
-d '{ "prefix":"ttt", "reference":80001, "adminUserName":"admin@ttt.example.com" }' \
|
||||
-X POST http://localhost:8080/api/test/customers
|
||||
-X POST http://localhost:8080/api/test/customers \
|
||||
| jq
|
||||
|
||||
If you wonder who 'superuser-alex@hostsharing.net' and 'superuser-fran@hostsharing.net' are and where the data comes from:
|
||||
Mike and Sven are just example global admin accounts as part of the example data which is automatically inserted in Testcontainers and Development environments.
|
||||
|
||||
@ -58,6 +58,8 @@ dependencies {
|
||||
implementation 'org.springframework.boot:spring-boot-starter-jdbc'
|
||||
implementation 'org.springframework.boot:spring-boot-starter-web'
|
||||
implementation 'org.springframework.boot:spring-boot-starter-validation'
|
||||
implementation 'org.springframework.boot:spring-boot-starter-actuator'
|
||||
implementation 'org.springframework.boot:spring-boot-starter-security'
|
||||
implementation 'com.github.gavlyukovskiy:datasource-proxy-spring-boot-starter:1.9.2'
|
||||
implementation 'org.springdoc:springdoc-openapi:2.6.0'
|
||||
implementation 'org.postgresql:postgresql:42.7.4'
|
||||
|
||||
@ -43,6 +43,11 @@
|
||||
|
||||
{ "moduleLicense": "WTFPL" },
|
||||
|
||||
{
|
||||
"moduleLicense": "Public Domain, per Creative Commons CC0",
|
||||
"moduleVersion": "2.0.3"
|
||||
},
|
||||
|
||||
{
|
||||
"moduleLicense": null,
|
||||
"#moduleLicense": "Apache License 2.0, see https://github.com/springdoc/springdoc-openapi/blob/main/LICENSE",
|
||||
|
||||
@ -0,0 +1,26 @@
|
||||
package net.hostsharing.hsadminng.config;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class WebSecurityConfig {
|
||||
|
||||
@Bean
|
||||
@Profile("!test")
|
||||
public SecurityFilterChain securityFilterChain(final HttpSecurity http) throws Exception {
|
||||
return http
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.requestMatchers("/api/**").permitAll() // TODO.impl: implement authentication
|
||||
.requestMatchers("/actuator/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.build();
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,6 +1,15 @@
|
||||
server:
|
||||
port : 8080
|
||||
|
||||
management:
|
||||
server:
|
||||
port: 8081
|
||||
address: 127.0.0.1
|
||||
endpoints:
|
||||
web:
|
||||
exposure:
|
||||
include: info, health, metrics
|
||||
|
||||
spring:
|
||||
|
||||
datasource:
|
||||
|
||||
@ -46,15 +46,15 @@ create or replace function rbac.hasGlobalAdminRole()
|
||||
stable -- leakproof
|
||||
language plpgsql as $$
|
||||
declare
|
||||
currentSubjectOrAssumedRolesUuids text;
|
||||
assumedRoles text;
|
||||
begin
|
||||
begin
|
||||
currentSubjectOrAssumedRolesUuids := current_setting('hsadminng.currentSubjectOrAssumedRolesUuids');
|
||||
assumedRoles := current_setting('hsadminng.assumedRoles');
|
||||
exception
|
||||
when others then
|
||||
currentSubjectOrAssumedRolesUuids := null;
|
||||
assumedRoles := null;
|
||||
end;
|
||||
return currentSubjectOrAssumedRolesUuids is null or length(currentSubjectOrAssumedRolesUuids) = 0;
|
||||
return TRIM(COALESCE(assumedRoles, '')) = '' and rbac.isGlobalAdmin();
|
||||
end; $$;
|
||||
--//
|
||||
|
||||
|
||||
@ -0,0 +1,60 @@
|
||||
package net.hostsharing.hsadminng.config;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.client.TestRestTemplate;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.test.context.TestPropertySource;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
|
||||
@TestPropertySource(properties = {"management.port=0", "server.port=0"})
|
||||
// IMPORTANT: To test prod config, do not use test profile!
|
||||
class WebSecurityConfigIntegrationTest {
|
||||
|
||||
@Value("${local.server.port}")
|
||||
private int serverPort;
|
||||
|
||||
@Value("${local.management.port}")
|
||||
private int managementPort;
|
||||
|
||||
@Autowired
|
||||
private TestRestTemplate restTemplate;
|
||||
|
||||
@Test
|
||||
public void shouldSupportPingEndpoint() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.serverPort + "/api/ping", String.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
assertThat(result.getBody()).startsWith("pong");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldSupportActuatorEndpoint() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.managementPort + "/actuator", Map.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldSupportHealthEndpoint() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.managementPort + "/actuator/health", Map.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
assertThat(result.getBody().get("status")).isEqualTo("UP");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldSupportMetricsEndpoint() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.managementPort + "/actuator/metrics", Map.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
}
|
||||
|
||||
}
|
||||
@ -12,6 +12,7 @@ import net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetRealRepository;
|
||||
import net.hostsharing.hsadminng.hs.hosting.asset.validators.Dns;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.ClassOrderer;
|
||||
@ -24,6 +25,7 @@ import org.junit.jupiter.api.TestMethodOrder;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.time.LocalDate;
|
||||
@ -42,8 +44,9 @@ import static org.hamcrest.Matchers.matchesRegex;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
@TestClassOrder(ClassOrderer.OrderAnnotation.class) // fail early on fetching problems
|
||||
class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
@ -6,6 +6,7 @@ import net.hostsharing.hsadminng.hs.booking.project.HsBookingProjectRealEntity;
|
||||
import net.hostsharing.hsadminng.hs.booking.project.HsBookingProjectRealRepository;
|
||||
import net.hostsharing.hsadminng.mapper.StrictMapper;
|
||||
import net.hostsharing.hsadminng.persistence.EntityManagerWrapper;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
@ -38,7 +39,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@WebMvcTest(HsBookingItemController.class)
|
||||
@Import({StrictMapper.class, JsonObjectMapperConfiguration.class})
|
||||
@Import({StrictMapper.class, JsonObjectMapperConfiguration.class, DisableSecurityConfig.class})
|
||||
@RunWith(SpringRunner.class)
|
||||
class HsBookingItemControllerRestTest {
|
||||
|
||||
|
||||
@ -6,11 +6,13 @@ import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.hs.booking.debitor.HsBookingDebitorRepository;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -23,8 +25,9 @@ import static org.hamcrest.Matchers.matchesRegex;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class HsBookingProjectControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -14,6 +14,7 @@ import net.hostsharing.hsadminng.hs.office.contact.HsOfficeContactRealEntity;
|
||||
import net.hostsharing.hsadminng.hs.office.contact.HsOfficeContactRealRepository;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.ClassOrderer;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
@ -23,6 +24,7 @@ import org.junit.jupiter.api.TestClassOrder;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.HashMap;
|
||||
@ -43,8 +45,9 @@ import static org.hamcrest.Matchers.matchesRegex;
|
||||
@Transactional
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@TestClassOrder(ClassOrderer.OrderAnnotation.class) // fail early on fetching problems
|
||||
class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -11,6 +11,7 @@ import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemRealRepository;
|
||||
import net.hostsharing.hsadminng.mapper.Array;
|
||||
import net.hostsharing.hsadminng.mapper.StandardMapper;
|
||||
import net.hostsharing.hsadminng.persistence.EntityManagerWrapper;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
@ -52,7 +53,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@WebMvcTest(HsHostingAssetController.class)
|
||||
@Import({ StandardMapper.class, JsonObjectMapperConfiguration.class})
|
||||
@Import({ StandardMapper.class, JsonObjectMapperConfiguration.class, DisableSecurityConfig.class })
|
||||
@RunWith(SpringRunner.class)
|
||||
public class HsHostingAssetControllerRestTest {
|
||||
|
||||
|
||||
@ -3,16 +3,19 @@ package net.hostsharing.hsadminng.hs.hosting.asset;
|
||||
import io.restassured.RestAssured;
|
||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
|
||||
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
class HsHostingAssetPropsControllerAcceptanceTest {
|
||||
|
||||
@LocalServerPort
|
||||
|
||||
@ -6,12 +6,14 @@ import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.apache.commons.lang3.RandomStringUtils;
|
||||
import org.json.JSONException;
|
||||
import org.junit.jupiter.api.*;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -26,8 +28,9 @@ import static org.hamcrest.Matchers.startsWith;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class HsOfficeBankAccountControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -2,12 +2,15 @@ package net.hostsharing.hsadminng.hs.office.bankaccount;
|
||||
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.mapper.StandardMapper;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
import org.junit.jupiter.params.provider.EnumSource;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.boot.test.mock.mockito.MockBean;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
|
||||
@ -16,6 +19,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@WebMvcTest(HsOfficeBankAccountController.class)
|
||||
@Import(DisableSecurityConfig.class)
|
||||
@ActiveProfiles("test")
|
||||
class HsOfficeBankAccountControllerRestTest {
|
||||
|
||||
@Autowired
|
||||
|
||||
@ -6,6 +6,7 @@ import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.apache.commons.lang3.RandomStringUtils;
|
||||
import org.json.JSONException;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
@ -15,6 +16,7 @@ import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -33,8 +35,9 @@ import static org.hamcrest.Matchers.startsWith;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class HsOfficeContactControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -7,6 +7,7 @@ import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.hs.office.membership.HsOfficeMembershipRepository;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
@ -14,6 +15,7 @@ import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -31,8 +33,9 @@ import static org.hamcrest.Matchers.startsWith;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -8,6 +8,7 @@ import net.hostsharing.hsadminng.hs.office.partner.HsOfficePartnerEntity;
|
||||
import net.hostsharing.hsadminng.mapper.StrictMapper;
|
||||
import net.hostsharing.hsadminng.persistence.EntityManagerWrapper;
|
||||
import net.hostsharing.hsadminng.rbac.test.JsonBuilder;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import net.hostsharing.hsadminng.test.TestUuidGenerator;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
@ -19,6 +20,7 @@ import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.boot.test.mock.mockito.MockBean;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
@ -47,7 +49,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@WebMvcTest(HsOfficeCoopAssetsTransactionController.class)
|
||||
@Import({ StrictMapper.class, JsonObjectMapperConfiguration.class })
|
||||
@Import({ StrictMapper.class, JsonObjectMapperConfiguration.class, DisableSecurityConfig.class })
|
||||
@ActiveProfiles("test")
|
||||
@RunWith(SpringRunner.class)
|
||||
class HsOfficeCoopAssetsTransactionControllerRestTest {
|
||||
|
||||
|
||||
@ -7,6 +7,7 @@ import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.hs.office.membership.HsOfficeMembershipRepository;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
@ -14,6 +15,7 @@ import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -28,7 +30,9 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.hamcrest.Matchers.hasSize;
|
||||
import static org.hamcrest.Matchers.startsWith;
|
||||
|
||||
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = {HsadminNgApplication.class, JpaAttempt.class})
|
||||
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = {HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class})
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -3,12 +3,15 @@ package net.hostsharing.hsadminng.hs.office.coopshares;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.mapper.StandardMapper;
|
||||
import net.hostsharing.hsadminng.rbac.test.JsonBuilder;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
import org.junit.jupiter.params.provider.EnumSource;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.boot.test.mock.mockito.MockBean;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
|
||||
@ -21,6 +24,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@WebMvcTest(HsOfficeCoopSharesTransactionController.class)
|
||||
@Import(DisableSecurityConfig.class)
|
||||
@ActiveProfiles("test")
|
||||
class HsOfficeCoopSharesTransactionControllerRestTest {
|
||||
|
||||
@Autowired
|
||||
|
||||
@ -12,6 +12,7 @@ import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealEntity;
|
||||
import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealRepository;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
@ -19,6 +20,7 @@ import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -33,8 +35,9 @@ import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -8,6 +8,7 @@ import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.hs.office.partner.HsOfficePartnerRepository;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.json.JSONException;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
@ -15,6 +16,7 @@ import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -31,8 +33,9 @@ import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class HsOfficeMembershipControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -5,6 +5,7 @@ import net.hostsharing.hsadminng.hs.office.coopassets.HsOfficeCoopAssetsTransact
|
||||
import net.hostsharing.hsadminng.hs.office.partner.HsOfficePartnerEntity;
|
||||
import net.hostsharing.hsadminng.mapper.StandardMapper;
|
||||
import net.hostsharing.hsadminng.persistence.EntityManagerWrapper;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
@ -14,6 +15,7 @@ import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.boot.test.mock.mockito.MockBean;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
|
||||
@ -27,7 +29,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@WebMvcTest(HsOfficeMembershipController.class)
|
||||
@Import(StandardMapper.class)
|
||||
@Import({StandardMapper.class, DisableSecurityConfig.class})
|
||||
@ActiveProfiles("test")
|
||||
public class HsOfficeMembershipControllerRestTest {
|
||||
|
||||
@Autowired
|
||||
|
||||
@ -13,10 +13,12 @@ import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealReposito
|
||||
import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.*;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.UUID;
|
||||
@ -29,8 +31,9 @@ import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
class HsOfficePartnerControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
private static final UUID GIVEN_NON_EXISTING_UUID = UUID.fromString("00000000-0000-0000-0000-000000000000");
|
||||
|
||||
@ -7,6 +7,7 @@ import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealEntity;
|
||||
import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealRepository;
|
||||
import net.hostsharing.hsadminng.mapper.StandardMapper;
|
||||
import net.hostsharing.hsadminng.persistence.EntityManagerWrapper;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
@ -16,6 +17,7 @@ import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.boot.test.mock.mockito.MockBean;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
|
||||
@ -36,7 +38,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@WebMvcTest(HsOfficePartnerController.class)
|
||||
@Import(StandardMapper.class)
|
||||
@Import({StandardMapper.class, DisableSecurityConfig.class})
|
||||
@ActiveProfiles("test")
|
||||
class HsOfficePartnerControllerRestTest {
|
||||
|
||||
static final UUID GIVEN_MANDANTE_UUID = UUID.randomUUID();
|
||||
|
||||
@ -6,6 +6,7 @@ import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.apache.commons.lang3.RandomStringUtils;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
@ -13,6 +14,7 @@ import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -26,8 +28,9 @@ import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
class HsOfficePersonControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
@LocalServerPort
|
||||
|
||||
@ -9,11 +9,13 @@ import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.hs.office.generated.api.v1.model.HsOfficeRelationTypeResource;
|
||||
import net.hostsharing.hsadminng.hs.office.person.HsOfficePersonRepository;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.UUID;
|
||||
@ -26,8 +28,9 @@ import static org.hamcrest.Matchers.startsWith;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -34,6 +34,7 @@ import net.hostsharing.hsadminng.hs.scenarios.Produces;
|
||||
import net.hostsharing.hsadminng.hs.scenarios.Requires;
|
||||
import net.hostsharing.hsadminng.hs.scenarios.ScenarioTest;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import net.hostsharing.hsadminng.test.IgnoreOnFailureExtension;
|
||||
import org.junit.jupiter.api.ClassOrderer;
|
||||
import org.junit.jupiter.api.Disabled;
|
||||
@ -46,11 +47,12 @@ import org.junit.jupiter.api.TestClassOrder;
|
||||
import org.junit.jupiter.api.TestMethodOrder;
|
||||
import org.junit.jupiter.api.extension.ExtendWith;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
|
||||
@Tag("scenarioTest")
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class },
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class },
|
||||
properties = {
|
||||
"spring.datasource.url=${HSADMINNG_POSTGRES_JDBC_URL:jdbc:tc:postgresql:15.5-bookworm:///scenariosTC}",
|
||||
"spring.datasource.username=${HSADMINNG_POSTGRES_ADMIN_USERNAME:ADMIN}",
|
||||
@ -58,6 +60,7 @@ import org.springframework.boot.test.context.SpringBootTest;
|
||||
"hsadminng.superuser=${HSADMINNG_SUPERUSER:superuser-alex@hostsharing.net}"
|
||||
}
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@TestClassOrder(ClassOrderer.OrderAnnotation.class)
|
||||
@ExtendWith(IgnoreOnFailureExtension.class)
|
||||
class HsOfficeScenarioTests extends ScenarioTest {
|
||||
|
||||
@ -8,6 +8,7 @@ import net.hostsharing.hsadminng.hs.office.bankaccount.HsOfficeBankAccountReposi
|
||||
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
|
||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
@ -15,6 +16,7 @@ import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -30,8 +32,9 @@ import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class HsOfficeSepaMandateControllerAcceptanceTest extends ContextBasedTestWithCleanup {
|
||||
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
package net.hostsharing.hsadminng.rbac.context;
|
||||
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.mapper.StandardMapper;
|
||||
import net.hostsharing.hsadminng.mapper.Array;
|
||||
import net.hostsharing.hsadminng.mapper.StandardMapper;
|
||||
import net.hostsharing.hsadminng.persistence.EntityManagerWrapper;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import org.junit.jupiter.api.Test;
|
||||
@ -13,6 +13,8 @@ import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
import jakarta.persistence.PersistenceContext;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
@ -32,6 +34,9 @@ class ContextIntegrationTests {
|
||||
@Autowired
|
||||
private JpaAttempt jpaAttempt;
|
||||
|
||||
@PersistenceContext
|
||||
private EntityManager em;
|
||||
|
||||
@Test
|
||||
void defineWithoutHttpServletRequestUsesCallStack() {
|
||||
|
||||
@ -43,7 +48,7 @@ class ContextIntegrationTests {
|
||||
|
||||
@Test
|
||||
@Transactional
|
||||
void defineWithcurrentSubjectButWithoutAssumedRoles() {
|
||||
void defineWithCurrentSubjectButWithoutAssumedRoles() {
|
||||
// when
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
|
||||
@ -60,7 +65,7 @@ class ContextIntegrationTests {
|
||||
}
|
||||
|
||||
@Test
|
||||
void defineWithoutcurrentSubjectButWithAssumedRoles() {
|
||||
void defineWithoutCurrentSubjectButWithAssumedRoles() {
|
||||
// when
|
||||
final var result = jpaAttempt.transacted(() ->
|
||||
context.define(null, "rbactest.package#yyy00:ADMIN")
|
||||
@ -73,7 +78,7 @@ class ContextIntegrationTests {
|
||||
}
|
||||
|
||||
@Test
|
||||
void defineWithUnknowncurrentSubject() {
|
||||
void defineWithUnknownCurrentSubject() {
|
||||
// when
|
||||
final var result = jpaAttempt.transacted(() ->
|
||||
context.define("unknown@example.org")
|
||||
@ -87,7 +92,7 @@ class ContextIntegrationTests {
|
||||
|
||||
@Test
|
||||
@Transactional
|
||||
void defineWithcurrentSubjectAndAssumedRoles() {
|
||||
void defineWithCurrentSubjectAndAssumedRoles() {
|
||||
// given
|
||||
context.define("superuser-alex@hostsharing.net", "rbactest.customer#xxx:OWNER;rbactest.customer#yyy:OWNER");
|
||||
|
||||
@ -102,7 +107,7 @@ class ContextIntegrationTests {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void defineContextWithcurrentSubjectAndAssumeInaccessibleRole() {
|
||||
public void defineContextWithCurrentSubjectAndAssumeInaccessibleRole() {
|
||||
// when
|
||||
final var result = jpaAttempt.transacted(() ->
|
||||
context.define("customer-admin@xxx.example.com", "rbactest.package#yyy00:ADMIN")
|
||||
@ -113,4 +118,52 @@ class ContextIntegrationTests {
|
||||
jakarta.persistence.PersistenceException.class,
|
||||
"ERROR: [403] subject customer-admin@xxx.example.com has no permission to assume role rbactest.package#yyy00:ADMIN");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void hasGlobalAdminRoleIsTrueForGlobalAdminWithoutAssumedRole() {
|
||||
|
||||
final var hsGlobalAdminRole = jpaAttempt.transacted(() -> {
|
||||
// given
|
||||
context.define("superuser-alex@hostsharing.net");
|
||||
|
||||
// when
|
||||
return (boolean) em.createNativeQuery("select rbac.hasGlobalAdminRole()").getSingleResult();
|
||||
}
|
||||
);
|
||||
|
||||
// then
|
||||
assertThat(hsGlobalAdminRole.returnedValue()).isTrue();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void hasGlobalAdminRoleIsTrueForGlobalAdminWithAssumedRole() {
|
||||
final var hsGlobalAdminRole = jpaAttempt.transacted(() -> {
|
||||
// given
|
||||
context.define("superuser-alex@hostsharing.net", "rbactest.package#yyy00:ADMIN");
|
||||
|
||||
// when
|
||||
return (boolean) em.createNativeQuery("select rbac.hasGlobalAdminRole()").getSingleResult();
|
||||
});
|
||||
|
||||
// when
|
||||
|
||||
// then
|
||||
assertThat(hsGlobalAdminRole.returnedValue()).isFalse();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void hasGlobalAdminRoleIsFalseForNonGlobalAdminWithoutAssumedRole() {
|
||||
|
||||
final var hsGlobalAdminRole = jpaAttempt.transacted(() -> {
|
||||
// given
|
||||
context.define("customer-admin@xxx.example.com");
|
||||
|
||||
// when
|
||||
return (boolean) em.createNativeQuery("select rbac.hasGlobalAdminRole()").getSingleResult();
|
||||
}
|
||||
);
|
||||
|
||||
// then
|
||||
assertThat(hsGlobalAdminRole.returnedValue()).isFalse();
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,12 +10,14 @@ import net.hostsharing.hsadminng.rbac.role.RbacRoleRepository;
|
||||
import net.hostsharing.hsadminng.rbac.subject.RbacSubjectEntity;
|
||||
import net.hostsharing.hsadminng.rbac.subject.RbacSubjectRepository;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.apache.commons.lang3.RandomStringUtils;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Propagation;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
@ -31,8 +33,9 @@ import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional(readOnly = true, propagation = Propagation.NEVER)
|
||||
class RbacGrantControllerAcceptanceTest extends ContextBasedTest {
|
||||
|
||||
|
||||
@ -4,17 +4,20 @@ import io.restassured.RestAssured;
|
||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.rbac.subject.RbacSubjectRepository;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
|
||||
import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = HsadminNgApplication.class
|
||||
classes = {HsadminNgApplication.class, DisableSecurityConfig.class}
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
class RbacRoleControllerAcceptanceTest {
|
||||
|
||||
@LocalServerPort
|
||||
|
||||
@ -3,6 +3,7 @@ package net.hostsharing.hsadminng.rbac.role;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.mapper.StandardMapper;
|
||||
import net.hostsharing.hsadminng.persistence.EntityManagerWrapper;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
@ -11,6 +12,7 @@ import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.boot.test.mock.mockito.MockBean;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
@ -29,7 +31,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@WebMvcTest(RbacRoleController.class)
|
||||
@Import(StandardMapper.class)
|
||||
@Import({StandardMapper.class, DisableSecurityConfig.class})
|
||||
@ActiveProfiles("test")
|
||||
@RunWith(SpringRunner.class)
|
||||
class RbacRoleControllerRestTest {
|
||||
|
||||
|
||||
@ -5,11 +5,13 @@ import io.restassured.http.ContentType;
|
||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.UUID;
|
||||
@ -19,8 +21,9 @@ import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class RbacSubjectControllerAcceptanceTest {
|
||||
|
||||
|
||||
@ -3,6 +3,7 @@ package net.hostsharing.hsadminng.rbac.subject;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.mapper.StandardMapper;
|
||||
import net.hostsharing.hsadminng.persistence.EntityManagerWrapper;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@ -10,6 +11,7 @@ import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.boot.test.mock.mockito.MockBean;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
@ -24,7 +26,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@WebMvcTest(RbacSubjectController.class)
|
||||
@Import(StandardMapper.class)
|
||||
@Import({StandardMapper.class, DisableSecurityConfig.class})
|
||||
@ActiveProfiles("test")
|
||||
@RunWith(SpringRunner.class)
|
||||
class RbacSubjectControllerRestTest {
|
||||
|
||||
|
||||
@ -5,6 +5,7 @@ import io.restassured.http.ContentType;
|
||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
@ -12,6 +13,7 @@ import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import jakarta.persistence.EntityManager;
|
||||
@ -24,8 +26,9 @@ import static org.hamcrest.Matchers.*;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
|
||||
classes = { HsadminNgApplication.class, JpaAttempt.class }
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class, JpaAttempt.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class TestCustomerControllerAcceptanceTest {
|
||||
|
||||
|
||||
@ -4,6 +4,7 @@ import io.restassured.RestAssured;
|
||||
import io.restassured.http.ContentType;
|
||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||
import net.hostsharing.hsadminng.context.Context;
|
||||
import net.hostsharing.hsadminng.test.DisableSecurityConfig;
|
||||
import org.apache.commons.lang3.RandomStringUtils;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
@ -11,6 +12,7 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
|
||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.UUID;
|
||||
@ -22,8 +24,9 @@ import static org.hamcrest.Matchers.is;
|
||||
|
||||
@SpringBootTest(
|
||||
webEnvironment = WebEnvironment.RANDOM_PORT,
|
||||
classes = HsadminNgApplication.class
|
||||
classes = { HsadminNgApplication.class, DisableSecurityConfig.class }
|
||||
)
|
||||
@ActiveProfiles("test")
|
||||
@Transactional
|
||||
class TestPackageControllerAcceptanceTest {
|
||||
|
||||
|
||||
@ -38,27 +38,29 @@ class TestPackageRepositoryIntegrationTest extends ContextBasedTest {
|
||||
class FindAllByOptionalNameLike {
|
||||
|
||||
@Test
|
||||
public void globalAdmin_withoutAssumedRole_canNotViewAnyPackages_becauseThoseGrantsAreNotAssumed() {
|
||||
public void globalAdmin_withoutAssumedRole_canViewAllPackagesDueToBypassoOfRecursiveCteRbacQuery() {
|
||||
// given
|
||||
// alex is not just rbac.global-admin but lso the creating user, thus we use fran
|
||||
// alex is not just rbac.global-admin but also the creating user, thus we use fran
|
||||
context.define("superuser-fran@hostsharing.net");
|
||||
|
||||
// when
|
||||
final var result = testPackageRepository.findAllByOptionalNameLike(null);
|
||||
|
||||
// then
|
||||
noPackagesAreReturned(result);
|
||||
|
||||
exactlyThesePackagesAreReturned(result,
|
||||
"xxx00", "xxx01", "xxx02", "yyy00", "yyy01", "yyy02", "zzz00", "zzz01", "zzz02");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void globalAdmin_withAssumedglobalAdminRole__canNotViewAnyPackages_becauseThoseGrantsAreNotAssumed() {
|
||||
given:
|
||||
public void globalAdmin_withAssumedGlobalAdminRole__canNotViewAnyPackages_becauseThoseGrantsAreNotAssumed() {
|
||||
// given
|
||||
context.define("superuser-alex@hostsharing.net", "rbac.global#global:ADMIN");
|
||||
|
||||
// when
|
||||
final var result = testPackageRepository.findAllByOptionalNameLike(null);
|
||||
|
||||
then:
|
||||
// then
|
||||
noPackagesAreReturned(result);
|
||||
}
|
||||
|
||||
|
||||
@ -0,0 +1,19 @@
|
||||
package net.hostsharing.hsadminng.test;
|
||||
|
||||
import org.springframework.boot.test.context.TestConfiguration;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@TestConfiguration
|
||||
public class DisableSecurityConfig {
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(final HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeHttpRequests(auth -> auth.anyRequest().permitAll())
|
||||
.csrf(AbstractHttpConfigurer::disable);
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
@ -1,3 +1,13 @@
|
||||
|
||||
management:
|
||||
server:
|
||||
port: 8081
|
||||
address: 127.0.0.1
|
||||
endpoints:
|
||||
web:
|
||||
exposure:
|
||||
include: info, health, metrics
|
||||
|
||||
spring:
|
||||
sql:
|
||||
init:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user