2025-01-15 13:43:29 +01:00
4 changed files with 15 additions and 10 deletions
--- a/src/main/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContact.java
+++ b/src/main/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContact.java
@ -12,6 +12,7 @@ import lombok.experimental.SuperBuilder;
 import net.hostsharing.hsadminng.errors.DisplayAs;
 import net.hostsharing.hsadminng.mapper.PatchableMapWrapper;
 import net.hostsharing.hsadminng.persistence.BaseEntity;
+import net.hostsharing.hsadminng.rbac.role.WithRoleId;
 import net.hostsharing.hsadminng.repr.Stringify;
 import net.hostsharing.hsadminng.repr.Stringifyable;
 import org.hibernate.annotations.GenericGenerator;
@ -37,7 +38,7 @@ import static net.hostsharing.hsadminng.repr.Stringify.stringify;
@SuperBuilder(toBuilder = true)
@FieldNameConstants
@DisplayAs("Contact")
-public class HsOfficeContact implements Stringifyable, BaseEntity<HsOfficeContact> {
+public class HsOfficeContact implements Stringifyable, BaseEntity<HsOfficeContact>, WithRoleId {

    private static Stringify<HsOfficeContact> toString = stringify(HsOfficeContact.class, "contact")
            .withProp(Fields.caption, HsOfficeContact::getCaption)
--- a/src/main/java/net/hostsharing/hsadminng/hs/office/debitor/HsOfficeDebitorController.java
+++ b/src/main/java/net/hostsharing/hsadminng/hs/office/debitor/HsOfficeDebitorController.java
@ -228,6 +228,8 @@ public class HsOfficeDebitorController implements HsOfficeDebitorsApi {

    final BiConsumer<HsOfficeDebitorEntity, HsOfficeDebitorResource> ENTITY_TO_RESOURCE_POSTMAPPER = (entity, resource) -> {
        resource.setDebitorNumber(entity.getTaggedDebitorNumber());
-        resource.getPartner().setPartnerNumber(entity.getPartner().getTaggedPartnerNumber());
+        if (resource.getPartner() != null) { // FIXME: should not happen
+            resource.getPartner().setPartnerNumber(entity.getPartner().getTaggedPartnerNumber());
+        }
    };
 }
--- a/src/main/java/net/hostsharing/hsadminng/hs/office/partner/HsOfficePartnerEntity.java
+++ b/src/main/java/net/hostsharing/hsadminng/hs/office/partner/HsOfficePartnerEntity.java
@ -82,7 +82,9 @@ public class HsOfficePartnerEntity implements Stringifyable, BaseEntity<HsOffice
    public HsOfficePartnerEntity load() {
        BaseEntity.super.load();
        partnerRel.load();
-        details.load();
+        if (details != null) {
+            details.load();
+        }
        return this;
    }

--- a/src/test/java/net/hostsharing/hsadminng/hs/office/debitor/HsOfficeDebitorControllerAcceptanceTest.java
+++ b/src/test/java/net/hostsharing/hsadminng/hs/office/debitor/HsOfficeDebitorControllerAcceptanceTest.java
@ -10,7 +10,6 @@ import net.hostsharing.hsadminng.hs.office.partner.HsOfficePartnerRepository;
 import net.hostsharing.hsadminng.hs.office.person.HsOfficePersonRealRepository;
 import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealEntity;
 import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealRepository;
-import net.hostsharing.hsadminng.rbac.role.RbacRoleType;
 import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
 import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
 import net.hostsharing.hsadminng.config.DisableSecurityConfig;
@ -29,6 +28,7 @@ import jakarta.persistence.PersistenceContext;
 import java.util.UUID;

 import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.DEBITOR;
+import static net.hostsharing.hsadminng.rbac.role.RbacRoleType.ADMIN;
 import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
 import static net.hostsharing.hsadminng.test.JsonMatcher.lenientlyEquals;
 import static org.assertj.core.api.Assertions.assertThat;
@ -696,7 +696,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
        }

        @Test
-        void theContactOwner_canNotPatchARelatedDebitor() {
+        void theContactAdmin_canNotPatchARelatedDebitor() {

            context.define("superuser-alex@hostsharing.net");
            final var givenDebitor = givenSomeTemporaryDebitor();
@ -705,7 +705,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
            RestAssured // @formatter:off
                    .given()
                    .header("current-subject", "superuser-alex@hostsharing.net")
-                    .header("assumed-roles", givenDebitor.getDebitorRel().roleId(RbacRoleType.ADMIN) )
+                    .header("assumed-roles", givenDebitor.getDebitorRel().getContact().roleId(ADMIN) )
                    .contentType(ContentType.JSON)
                    .body("""
                           {
@ -714,11 +714,11 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
                        """)
                    .port(port)
                    .when()
-                    .patch("http://localhost/api/hs/office/debitors/" + givenDebitor.getUuid())
+                        .patch("http://localhost/api/hs/office/debitors/" + givenDebitor.getUuid())
                    .then().log().all().assertThat()
-                    .statusCode(403)
-                    .body("message", containsString("ERROR: [403] Subject"))
-                    .body("message", containsString("is not allowed to update hs_office.debitor uuid "));
+                        .statusCode(403)
+                        .body("message", containsString("ERROR: [403] Subject"))
+                        .body("message", containsString("is not allowed to update hs_office.debitor uuid "));

        }
    }