Upgrade to SpringBoot 3.4.1 and dependencies #147
@ -12,6 +12,7 @@ import lombok.experimental.SuperBuilder;
|
|||||||
import net.hostsharing.hsadminng.errors.DisplayAs;
|
import net.hostsharing.hsadminng.errors.DisplayAs;
|
||||||
import net.hostsharing.hsadminng.mapper.PatchableMapWrapper;
|
import net.hostsharing.hsadminng.mapper.PatchableMapWrapper;
|
||||||
import net.hostsharing.hsadminng.persistence.BaseEntity;
|
import net.hostsharing.hsadminng.persistence.BaseEntity;
|
||||||
|
import net.hostsharing.hsadminng.rbac.role.WithRoleId;
|
||||||
import net.hostsharing.hsadminng.repr.Stringify;
|
import net.hostsharing.hsadminng.repr.Stringify;
|
||||||
import net.hostsharing.hsadminng.repr.Stringifyable;
|
import net.hostsharing.hsadminng.repr.Stringifyable;
|
||||||
import org.hibernate.annotations.GenericGenerator;
|
import org.hibernate.annotations.GenericGenerator;
|
||||||
@ -37,7 +38,7 @@ import static net.hostsharing.hsadminng.repr.Stringify.stringify;
|
|||||||
@SuperBuilder(toBuilder = true)
|
@SuperBuilder(toBuilder = true)
|
||||||
@FieldNameConstants
|
@FieldNameConstants
|
||||||
@DisplayAs("Contact")
|
@DisplayAs("Contact")
|
||||||
public class HsOfficeContact implements Stringifyable, BaseEntity<HsOfficeContact> {
|
public class HsOfficeContact implements Stringifyable, BaseEntity<HsOfficeContact>, WithRoleId {
|
||||||
|
|
||||||
private static Stringify<HsOfficeContact> toString = stringify(HsOfficeContact.class, "contact")
|
private static Stringify<HsOfficeContact> toString = stringify(HsOfficeContact.class, "contact")
|
||||||
.withProp(Fields.caption, HsOfficeContact::getCaption)
|
.withProp(Fields.caption, HsOfficeContact::getCaption)
|
||||||
|
@ -228,6 +228,8 @@ public class HsOfficeDebitorController implements HsOfficeDebitorsApi {
|
|||||||
|
|
||||||
final BiConsumer<HsOfficeDebitorEntity, HsOfficeDebitorResource> ENTITY_TO_RESOURCE_POSTMAPPER = (entity, resource) -> {
|
final BiConsumer<HsOfficeDebitorEntity, HsOfficeDebitorResource> ENTITY_TO_RESOURCE_POSTMAPPER = (entity, resource) -> {
|
||||||
resource.setDebitorNumber(entity.getTaggedDebitorNumber());
|
resource.setDebitorNumber(entity.getTaggedDebitorNumber());
|
||||||
resource.getPartner().setPartnerNumber(entity.getPartner().getTaggedPartnerNumber());
|
if (resource.getPartner() != null) { // FIXME: should not happen
|
||||||
|
resource.getPartner().setPartnerNumber(entity.getPartner().getTaggedPartnerNumber());
|
||||||
|
}
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -82,7 +82,9 @@ public class HsOfficePartnerEntity implements Stringifyable, BaseEntity<HsOffice
|
|||||||
public HsOfficePartnerEntity load() {
|
public HsOfficePartnerEntity load() {
|
||||||
BaseEntity.super.load();
|
BaseEntity.super.load();
|
||||||
partnerRel.load();
|
partnerRel.load();
|
||||||
details.load();
|
if (details != null) {
|
||||||
|
details.load();
|
||||||
|
}
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -10,7 +10,6 @@ import net.hostsharing.hsadminng.hs.office.partner.HsOfficePartnerRepository;
|
|||||||
import net.hostsharing.hsadminng.hs.office.person.HsOfficePersonRealRepository;
|
import net.hostsharing.hsadminng.hs.office.person.HsOfficePersonRealRepository;
|
||||||
import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealEntity;
|
import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealEntity;
|
||||||
import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealRepository;
|
import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationRealRepository;
|
||||||
import net.hostsharing.hsadminng.rbac.role.RbacRoleType;
|
|
||||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||||
import net.hostsharing.hsadminng.config.DisableSecurityConfig;
|
import net.hostsharing.hsadminng.config.DisableSecurityConfig;
|
||||||
@ -29,6 +28,7 @@ import jakarta.persistence.PersistenceContext;
|
|||||||
import java.util.UUID;
|
import java.util.UUID;
|
||||||
|
|
||||||
import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.DEBITOR;
|
import static net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationType.DEBITOR;
|
||||||
|
import static net.hostsharing.hsadminng.rbac.role.RbacRoleType.ADMIN;
|
||||||
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
|
import static net.hostsharing.hsadminng.rbac.test.IsValidUuidMatcher.isUuidValid;
|
||||||
import static net.hostsharing.hsadminng.test.JsonMatcher.lenientlyEquals;
|
import static net.hostsharing.hsadminng.test.JsonMatcher.lenientlyEquals;
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
@ -696,7 +696,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void theContactOwner_canNotPatchARelatedDebitor() {
|
void theContactAdmin_canNotPatchARelatedDebitor() {
|
||||||
|
|
||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var givenDebitor = givenSomeTemporaryDebitor();
|
final var givenDebitor = givenSomeTemporaryDebitor();
|
||||||
@ -705,7 +705,7 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
RestAssured // @formatter:off
|
RestAssured // @formatter:off
|
||||||
.given()
|
.given()
|
||||||
.header("current-subject", "superuser-alex@hostsharing.net")
|
.header("current-subject", "superuser-alex@hostsharing.net")
|
||||||
.header("assumed-roles", givenDebitor.getDebitorRel().roleId(RbacRoleType.ADMIN) )
|
.header("assumed-roles", givenDebitor.getDebitorRel().getContact().roleId(ADMIN) )
|
||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.body("""
|
.body("""
|
||||||
{
|
{
|
||||||
@ -714,11 +714,11 @@ class HsOfficeDebitorControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
""")
|
""")
|
||||||
.port(port)
|
.port(port)
|
||||||
.when()
|
.when()
|
||||||
.patch("http://localhost/api/hs/office/debitors/" + givenDebitor.getUuid())
|
.patch("http://localhost/api/hs/office/debitors/" + givenDebitor.getUuid())
|
||||||
.then().log().all().assertThat()
|
.then().log().all().assertThat()
|
||||||
.statusCode(403)
|
.statusCode(403)
|
||||||
.body("message", containsString("ERROR: [403] Subject"))
|
.body("message", containsString("ERROR: [403] Subject"))
|
||||||
.body("message", containsString("is not allowed to update hs_office.debitor uuid "));
|
.body("message", containsString("is not allowed to update hs_office.debitor uuid "));
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user