hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

introduce-hosting-module #46

Merged
hsh-michaelhoennig merged 11 commits from introduce-hosting-module into master 2024-04-23 11:14:49 +02:00
Conversation 0 Commits 11 Files Changed 28 +1990 -2
22 changed files with 1990 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 29fdad5f31 - Show all commits

12
build.gradle
View File

@ -158,6 +158,15 @@ openapiProcessor {
showWarnings true showWarnings true
openApiNullable true openApiNullable true
} }
springHsHosting {
processorName 'spring'
processor 'io.openapiprocessor:openapi-processor-spring:2022.5'
apiPath "$projectDir/src/main/resources/api-definition/hs-hosting/hs-hosting.yaml"
mapping "$projectDir/src/main/resources/api-definition/hs-hosting/api-mappings.yaml"
targetDir "$buildDir/generated/sources/openapi-javax"
showWarnings true
openApiNullable true
}
} }
sourceSets.main.java.srcDir 'build/generated/sources/openapi' sourceSets.main.java.srcDir 'build/generated/sources/openapi'
abstract class ProcessSpring extends DefaultTask {} abstract class ProcessSpring extends DefaultTask {}
@ -166,7 +175,8 @@ tasks.register('processSpring', ProcessSpring)
'processSpringRbac', 'processSpringRbac',
'processSpringTest', 'processSpringTest',
'processSpringHsOffice', 'processSpringHsOffice',
'processSpringHsBooking' 'processSpringHsBooking',
'processSpringHsHosting'
].each { ].each {
project.tasks.processSpring.dependsOn it project.tasks.processSpring.dependsOn it
} }

133
src/main/java/net/hostsharing/hsadminng/hs/hosting/managedserver/HsManagedServerController.java Normal file
View File

@ -0,0 +1,133 @@
package net.hostsharing.hsadminng.hs.hosting.managedserver;
import net.hostsharing.hsadminng.hs.hosting.generated.api.v1.api.HsHostingManagedserversApi;
import net.hostsharing.hsadminng.context.Context;
import net.hostsharing.hsadminng.hs.hosting.generated.api.v1.model.HsManagedServerInsertResource;
import net.hostsharing.hsadminng.hs.hosting.generated.api.v1.model.HsManagedServerPatchResource;
import net.hostsharing.hsadminng.hs.hosting.generated.api.v1.model.HsManagedServerResource;
import net.hostsharing.hsadminng.mapper.KeyValueMap;
import net.hostsharing.hsadminng.mapper.Mapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.mvc.method.annotation.MvcUriComponentsBuilder;
import java.util.List;
import java.util.UUID;
import java.util.function.BiConsumer;
import static net.hostsharing.hsadminng.mapper.PostgresDateRange.toPostgresDateRange;
@RestController
public class HsManagedServerController implements HsHostingManagedserversApi {
@Autowired
private Context context;
@Autowired
private Mapper mapper;
@Autowired
private HsManagedServerRepository managedServerRepo;
@Override
@Transactional(readOnly = true)
public ResponseEntity<List<HsManagedServerResource>> listManagedServersByDebitorUuid(
final String currentUser,
final String assumedRoles,
final UUID debitorUuid) {
context.define(currentUser, assumedRoles);
final var entities = managedServerRepo.findAllByDebitorUuid(debitorUuid);
final var resources = mapper.mapList(entities, HsManagedServerResource.class, ENTITY_TO_RESOURCE_POSTMAPPER);
return ResponseEntity.ok(resources);
}
@Override
@Transactional
public ResponseEntity<HsManagedServerResource> addManagedServer(
final String currentUser,
final String assumedRoles,
final HsManagedServerInsertResource body) {
context.define(currentUser, assumedRoles);
final var entityToSave = mapper.map(body, HsManagedServerEntity.class, RESOURCE_TO_ENTITY_POSTMAPPER);
final var saved = managedServerRepo.save(entityToSave);
final var uri =
MvcUriComponentsBuilder.fromController(getClass())
.path("/api/hs/hosting/managedservers/{id}")
.buildAndExpand(saved.getUuid())
.toUri();
final var mapped = mapper.map(saved, HsManagedServerResource.class, ENTITY_TO_RESOURCE_POSTMAPPER);
return ResponseEntity.created(uri).body(mapped);
}
@Override
@Transactional(readOnly = true)
public ResponseEntity<HsManagedServerResource> getManagedServerByUuid(
final String currentUser,
final String assumedRoles,
final UUID managedServerUuid) {
context.define(currentUser, assumedRoles);
final var result = managedServerRepo.findByUuid(managedServerUuid);
return result
.map(managedServerEntity -> ResponseEntity.ok(
mapper.map(managedServerEntity, HsManagedServerResource.class, ENTITY_TO_RESOURCE_POSTMAPPER)))
.orElseGet(() -> ResponseEntity.notFound().build());
}
@Override
@Transactional
public ResponseEntity<Void> deleteManagedServerUuid(
final String currentUser,
final String assumedRoles,
final UUID managedServerUuid) {
context.define(currentUser, assumedRoles);
final var result = managedServerRepo.deleteByUuid(managedServerUuid);
return result == 0
? ResponseEntity.notFound().build()
: ResponseEntity.noContent().build();
}
@Override
@Transactional
public ResponseEntity<HsManagedServerResource> patchManagedServer(
final String currentUser,
final String assumedRoles,
final UUID managedServerUuid,
final HsManagedServerPatchResource body) {
context.define(currentUser, assumedRoles);
final var current = managedServerRepo.findByUuid(managedServerUuid).orElseThrow();
new HsManagedServerEntityPatcher(current).apply(body);
final var saved = managedServerRepo.save(current);
final var mapped = mapper.map(saved, HsManagedServerResource.class, ENTITY_TO_RESOURCE_POSTMAPPER);
return ResponseEntity.ok(mapped);
}
final BiConsumer<HsManagedServerEntity, HsManagedServerResource> ENTITY_TO_RESOURCE_POSTMAPPER = (entity, resource) -> {
resource.setValidFrom(entity.getValidity().lower());
if (entity.getValidity().hasUpperBound()) {
resource.setValidTo(entity.getValidity().upper().minusDays(1));
}
};
@SuppressWarnings("unchecked")
final BiConsumer<HsManagedServerInsertResource, HsManagedServerEntity> RESOURCE_TO_ENTITY_POSTMAPPER = (resource, entity) -> {
entity.setValidity(toPostgresDateRange(resource.getValidFrom(), resource.getValidTo()));
entity.putConfig(KeyValueMap.from(resource.getConfig()));
};
}

169
src/main/java/net/hostsharing/hsadminng/hs/hosting/managedserver/HsManagedServerEntity.java Normal file
View File

@ -0,0 +1,169 @@
package net.hostsharing.hsadminng.hs.hosting.managedserver;
import io.hypersistence.utils.hibernate.type.json.JsonType;
import io.hypersistence.utils.hibernate.type.range.PostgreSQLRangeType;
import io.hypersistence.utils.hibernate.type.range.Range;
import lombok.AccessLevel;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
import net.hostsharing.hsadminng.mapper.PatchableMapWrapper;
import net.hostsharing.hsadminng.rbac.rbacdef.RbacView;
import net.hostsharing.hsadminng.rbac.rbacdef.RbacView.SQL;
import net.hostsharing.hsadminng.rbac.rbacobject.RbacObject;
import net.hostsharing.hsadminng.stringify.Stringify;
import net.hostsharing.hsadminng.stringify.Stringifyable;
import org.hibernate.annotations.Type;
import jakarta.persistence.Column;
import jakarta.persistence.Entity;
import jakarta.persistence.GeneratedValue;
import jakarta.persistence.Id;
import jakarta.persistence.JoinColumn;
import jakarta.persistence.ManyToOne;
import jakarta.persistence.Table;
import jakarta.persistence.Transient;
import jakarta.persistence.Version;
import java.io.IOException;
import java.time.LocalDate;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import static java.util.Optional.ofNullable;
import static net.hostsharing.hsadminng.mapper.PostgresDateRange.lowerInclusiveFromPostgresDateRange;
import static net.hostsharing.hsadminng.mapper.PostgresDateRange.toPostgresDateRange;
import static net.hostsharing.hsadminng.mapper.PostgresDateRange.upperInclusiveFromPostgresDateRange;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Column.dependsOnColumn;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Nullable.NOT_NULL;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.DELETE;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.INSERT;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.SELECT;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.UPDATE;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.ADMIN;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.OWNER;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.TENANT;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.SQL.directlyFetchedByDependsOnColumn;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.rbacViewFor;
import static net.hostsharing.hsadminng.stringify.Stringify.stringify;
@Builder
@Entity
@Table(name = "hs_hosting_managedserver_rv")
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
public class HsManagedServerEntity implements Stringifyable, RbacObject {
private static Stringify<HsManagedServerEntity> stringify = stringify(HsManagedServerEntity.class)
.withProp(e -> e.getBookingItem().toShortString())
.withProp(e -> e.getValidity().asString())
.withProp(HsManagedServerEntity::getCaption)
.withProp(HsManagedServerEntity::getConfig)
.quotedValues(false);
@Id
@GeneratedValue
private UUID uuid;
@Version
private int version;
@ManyToOne(optional = false)
@JoinColumn(name = "bookingitemuuid")
private HsBookingItemEntity bookingItem;
@Builder.Default
@Type(PostgreSQLRangeType.class)
@Column(name = "validity", columnDefinition = "daterange")
private Range<LocalDate> validity = Range.emptyRange(LocalDate.class);
@Column(name = "caption")
private String caption;
@Builder.Default
@Setter(AccessLevel.NONE)
@Type(JsonType.class)
@Column(columnDefinition = "config")
private Map<String, Object> config = new HashMap<>();
@Transient
private PatchableMapWrapper configWrapper;
public void setValidFrom(final LocalDate validFrom) {
setValidity(toPostgresDateRange(validFrom, getValidTo()));
}
public void setValidTo(final LocalDate validTo) {
setValidity(toPostgresDateRange(getValidFrom(), validTo));
}
public LocalDate getValidFrom() {
return lowerInclusiveFromPostgresDateRange(getValidity());
}
public LocalDate getValidTo() {
return upperInclusiveFromPostgresDateRange(getValidity());
}
public PatchableMapWrapper getConfig() {
if ( configWrapper == null ) {
configWrapper = new PatchableMapWrapper(config);
}
return configWrapper;
}
public void putConfig(Map<String, Object> entries) {
if ( configWrapper == null ) {
configWrapper = new PatchableMapWrapper(config);
}
configWrapper.assign(entries);
}
@Override
public String toString() {
return stringify.apply(this);
}
@Override
public String toShortString() {
return ofNullable(bookingItem).map(HsBookingItemEntity::toShortString).orElse("D-???????:?") +
":" + caption;
}
public static RbacView rbac() {
return rbacViewFor("managedServer", HsManagedServerEntity.class)
.withIdentityView(SQL.query("""
SELECT server.uuid as uuid, bookingItemIV.idName || ':' || cleanIdentifier(server.caption) as idName
FROM hs_hosting_managedserver server
JOIN hs_booking_item_iv bookingItemIV ON bookingItemIV.uuid = server.bookingItemUuid
"""))
.withRestrictedViewOrderBy(SQL.expression("validity"))
.withUpdatableColumns("version", "caption", "validity", "config")
.importEntityAlias("bookingItem", HsBookingItemEntity.class,
dependsOnColumn("bookingItemUuid"),
directlyFetchedByDependsOnColumn(),
NOT_NULL)
.toRole("bookingItem", ADMIN).grantPermission(INSERT)
.toRole("global", ADMIN).grantPermission(DELETE)
.createRole(OWNER, (with) -> {
with.incomingSuperRole("bookingItem", ADMIN);
with.permission(UPDATE);
})
.createSubRole(ADMIN)
.createSubRole(TENANT, (with) -> {
with.outgoingSubRole("bookingItem", TENANT);
with.permission(SELECT);
});
}
public static void main(String[] args) throws IOException {
rbac().generateWithBaseFileName("7-hs-hosting/701-hosting-managedserver/7013-hs-hosting-managedserver-rbac");
}
}

28
src/main/java/net/hostsharing/hsadminng/hs/hosting/managedserver/HsManagedServerEntityPatcher.java Normal file
View File

@ -0,0 +1,28 @@
package net.hostsharing.hsadminng.hs.hosting.managedserver;
import net.hostsharing.hsadminng.hs.hosting.generated.api.v1.model.HsManagedServerPatchResource;
import net.hostsharing.hsadminng.mapper.EntityPatcher;
import net.hostsharing.hsadminng.mapper.KeyValueMap;
import net.hostsharing.hsadminng.mapper.OptionalFromJson;
import java.util.Optional;
public class HsManagedServerEntityPatcher implements EntityPatcher<HsManagedServerPatchResource> {
private final HsManagedServerEntity entity;
public HsManagedServerEntityPatcher(final HsManagedServerEntity entity) {
this.entity = entity;
}
@Override
public void apply(final HsManagedServerPatchResource resource) {
OptionalFromJson.of(resource.getCaption())
.ifPresent(entity::setCaption);
Optional.ofNullable(resource.getConfig())
.ifPresent(r -> entity.getConfig().patch(KeyValueMap.from(resource.getConfig())));
OptionalFromJson.of(resource.getValidTo())
.ifPresent(entity::setValidTo);
}
}

26
src/main/java/net/hostsharing/hsadminng/hs/hosting/managedserver/HsManagedServerRepository.java Normal file
View File

@ -0,0 +1,26 @@
package net.hostsharing.hsadminng.hs.hosting.managedserver;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.Repository;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
public interface HsManagedServerRepository extends Repository<HsManagedServerEntity, UUID> {
List<HsManagedServerEntity> findAll();
Optional<HsManagedServerEntity> findByUuid(final UUID managedServerUuid);
@Query("""
SELECT s FROM HsManagedServerEntity s
WHERE s.bookingItem.debitor.uuid = :debitorUuid
""")
List<HsManagedServerEntity> findAllByDebitorUuid(final UUID debitorUuid);
HsManagedServerEntity save(HsManagedServerEntity current);
int deleteByUuid(final UUID uuid);
long count();
}

17
src/main/resources/api-definition/hs-hosting/api-mappings.yaml Normal file
View File

@ -0,0 +1,17 @@
openapi-processor-mapping: v2
options:
package-name: net.hostsharing.hsadminng.hs.hosting.generated.api.v1
model-name-suffix: Resource
bean-validation: true
map:
result: org.springframework.http.ResponseEntity
types:
- type: array => java.util.List
- type: string:uuid => java.util.UUID
paths:
/api/hs/hosting/managedservers/{managedServerUuid}:
null: org.openapitools.jackson.nullable.JsonNullable

20
src/main/resources/api-definition/hs-hosting/auth.yaml Normal file
View File

@ -0,0 +1,20 @@
components:
parameters:
currentUser:
name: current-user
in: header
required: true
schema:
type: string
description: Identifying name of the currently logged in user.
assumedRoles:
name: assumed-roles
in: header
required: false
schema:
type: string
description: Semicolon-separated list of roles to assume. The current user needs to have the right to assume these roles.

40
src/main/resources/api-definition/hs-hosting/error-responses.yaml Normal file
View File

@ -0,0 +1,40 @@
components:
responses:
NotFound:
description: The specified was not found.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
Unauthorized:
description: The current user is unknown or not authorized.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
Forbidden:
description: The current user or none of the assumed or roles is granted access to the resource.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
Conflict:
description: The request could not be completed due to a conflict with the current state of the target resource.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
schemas:
Error:
type: object
properties:
code:
type: string
message:
type: string
required:
- code
- message

93
src/main/resources/api-definition/hs-hosting/hs-hosting-managedserver-schemas.yaml Normal file
View File

@ -0,0 +1,93 @@
components:
schemas:
HsManagedServer:
type: object
properties:
uuid:
type: string
format: uuid
caption:
type: string
validFrom:
type: string
format: date
validTo:
type: string
format: date
config:
$ref: '#/components/schemas/ManagedServerConfiguration'
required:
- uuid
- validFrom
- validTo
- config
HsManagedServerPatch:
type: object
properties:
caption:
type: string
nullable: true
validTo:
type: string
format: date
nullable: true
config:
$ref: '#/components/schemas/ManagedServerConfiguration'
HsManagedServerInsert:
type: object
properties:
bookingItemUuid:
type: string
format: uuid
nullable: false
caption:
type: string
minLength: 3
maxLength: 80
nullable: false
validFrom:
type: string
format: date
nullable: false
validTo:
type: string
format: date
nullable: true
config:
$ref: '#/components/schemas/ManagedServerConfiguration'
required:
- caption
- debitorUuid
- validFrom
- config
additionalProperties: false
ManagedServerConfiguration:
# forces generating a java.lang.Object containing a Map, instead of class ManagedServerConfiguration
anyOf:
- type: object
properties:
caption:
type: string
minLength: 3
maxLength: 80
nullable: false
CPU:
type: integer
minimum: 1
maximum: 16
SSD:
type: integer
minimum: 16
maximum: 4096
HDD:
type: integer
minimum: 16
maximum: 4096
additionalProperties: true

83
src/main/resources/api-definition/hs-hosting/hs-hosting-managedservers-with-uuid.yaml Normal file
View File

@ -0,0 +1,83 @@
get:
tags:
- hs-hosting-managedservers
description: 'Fetch a single managed server by its uuid, if visible for the current subject.'
operationId: getManagedServerByUuid
parameters:
- $ref: 'auth.yaml#/components/parameters/currentUser'
- $ref: 'auth.yaml#/components/parameters/assumedRoles'
- name: managedServerUuid
in: path
required: true
schema:
type: string
format: uuid
description: UUID of the managed server to fetch.
responses:
"200":
description: OK
content:
'application/json':
schema:
$ref: 'hs-hosting-managedserver-schemas.yaml#/components/schemas/HsManagedServer'
"401":
$ref: 'error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: 'error-responses.yaml#/components/responses/Forbidden'
patch:
tags:
- hs-hosting-managedservers
description: 'Updates a single managed server identified by its uuid, if permitted for the current subject.'
operationId: patchManagedServer
parameters:
- $ref: 'auth.yaml#/components/parameters/currentUser'
- $ref: 'auth.yaml#/components/parameters/assumedRoles'
- name: managedServerUuid
in: path
required: true
schema:
type: string
format: uuid
requestBody:
content:
'application/json':
schema:
$ref: 'hs-hosting-managedserver-schemas.yaml#/components/schemas/HsManagedServerPatch'
responses:
"200":
description: OK
content:
'application/json':
schema:
$ref: 'hs-hosting-managedserver-schemas.yaml#/components/schemas/HsManagedServer'
"401":
$ref: 'error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: 'error-responses.yaml#/components/responses/Forbidden'
delete:
tags:
- hs-hosting-managedservers
description: 'Delete a single managed server identified by its uuid, if permitted for the current subject.'
operationId: deleteManagedServerUuid
parameters:
- $ref: 'auth.yaml#/components/parameters/currentUser'
- $ref: 'auth.yaml#/components/parameters/assumedRoles'
- name: managedServerUuid
in: path
required: true
schema:
type: string
format: uuid
description: UUID of the managed server to delete.
responses:
"204":
description: No Content
"401":
$ref: 'error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: 'error-responses.yaml#/components/responses/Forbidden'
"404":
$ref: 'error-responses.yaml#/components/responses/NotFound'

58
src/main/resources/api-definition/hs-hosting/hs-hosting-managedservers.yaml Normal file
View File

@ -0,0 +1,58 @@
get:
summary: Returns a list of all managed servers for a specified debitor.
description: Returns the list of all managed servers for a debitor which are visible to the current user or any of it's assumed roles.
tags:
- hs-hosting-managedservers
operationId: listManagedServersByDebitorUuid
parameters:
- $ref: 'auth.yaml#/components/parameters/currentUser'
- $ref: 'auth.yaml#/components/parameters/assumedRoles'
- name: debitorUuid
in: query
required: true
schema:
type: string
format: uuid
description: The UUID of the debitor, whose managed servers are to be listed.
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: 'hs-hosting-managedserver-schemas.yaml#/components/schemas/HsManagedServer'
"401":
$ref: 'error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: 'error-responses.yaml#/components/responses/Forbidden'
post:
summary: Adds a new managed server.
tags:
- hs-hosting-managedservers
operationId: addManagedServer
parameters:
- $ref: 'auth.yaml#/components/parameters/currentUser'
- $ref: 'auth.yaml#/components/parameters/assumedRoles'
requestBody:
description: A JSON object describing the new managed server.
required: true
content:
application/json:
schema:
$ref: 'hs-hosting-managedserver-schemas.yaml#/components/schemas/HsManagedServerInsert'
responses:
"201":
description: Created
content:
'application/json':
schema:
$ref: 'hs-hosting-managedserver-schemas.yaml#/components/schemas/HsManagedServer'
"401":
$ref: 'error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: 'error-responses.yaml#/components/responses/Forbidden'
"409":
$ref: 'error-responses.yaml#/components/responses/Conflict'

17
src/main/resources/api-definition/hs-hosting/hs-hosting.yaml Normal file
View File

@ -0,0 +1,17 @@
openapi: 3.0.3
info:
title: Hostsharing hsadmin-ng API
version: v0
servers:
- url: http://localhost:8080
description: Local development default URL.
paths:
# Items
/api/hs/hosting/managedservers:
$ref: "hs-hosting-managedservers.yaml"
/api/hs/hosting/managedservers/{managedServerUuid}:
$ref: "hs-hosting-managedservers-with-uuid.yaml"

24
src/main/resources/db/changelog/7-hs-hosting/701-hosting-managedserver/7010-hs-hosting-managedserver.sql Normal file
View File

@ -0,0 +1,24 @@
--liquibase formatted sql
-- ============================================================================
--changeset hosting-managedserver-MAIN-TABLE:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create table if not exists hs_hosting_managedserver
(
uuid uuid unique references RbacObject (uuid),
version int not null default 0,
bookingItemUuid uuid not null references hs_booking_item(uuid),
validity daterange not null,
caption varchar(80) not null,
config jsonb not null
);
--//
-- ============================================================================
--changeset hs-hosting-managedserver-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call create_journal('hs_hosting_managedserver');
--//

302
src/main/resources/db/changelog/7-hs-hosting/701-hosting-managedserver/7013-hs-hosting-managedserver-rbac.md Normal file
View File

@ -0,0 +1,302 @@
### rbac managedServer
This code generated was by RbacViewMermaidFlowchartGenerator, do not amend manually.
```mermaid
%%{init:{'flowchart':{'htmlLabels':false}}}%%
flowchart TB
subgraph managedServer["`**managedServer**`"]
direction TB
style managedServer fill:#dd4901,stroke:#274d6e,stroke-width:8px
subgraph managedServer:roles[ ]
style managedServer:roles fill:#dd4901,stroke:white
role:managedServer:OWNER[[managedServer:OWNER]]
role:managedServer:ADMIN[[managedServer:ADMIN]]
role:managedServer:TENANT[[managedServer:TENANT]]
end
subgraph managedServer:permissions[ ]
style managedServer:permissions fill:#dd4901,stroke:white
perm:managedServer:INSERT{{managedServer:INSERT}}
perm:managedServer:DELETE{{managedServer:DELETE}}
perm:managedServer:UPDATE{{managedServer:UPDATE}}
perm:managedServer:SELECT{{managedServer:SELECT}}
end
end
subgraph bookingItem.debitor.debitorRel.anchorPerson["`**bookingItem.debitor.debitorRel.anchorPerson**`"]
direction TB
style bookingItem.debitor.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitor.debitorRel.anchorPerson:roles[ ]
style bookingItem.debitor.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
role:bookingItem.debitor.debitorRel.anchorPerson:OWNER[[bookingItem.debitor.debitorRel.anchorPerson:OWNER]]
role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN[[bookingItem.debitor.debitorRel.anchorPerson:ADMIN]]
role:bookingItem.debitor.debitorRel.anchorPerson:REFERRER[[bookingItem.debitor.debitorRel.anchorPerson:REFERRER]]
end
end
subgraph bookingItem.debitor.partnerRel.contact["`**bookingItem.debitor.partnerRel.contact**`"]
direction TB
style bookingItem.debitor.partnerRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitor.partnerRel.contact:roles[ ]
style bookingItem.debitor.partnerRel.contact:roles fill:#99bcdb,stroke:white
role:bookingItem.debitor.partnerRel.contact:OWNER[[bookingItem.debitor.partnerRel.contact:OWNER]]
role:bookingItem.debitor.partnerRel.contact:ADMIN[[bookingItem.debitor.partnerRel.contact:ADMIN]]
role:bookingItem.debitor.partnerRel.contact:REFERRER[[bookingItem.debitor.partnerRel.contact:REFERRER]]
end
end
subgraph bookingItem["`**bookingItem**`"]
direction TB
style bookingItem fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem:roles[ ]
style bookingItem:roles fill:#99bcdb,stroke:white
role:bookingItem:OWNER[[bookingItem:OWNER]]
role:bookingItem:ADMIN[[bookingItem:ADMIN]]
role:bookingItem:TENANT[[bookingItem:TENANT]]
end
end
subgraph bookingItem.debitor.partnerRel["`**bookingItem.debitor.partnerRel**`"]
direction TB
style bookingItem.debitor.partnerRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitor.partnerRel:roles[ ]
style bookingItem.debitor.partnerRel:roles fill:#99bcdb,stroke:white
role:bookingItem.debitor.partnerRel:OWNER[[bookingItem.debitor.partnerRel:OWNER]]
role:bookingItem.debitor.partnerRel:ADMIN[[bookingItem.debitor.partnerRel:ADMIN]]
role:bookingItem.debitor.partnerRel:AGENT[[bookingItem.debitor.partnerRel:AGENT]]
role:bookingItem.debitor.partnerRel:TENANT[[bookingItem.debitor.partnerRel:TENANT]]
end
end
subgraph bookingItem.debitor.partnerRel.anchorPerson["`**bookingItem.debitor.partnerRel.anchorPerson**`"]
direction TB
style bookingItem.debitor.partnerRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitor.partnerRel.anchorPerson:roles[ ]
style bookingItem.debitor.partnerRel.anchorPerson:roles fill:#99bcdb,stroke:white
role:bookingItem.debitor.partnerRel.anchorPerson:OWNER[[bookingItem.debitor.partnerRel.anchorPerson:OWNER]]
role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN[[bookingItem.debitor.partnerRel.anchorPerson:ADMIN]]
role:bookingItem.debitor.partnerRel.anchorPerson:REFERRER[[bookingItem.debitor.partnerRel.anchorPerson:REFERRER]]
end
end
subgraph bookingItem.debitorRel["`**bookingItem.debitorRel**`"]
direction TB
style bookingItem.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitorRel:roles[ ]
style bookingItem.debitorRel:roles fill:#99bcdb,stroke:white
role:bookingItem.debitorRel:OWNER[[bookingItem.debitorRel:OWNER]]
role:bookingItem.debitorRel:ADMIN[[bookingItem.debitorRel:ADMIN]]
role:bookingItem.debitorRel:AGENT[[bookingItem.debitorRel:AGENT]]
role:bookingItem.debitorRel:TENANT[[bookingItem.debitorRel:TENANT]]
end
end
subgraph bookingItem.debitorRel.anchorPerson["`**bookingItem.debitorRel.anchorPerson**`"]
direction TB
style bookingItem.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitorRel.anchorPerson:roles[ ]
style bookingItem.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
role:bookingItem.debitorRel.anchorPerson:OWNER[[bookingItem.debitorRel.anchorPerson:OWNER]]
role:bookingItem.debitorRel.anchorPerson:ADMIN[[bookingItem.debitorRel.anchorPerson:ADMIN]]
role:bookingItem.debitorRel.anchorPerson:REFERRER[[bookingItem.debitorRel.anchorPerson:REFERRER]]
end
end
subgraph bookingItem.debitor.partnerRel.holderPerson["`**bookingItem.debitor.partnerRel.holderPerson**`"]
direction TB
style bookingItem.debitor.partnerRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitor.partnerRel.holderPerson:roles[ ]
style bookingItem.debitor.partnerRel.holderPerson:roles fill:#99bcdb,stroke:white
role:bookingItem.debitor.partnerRel.holderPerson:OWNER[[bookingItem.debitor.partnerRel.holderPerson:OWNER]]
role:bookingItem.debitor.partnerRel.holderPerson:ADMIN[[bookingItem.debitor.partnerRel.holderPerson:ADMIN]]
role:bookingItem.debitor.partnerRel.holderPerson:REFERRER[[bookingItem.debitor.partnerRel.holderPerson:REFERRER]]
end
end
subgraph bookingItem.debitorRel.contact["`**bookingItem.debitorRel.contact**`"]
direction TB
style bookingItem.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitorRel.contact:roles[ ]
style bookingItem.debitorRel.contact:roles fill:#99bcdb,stroke:white
role:bookingItem.debitorRel.contact:OWNER[[bookingItem.debitorRel.contact:OWNER]]
role:bookingItem.debitorRel.contact:ADMIN[[bookingItem.debitorRel.contact:ADMIN]]
role:bookingItem.debitorRel.contact:REFERRER[[bookingItem.debitorRel.contact:REFERRER]]
end
end
subgraph bookingItem.debitorRel.holderPerson["`**bookingItem.debitorRel.holderPerson**`"]
direction TB
style bookingItem.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitorRel.holderPerson:roles[ ]
style bookingItem.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
role:bookingItem.debitorRel.holderPerson:OWNER[[bookingItem.debitorRel.holderPerson:OWNER]]
role:bookingItem.debitorRel.holderPerson:ADMIN[[bookingItem.debitorRel.holderPerson:ADMIN]]
role:bookingItem.debitorRel.holderPerson:REFERRER[[bookingItem.debitorRel.holderPerson:REFERRER]]
end
end
subgraph bookingItem.debitor.refundBankAccount["`**bookingItem.debitor.refundBankAccount**`"]
direction TB
style bookingItem.debitor.refundBankAccount fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitor.refundBankAccount:roles[ ]
style bookingItem.debitor.refundBankAccount:roles fill:#99bcdb,stroke:white
role:bookingItem.debitor.refundBankAccount:OWNER[[bookingItem.debitor.refundBankAccount:OWNER]]
role:bookingItem.debitor.refundBankAccount:ADMIN[[bookingItem.debitor.refundBankAccount:ADMIN]]
role:bookingItem.debitor.refundBankAccount:REFERRER[[bookingItem.debitor.refundBankAccount:REFERRER]]
end
end
subgraph bookingItem.debitor.debitorRel.contact["`**bookingItem.debitor.debitorRel.contact**`"]
direction TB
style bookingItem.debitor.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitor.debitorRel.contact:roles[ ]
style bookingItem.debitor.debitorRel.contact:roles fill:#99bcdb,stroke:white
role:bookingItem.debitor.debitorRel.contact:OWNER[[bookingItem.debitor.debitorRel.contact:OWNER]]
role:bookingItem.debitor.debitorRel.contact:ADMIN[[bookingItem.debitor.debitorRel.contact:ADMIN]]
role:bookingItem.debitor.debitorRel.contact:REFERRER[[bookingItem.debitor.debitorRel.contact:REFERRER]]
end
end
subgraph bookingItem.debitor["`**bookingItem.debitor**`"]
direction TB
style bookingItem.debitor fill:#99bcdb,stroke:#274d6e,stroke-width:8px
end
subgraph bookingItem.debitor.debitorRel.holderPerson["`**bookingItem.debitor.debitorRel.holderPerson**`"]
direction TB
style bookingItem.debitor.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitor.debitorRel.holderPerson:roles[ ]
style bookingItem.debitor.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
role:bookingItem.debitor.debitorRel.holderPerson:OWNER[[bookingItem.debitor.debitorRel.holderPerson:OWNER]]
role:bookingItem.debitor.debitorRel.holderPerson:ADMIN[[bookingItem.debitor.debitorRel.holderPerson:ADMIN]]
role:bookingItem.debitor.debitorRel.holderPerson:REFERRER[[bookingItem.debitor.debitorRel.holderPerson:REFERRER]]
end
end
subgraph bookingItem.debitor.debitorRel["`**bookingItem.debitor.debitorRel**`"]
direction TB
style bookingItem.debitor.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
subgraph bookingItem.debitor.debitorRel:roles[ ]
style bookingItem.debitor.debitorRel:roles fill:#99bcdb,stroke:white
role:bookingItem.debitor.debitorRel:OWNER[[bookingItem.debitor.debitorRel:OWNER]]
role:bookingItem.debitor.debitorRel:ADMIN[[bookingItem.debitor.debitorRel:ADMIN]]
role:bookingItem.debitor.debitorRel:AGENT[[bookingItem.debitor.debitorRel:AGENT]]
role:bookingItem.debitor.debitorRel:TENANT[[bookingItem.debitor.debitorRel:TENANT]]
end
end
%% granting roles to roles
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel.anchorPerson:OWNER
role:bookingItem.debitor.debitorRel.anchorPerson:OWNER -.-> role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN
role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitor.debitorRel.anchorPerson:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel.holderPerson:OWNER
role:bookingItem.debitor.debitorRel.holderPerson:OWNER -.-> role:bookingItem.debitor.debitorRel.holderPerson:ADMIN
role:bookingItem.debitor.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitor.debitorRel.holderPerson:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel.contact:OWNER
role:bookingItem.debitor.debitorRel.contact:OWNER -.-> role:bookingItem.debitor.debitorRel.contact:ADMIN
role:bookingItem.debitor.debitorRel.contact:ADMIN -.-> role:bookingItem.debitor.debitorRel.contact:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel:OWNER
role:bookingItem.debitor.debitorRel:OWNER -.-> role:bookingItem.debitor.debitorRel:ADMIN
role:bookingItem.debitor.debitorRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.debitorRel:TENANT
role:bookingItem.debitor.debitorRel.contact:ADMIN -.-> role:bookingItem.debitor.debitorRel:TENANT
role:bookingItem.debitor.debitorRel:TENANT -.-> role:bookingItem.debitor.debitorRel.anchorPerson:REFERRER
role:bookingItem.debitor.debitorRel:TENANT -.-> role:bookingItem.debitor.debitorRel.holderPerson:REFERRER
role:bookingItem.debitor.debitorRel:TENANT -.-> role:bookingItem.debitor.debitorRel.contact:REFERRER
role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitor.debitorRel:OWNER
role:bookingItem.debitor.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
role:global:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:OWNER
role:bookingItem.debitor.refundBankAccount:OWNER -.-> role:bookingItem.debitor.refundBankAccount:ADMIN
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel.anchorPerson:OWNER
role:bookingItem.debitor.partnerRel.anchorPerson:OWNER -.-> role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN
role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN -.-> role:bookingItem.debitor.partnerRel.anchorPerson:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel.holderPerson:OWNER
role:bookingItem.debitor.partnerRel.holderPerson:OWNER -.-> role:bookingItem.debitor.partnerRel.holderPerson:ADMIN
role:bookingItem.debitor.partnerRel.holderPerson:ADMIN -.-> role:bookingItem.debitor.partnerRel.holderPerson:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel.contact:OWNER
role:bookingItem.debitor.partnerRel.contact:OWNER -.-> role:bookingItem.debitor.partnerRel.contact:ADMIN
role:bookingItem.debitor.partnerRel.contact:ADMIN -.-> role:bookingItem.debitor.partnerRel.contact:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel:OWNER
role:bookingItem.debitor.partnerRel:OWNER -.-> role:bookingItem.debitor.partnerRel:ADMIN
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.partnerRel:AGENT
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
role:bookingItem.debitor.partnerRel.contact:ADMIN -.-> role:bookingItem.debitor.partnerRel:TENANT
role:bookingItem.debitor.partnerRel:TENANT -.-> role:bookingItem.debitor.partnerRel.anchorPerson:REFERRER
role:bookingItem.debitor.partnerRel:TENANT -.-> role:bookingItem.debitor.partnerRel.holderPerson:REFERRER
role:bookingItem.debitor.partnerRel:TENANT -.-> role:bookingItem.debitor.partnerRel.contact:REFERRER
role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN -.-> role:bookingItem.debitor.partnerRel:OWNER
role:bookingItem.debitor.partnerRel.holderPerson:ADMIN -.-> role:bookingItem.debitor.partnerRel:AGENT
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:ADMIN
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.debitorRel:AGENT
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
role:global:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:OWNER
role:bookingItem.debitorRel.anchorPerson:OWNER -.-> role:bookingItem.debitorRel.anchorPerson:ADMIN
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:OWNER
role:bookingItem.debitorRel.holderPerson:OWNER -.-> role:bookingItem.debitorRel.holderPerson:ADMIN
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitorRel.contact:OWNER
role:bookingItem.debitorRel.contact:OWNER -.-> role:bookingItem.debitorRel.contact:ADMIN
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel.contact:REFERRER
role:global:ADMIN -.-> role:bookingItem.debitorRel:OWNER
role:bookingItem.debitorRel:OWNER -.-> role:bookingItem.debitorRel:ADMIN
role:bookingItem.debitorRel:ADMIN -.-> role:bookingItem.debitorRel:AGENT
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem.debitorRel:TENANT
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel:TENANT
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.contact:REFERRER
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel:OWNER
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel:AGENT
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem:OWNER
role:bookingItem:OWNER -.-> role:bookingItem:ADMIN
role:bookingItem:ADMIN -.-> role:bookingItem:TENANT
role:bookingItem:TENANT -.-> role:bookingItem.debitorRel:TENANT
role:bookingItem:ADMIN ==> role:managedServer:OWNER
role:managedServer:OWNER ==> role:managedServer:ADMIN
role:managedServer:ADMIN ==> role:managedServer:TENANT
role:managedServer:TENANT ==> role:bookingItem:TENANT
%% granting permissions to roles
role:bookingItem:ADMIN ==> perm:managedServer:INSERT
role:global:ADMIN ==> perm:managedServer:DELETE
role:managedServer:OWNER ==> perm:managedServer:UPDATE
role:managedServer:TENANT ==> perm:managedServer:SELECT
```

57
src/main/resources/db/changelog/7-hs-hosting/701-hosting-managedserver/7018-hs-hosting-managedserver-test-data.sql Normal file
View File

@ -0,0 +1,57 @@
--liquibase formatted sql
-- ============================================================================
--changeset hs-hosting-managedserver-TEST-DATA-GENERATOR:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a single hs_hosting_managedserver test record.
*/
create or replace procedure createHsHostingManagedServerTestData(
givenPartnerNumber numeric,
givenDebitorSuffix char(2)
)
language plpgsql as $$
declare
currentTask varchar;
relatedDebitor hs_office_debitor;
relatedBookingItem hs_booking_item;
begin
currentTask := 'creating hosting-managedserver test-data ' || givenPartnerNumber::text || givenDebitorSuffix;
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
execute format('set local hsadminng.currentTask to %L', currentTask);
select debitor.* into relatedDebitor
from hs_office_debitor debitor
join hs_office_relation debitorRel on debitorRel.uuid = debitor.debitorRelUuid
join hs_office_relation partnerRel on partnerRel.holderUuid = debitorRel.anchorUuid
join hs_office_partner partner on partner.partnerRelUuid = partnerRel.uuid
where partner.partnerNumber = givenPartnerNumber and debitor.debitorNumberSuffix = givenDebitorSuffix;
select item.* into relatedBookingItem
from hs_booking_item item
where item.debitoruuid = relatedDebitor.uuid
and item.caption = 'some PrivateCloud';
raise notice 'creating test hosting-managedserver: %', givenPartnerNumber::text || givenDebitorSuffix::text;
raise notice '- using debitor (%): %', relatedDebitor.uuid, relatedDebitor;
insert
into hs_hosting_managedserver (uuid, bookingitemuuid, caption, validity, config)
values (uuid_generate_v4(), relatedBookingItem.uuid, 'some ManagedServer', daterange('20221001', null, '[]'), '{ "CPU": 2, "SDD": 512, "extra": 42 }'::jsonb),
(uuid_generate_v4(), relatedBookingItem.uuid, 'another CloudServer', daterange('20230115', '20240415', '[)'), '{ "CPU": 2, "HDD": 1024, "extra": 42 }'::jsonb),
(uuid_generate_v4(), relatedBookingItem.uuid, 'some Whatever', daterange('20240401', null, '[]'), '{ "CPU": 1, "SDD": 512, "HDD": 2048, "extra": 42 }'::jsonb);
end; $$;
--//
-- ============================================================================
--changeset hs-hosting-managedserver-TEST-DATA-GENERATION:1 context=dev,tc endDelimiter:--//
-- ----------------------------------------------------------------------------
do language plpgsql $$
begin
call createHsHostingManagedServerTestData(10001, '11');
call createHsHostingManagedServerTestData(10002, '12');
call createHsHostingManagedServerTestData(10003, '13');
end;
$$;

6
src/main/resources/db/changelog/db.changelog-master.yaml
View File

@ -133,3 +133,9 @@ databaseChangeLog:
file: db/changelog/6-hs-booking/601-booking-item/6013-hs-booking-item-rbac.sql file: db/changelog/6-hs-booking/601-booking-item/6013-hs-booking-item-rbac.sql
- include: - include:
file: db/changelog/6-hs-booking/601-booking-item/6018-hs-booking-item-test-data.sql file: db/changelog/6-hs-booking/601-booking-item/6018-hs-booking-item-test-data.sql
- include:
file: db/changelog/7-hs-hosting/701-hosting-managedserver/7010-hs-hosting-managedserver.sql
- include:
file: db/changelog/7-hs-hosting/701-hosting-managedserver/7013-hs-hosting-managedserver-rbac.sql
- include:
file: db/changelog/7-hs-hosting/701-hosting-managedserver/7018-hs-hosting-managedserver-test-data.sql

12
src/test/java/net/hostsharing/hsadminng/arch/ArchitectureTest.java
View File

@ -51,6 +51,7 @@ public class ArchitectureTest {
"..hs.office.relation", "..hs.office.relation",
"..hs.office.sepamandate", "..hs.office.sepamandate",
"..hs.booking.item", "..hs.booking.item",
"..hs.hosting.managedserver",
"..errors", "..errors",
"..mapper", "..mapper",
"..ping", "..ping",
@ -140,7 +141,16 @@ public class ArchitectureTest {
.should().onlyBeAccessed().byClassesThat() .should().onlyBeAccessed().byClassesThat()
.resideInAnyPackage( .resideInAnyPackage(
"..hs.booking.(*)..", "..hs.booking.(*)..",
"..rbac.rbacgrant" // TODO.test: just because of RbacGrantsDiagramServiceIntegrationTest "..hs.hosting.(*).."
);
@ArchTest
@SuppressWarnings("unused")
public static final ArchRule hsHostingPackageAccessRule = classes()
.that().resideInAPackage("..hs.hosting.(*)..")
.should().onlyBeAccessed().byClassesThat()
.resideInAnyPackage(
"..hs.hosting.(*).."
); );
@ArchTest @ArchTest

24
src/test/java/net/hostsharing/hsadminng/hs/booking/item/TestHsBookingItem.java Normal file
View File

@ -0,0 +1,24 @@
package net.hostsharing.hsadminng.hs.booking.item;
import io.hypersistence.utils.hibernate.type.range.Range;
import lombok.experimental.UtilityClass;
import java.time.LocalDate;
import java.util.Map;
import static java.util.Map.entry;
import static net.hostsharing.hsadminng.hs.office.debitor.TestHsOfficeDebitor.TEST_DEBITOR;
@UtilityClass
public class TestHsBookingItem {
public static final HsBookingItemEntity TEST_BOOKING_ITEM = HsBookingItemEntity.builder()
.debitor(TEST_DEBITOR)
.caption("test booking item")
.resources(Map.ofEntries(
entry("someThing", 1),
entry("anotherThing", "blue")
))
.validity(Range.closedInfinite(LocalDate.of(2020, 1, 15)))
.build();
}

353
src/test/java/net/hostsharing/hsadminng/hs/hosting/managedserver/HsManagedServerControllerAcceptanceTest.java Normal file
View File

@ -0,0 +1,353 @@
package net.hostsharing.hsadminng.hs.hosting.managedserver;
import io.hypersistence.utils.hibernate.type.range.Range;
import io.restassured.RestAssured;
import io.restassured.http.ContentType;
import net.hostsharing.hsadminng.HsadminNgApplication;
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemRepository;
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.web.server.LocalServerPort;
import org.springframework.transaction.annotation.Transactional;
import java.time.LocalDate;
import java.util.Map;
import java.util.UUID;
import static java.util.Map.entry;
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.matchesRegex;
@SpringBootTest(
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
classes = { HsadminNgApplication.class, JpaAttempt.class }
)
@Transactional
class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanup {
@LocalServerPort
private Integer port;
@Autowired
HsManagedServerRepository managedServerRepo;
@Autowired
HsBookingItemRepository bookingItemRepo;
@Autowired
HsOfficeDebitorRepository debitorRepo;
@Autowired
JpaAttempt jpaAttempt;
@Nested
class ListManagedServers {
@Test
void globalAdmin_canViewAllManagedServersOfArbitraryDebitor() {
// given
context("superuser-alex@hostsharing.net");
final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(1000111).get(0);
RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.port(port)
.when()
.get("http://localhost/api/hs/hosting/managedservers?debitorUuid=" + givenDebitor.getUuid())
.then().log().all().assertThat()
.statusCode(200)
.contentType("application/json")
.body("", lenientlyEquals("""
[
{
"caption": "some ManagedServer",
"validFrom": "2022-10-01",
"validTo": null,
"config": {
"CPU": 2,
"SDD": 512,
"extra": 42
}
},
{
"caption": "another CloudServer",
"validFrom": "2023-01-15",
"validTo": "2024-04-14",
"config": {
"CPU": 2,
"HDD": 1024,
"extra": 42
}
},
{
"caption": "some Whatever",
"validFrom": "2024-04-01",
"validTo": null,
"config": {
"CPU": 1,
"HDD": 2048,
"SDD": 512,
"extra": 42
}
}
]
"""));
// @formatter:on
}
}
@Nested
class AddManagedServer {
@Test
void globalAdmin_canAddManagedServer() {
context.define("superuser-alex@hostsharing.net");
final var givenBookingItem = givenBookingItem("First", "some PrivateCloud");
final var location = RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.contentType(ContentType.JSON)
.body("""
{
"bookingItemUuid": "%s",
"caption": "some new CloudServer",
"config": { "CPU": 3, "extra": 42 },
"validFrom": "2024-04-17"
}
""".formatted(givenBookingItem.getUuid()))
.port(port)
.when()
.post("http://localhost/api/hs/hosting/managedservers")
.then().log().all().assertThat()
.statusCode(201)
.contentType(ContentType.JSON)
.body("", lenientlyEquals("""
{
"caption": "some new CloudServer",
"config": { "CPU": 3, "extra": 42 },
"validFrom": "2024-04-17"
}
"""))
.header("Location", matchesRegex("http://localhost:[1-9][0-9]*/api/hs/hosting/managedservers/[^/]*"))
.extract().header("Location"); // @formatter:on
// finally, the new managedServer can be accessed under the generated UUID
final var newUserUuid = UUID.fromString(
location.substring(location.lastIndexOf('/') + 1));
assertThat(newUserUuid).isNotNull();
}
}
@Nested
class GetManagedServer {
@Test
void globalAdmin_canGetArbitraryManagedServer() {
context.define("superuser-alex@hostsharing.net");
final var givenManagedServerUuid = managedServerRepo.findAll().stream()
.filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000111)
.filter(item -> item.getCaption().equals("some ManagedServer"))
.findAny().orElseThrow().getUuid();
RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.port(port)
.when()
.get("http://localhost/api/hs/hosting/managedservers/" + givenManagedServerUuid)
.then().log().all().assertThat()
.statusCode(200)
.contentType("application/json")
.body("", lenientlyEquals("""
{
"caption": "some ManagedServer",
"validFrom": "2022-10-01",
"validTo": null,
"config": {
"CPU": 2,
"SDD": 512,
"extra": 42
}
}
""")); // @formatter:on
}
@Test
void normalUser_canNotGetUnrelatedManagedServer() {
context.define("superuser-alex@hostsharing.net");
final var givenManagedServerUuid = managedServerRepo.findAll().stream()
.filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000212)
.map(HsManagedServerEntity::getUuid)
.findAny().orElseThrow();
RestAssured // @formatter:off
.given()
.header("current-user", "selfregistered-user-drew@hostsharing.org")
.port(port)
.when()
.get("http://localhost/api/hs/hosting/managedservers/" + givenManagedServerUuid)
.then().log().body().assertThat()
.statusCode(404); // @formatter:on
}
@Test
void debitorAgentUser_canGetRelatedManagedServer() {
context.define("superuser-alex@hostsharing.net");
final var givenManagedServerUuid = managedServerRepo.findAll().stream()
.filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000313)
.filter(bi -> bi.getCaption().equals("some ManagedServer"))
.findAny().orElseThrow().getUuid();
RestAssured // @formatter:off
.given()
.header("current-user", "person-TuckerJack@example.com")
.port(port)
.when()
.get("http://localhost/api/hs/hosting/managedservers/" + givenManagedServerUuid)
.then().log().all().assertThat()
.statusCode(200)
.contentType("application/json")
.body("", lenientlyEquals("""
{
"caption": "some ManagedServer",
"validFrom": "2022-10-01",
"validTo": null,
"config": {
"CPU": 2,
"SDD": 512,
"extra": 42
}
}
""")); // @formatter:on
}
}
@Nested
class PatchManagedServer {
@Test
void globalAdmin_canPatchAllUpdatablePropertiesOfManagedServer() {
final var givenManagedServer = givenSomeTemporaryManagedServerForDebitorNumber(1000111, entry("something", 1));
RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.contentType(ContentType.JSON)
.body("""
{
"validFrom": "2020-06-05",
"validTo": "2022-12-31",
"config": {
"CPU": "4",
"HDD": null,
"SSD": "4096"
}
}
""")
.port(port)
.when()
.patch("http://localhost/api/hs/hosting/managedservers/" + givenManagedServer.getUuid())
.then().log().all().assertThat()
.statusCode(200)
.contentType(ContentType.JSON)
.body("", lenientlyEquals("""
{
"caption": "some test-booking",
"validFrom": "2022-11-01",
"validTo": "2022-12-31",
"config": {
"CPU": "4",
"SSD": "4096",
"something": 1
}
}
""")); // @formatter:on
// finally, the managedServer is actually updated
context.define("superuser-alex@hostsharing.net");
assertThat(managedServerRepo.findByUuid(givenManagedServer.getUuid())).isPresent().get()
.matches(mandate -> {
assertThat(mandate.getBookingItem().toShortString()).isEqualTo("D-1000111:some CloudServer");
assertThat(mandate.getValidFrom()).isEqualTo("2022-11-01");
assertThat(mandate.getValidTo()).isEqualTo("2022-12-31");
return true;
});
}
}
@Nested
class DeleteManagedServer {
@Test
void globalAdmin_canDeleteArbitraryManagedServer() {
context.define("superuser-alex@hostsharing.net");
final var givenManagedServer = givenSomeTemporaryManagedServerForDebitorNumber(1000111, entry("something", 1));
RestAssured // @formatter:off
.given()
.header("current-user", "superuser-alex@hostsharing.net")
.port(port)
.when()
.delete("http://localhost/api/hs/hosting/managedservers/" + givenManagedServer.getUuid())
.then().log().body().assertThat()
.statusCode(204); // @formatter:on
// then the given managedServer is gone
assertThat(managedServerRepo.findByUuid(givenManagedServer.getUuid())).isEmpty();
}
@Test
void normalUser_canNotDeleteUnrelatedManagedServer() {
context.define("superuser-alex@hostsharing.net");
final var givenManagedServer = givenSomeTemporaryManagedServerForDebitorNumber(1000111, entry("something", 1));
RestAssured // @formatter:off
.given()
.header("current-user", "selfregistered-user-drew@hostsharing.org")
.port(port)
.when()
.delete("http://localhost/api/hs/hosting/managedservers/" + givenManagedServer.getUuid())
.then().log().body().assertThat()
.statusCode(404); // @formatter:on
// then the given managedServer is still there
assertThat(managedServerRepo.findByUuid(givenManagedServer.getUuid())).isNotEmpty();
}
}
HsBookingItemEntity givenBookingItem(final String debitorName, final String bookingItemCaption) {
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike(debitorName).stream().findAny().orElseThrow();
return bookingItemRepo.findAllByDebitorUuid(givenDebitor.getUuid()).stream()
.filter(i -> i.getCaption().equals(bookingItemCaption))
.findAny().orElseThrow();
}
private HsManagedServerEntity givenSomeTemporaryManagedServerForDebitorNumber(final int debitorNumber,
final Map.Entry<String, Integer> resources) {
return jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net");
final var newManagedServer = HsManagedServerEntity.builder()
.uuid(UUID.randomUUID())
.bookingItem(givenBookingItem("First", "some CloudServer"))
.caption("some test-booking")
.config(Map.ofEntries(resources))
.validity(Range.closedOpen(
LocalDate.parse("2022-11-01"), LocalDate.parse("2023-03-31")))
.build();
return managedServerRepo.save(newManagedServer);
}).assertSuccessful().returnedValue();
}
}

112
src/test/java/net/hostsharing/hsadminng/hs/hosting/managedserver/HsManagedServerEntityPatcherUnitTest.java Normal file
View File

@ -0,0 +1,112 @@
package net.hostsharing.hsadminng.hs.hosting.managedserver;
import io.hypersistence.utils.hibernate.type.range.Range;
import net.hostsharing.hsadminng.hs.hosting.generated.api.v1.model.HsManagedServerPatchResource;
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorEntity;
import net.hostsharing.hsadminng.mapper.KeyValueMap;
import net.hostsharing.hsadminng.rbac.test.PatchUnitTestBase;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.TestInstance;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import jakarta.persistence.EntityManager;
import java.time.LocalDate;
import java.util.Map;
import java.util.UUID;
import java.util.stream.Stream;
import static net.hostsharing.hsadminng.hs.booking.item.TestHsBookingItem.TEST_BOOKING_ITEM;
import static net.hostsharing.hsadminng.mapper.PatchMap.entry;
import static net.hostsharing.hsadminng.mapper.PatchMap.patchMap;
import static org.junit.jupiter.api.TestInstance.Lifecycle.PER_CLASS;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.lenient;
@TestInstance(PER_CLASS)
@ExtendWith(MockitoExtension.class)
class HsManagedServerEntityPatcherUnitTest extends PatchUnitTestBase<
HsManagedServerPatchResource,
HsManagedServerEntity
> {
private static final UUID INITIAL_BOOKING_ITEM_UUID = UUID.randomUUID();
private static final LocalDate GIVEN_VALID_FROM = LocalDate.parse("2020-04-15");
private static final LocalDate PATCHED_VALID_TO = LocalDate.parse("2022-12-31");
private static final Map<String, Object> INITIAL_CONFIG = patchMap(
entry("CPU", 1),
entry("HDD", 1024),
entry("MEM", 64)
);
private static final Map<String, Object> PATCH_CONFIG = patchMap(
entry("CPU", 2),
entry("HDD", null),
entry("SDD", 256)
);
private static final Map<String, Object> PATCHED_CONFIG = patchMap(
entry("CPU", 2),
entry("SDD", 256),
entry("MEM", 64)
);
private static final String INITIAL_CAPTION = "initial caption";
private static final String PATCHED_CAPTION = "patched caption";
@Mock
private EntityManager em;
@BeforeEach
void initMocks() {
lenient().when(em.getReference(eq(HsOfficeDebitorEntity.class), any())).thenAnswer(invocation ->
HsOfficeDebitorEntity.builder().uuid(invocation.getArgument(1)).build());
lenient().when(em.getReference(eq(HsManagedServerEntity.class), any())).thenAnswer(invocation ->
HsManagedServerEntity.builder().uuid(invocation.getArgument(1)).build());
}
@Override
protected HsManagedServerEntity newInitialEntity() {
final var entity = new HsManagedServerEntity();
entity.setUuid(INITIAL_BOOKING_ITEM_UUID);
entity.setBookingItem(TEST_BOOKING_ITEM);
entity.getConfig().putAll(KeyValueMap.from(INITIAL_CONFIG));
entity.setCaption(INITIAL_CAPTION);
entity.setValidity(Range.closedInfinite(GIVEN_VALID_FROM));
return entity;
}
@Override
protected HsManagedServerPatchResource newPatchResource() {
return new HsManagedServerPatchResource();
}
@Override
protected HsManagedServerEntityPatcher createPatcher(final HsManagedServerEntity managedServer) {
return new HsManagedServerEntityPatcher(managedServer);
}
@Override
protected Stream<Property> propertyTestDescriptors() {
return Stream.of(
new JsonNullableProperty<>(
"caption",
HsManagedServerPatchResource::setCaption,
PATCHED_CAPTION,
HsManagedServerEntity::setCaption),
new SimpleProperty<>(
"config",
HsManagedServerPatchResource::setConfig,
PATCH_CONFIG,
HsManagedServerEntity::putConfig,
PATCHED_CONFIG)
.notNullable(),
new JsonNullableProperty<>(
"validto",
HsManagedServerPatchResource::setValidTo,
PATCHED_VALID_TO,
HsManagedServerEntity::setValidTo)
);
}
}

57
src/test/java/net/hostsharing/hsadminng/hs/hosting/managedserver/HsManagedServerEntityUnitTest.java Normal file
View File

@ -0,0 +1,57 @@
package net.hostsharing.hsadminng.hs.hosting.managedserver;
import org.junit.jupiter.api.Test;
import java.time.LocalDate;
import java.util.Map;
import static java.util.Map.entry;
import static net.hostsharing.hsadminng.hs.booking.item.TestHsBookingItem.TEST_BOOKING_ITEM;
import static net.hostsharing.hsadminng.mapper.PostgresDateRange.toPostgresDateRange;
import static org.assertj.core.api.Assertions.assertThat;
class HsManagedServerEntityUnitTest {
public static final LocalDate GIVEN_VALID_FROM = LocalDate.parse("2020-01-01");
public static final LocalDate GIVEN_VALID_TO = LocalDate.parse("2030-12-31");
final HsManagedServerEntity givenManagedServer = HsManagedServerEntity.builder()
.bookingItem(TEST_BOOKING_ITEM)
.caption("some caption")
.config(Map.ofEntries(
entry("CPUs", 2),
entry("SSD-storage", 512),
entry("HDD-storage", 2048)))
.validity(toPostgresDateRange(GIVEN_VALID_FROM, GIVEN_VALID_TO))
.build();
@Test
void toStringContainsAllPropertiesAndResourcesSortedByKey() {
final var result = givenManagedServer.toString();
assertThat(result).isEqualTo(
"HsManagedServerEntity(D-1000100:test booking item, [2020-01-01,2031-01-01), some caption, { CPUs: 2, HDD-storage: 2048, SSD-storage: 512 })");
}
@Test
void toShortStringContainsOnlyMemberNumberAndCaption() {
final var result = givenManagedServer.toShortString();
assertThat(result).isEqualTo("D-1000100:test booking item:some caption");
}
@Test
void settingValidFromKeepsValidTo() {
givenManagedServer.setValidFrom(LocalDate.parse("2023-12-31"));
assertThat(givenManagedServer.getValidFrom()).isEqualTo(LocalDate.parse("2023-12-31"));
assertThat(givenManagedServer.getValidTo()).isEqualTo(GIVEN_VALID_TO);
}
@Test
void settingValidToKeepsValidFrom() {
givenManagedServer.setValidTo(LocalDate.parse("2024-12-31"));
assertThat(givenManagedServer.getValidFrom()).isEqualTo(GIVEN_VALID_FROM);
assertThat(givenManagedServer.getValidTo()).isEqualTo(LocalDate.parse("2024-12-31"));
}
}

349
src/test/java/net/hostsharing/hsadminng/hs/hosting/managedserver/HsManagedServerRepositoryIntegrationTest.java Normal file
View File

@ -0,0 +1,349 @@
package net.hostsharing.hsadminng.hs.hosting.managedserver;
import io.hypersistence.utils.hibernate.type.range.Range;
import net.hostsharing.hsadminng.context.Context;
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemRepository;
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
import net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantRepository;
import net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleRepository;
import net.hostsharing.hsadminng.rbac.test.Array;
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.context.annotation.Import;
import org.springframework.orm.jpa.JpaSystemException;
import jakarta.persistence.EntityManager;
import jakarta.persistence.PersistenceContext;
import jakarta.servlet.http.HttpServletRequest;
import java.time.LocalDate;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import static java.util.Map.entry;
import static net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantEntity.distinctGrantDisplaysOf;
import static net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleEntity.distinctRoleNamesOf;
import static net.hostsharing.hsadminng.rbac.test.Array.fromFormatted;
import static net.hostsharing.hsadminng.rbac.test.JpaAttempt.attempt;
import static org.assertj.core.api.Assertions.assertThat;
@DataJpaTest
@Import({ Context.class, JpaAttempt.class })
class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithCleanup {
@Autowired
HsManagedServerRepository managedServerRepo;
@Autowired
HsBookingItemRepository bookingItemRepo;
@Autowired
HsOfficeDebitorRepository debitorRepo;
@Autowired
RawRbacRoleRepository rawRoleRepo;
@Autowired
RawRbacGrantRepository rawGrantRepo;
@Autowired
JpaAttempt jpaAttempt;
@PersistenceContext
EntityManager em;
@MockBean
HttpServletRequest request;
@Nested
class CreateManagedServer {
@Test
public void testHostsharingAdmin_withoutAssumedRole_canCreateNewManagedServer() {
// given
context("superuser-alex@hostsharing.net");
final var count = managedServerRepo.count();
final var givenBookingItem = givenBookingItem("First", "some CloudServer");
// when
final var result = attempt(em, () -> {
final var newManagedServer = HsManagedServerEntity.builder()
.bookingItem(givenBookingItem)
.caption("some new booking managedserver")
.validity(Range.closedOpen(
LocalDate.parse("2020-01-01"), LocalDate.parse("2023-01-01")))
.build();
return toCleanup(managedServerRepo.save(newManagedServer));
});
// then
result.assertSuccessful();
assertThat(result.returnedValue()).isNotNull().extracting(HsManagedServerEntity::getUuid).isNotNull();
assertThatManagedServerIsPersisted(result.returnedValue());
assertThat(managedServerRepo.count()).isEqualTo(count + 1);
}
@Test
public void createsAndGrantsRoles() {
// given
context("superuser-alex@hostsharing.net");
final var initialRoleNames = distinctRoleNamesOf(rawRoleRepo.findAll());
final var initialGrantNames = distinctGrantDisplaysOf(rawGrantRepo.findAll()).stream()
.map(s -> s.replace("hs_office_", ""))
.toList();
final var givenBookingItem = givenBookingItem("First", "some CloudServer");
// when
attempt(em, () -> {
final var newManagedServer = HsManagedServerEntity.builder()
.bookingItem(givenBookingItem)
.caption("some new booking managedserver")
.validity(Range.closedOpen(
LocalDate.parse("2020-01-01"), LocalDate.parse("2023-01-01")))
.build();
return toCleanup(managedServerRepo.save(newManagedServer));
});
// then
final var all = rawRoleRepo.findAll();
assertThat(distinctRoleNamesOf(all)).containsExactlyInAnyOrder(Array.from(
initialRoleNames,
"hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:ADMIN",
"hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:OWNER",
"hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:TENANT"));
assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll()))
.map(s -> s.replace("hs_office_", ""))
.containsExactlyInAnyOrder(fromFormatted(
initialGrantNames,
// global-admin
"{ grant perm:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:DELETE to role:global#global:ADMIN by system and assume }",
// owner
"{ grant perm:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:UPDATE to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:OWNER by system and assume }",
"{ grant role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:OWNER to role:hs_booking_item#D-1000111:someCloudServer:ADMIN by system and assume }",
// admin
"{ grant role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:ADMIN to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:OWNER by system and assume }",
// tenant
"{ grant role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:TENANT to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:ADMIN by system and assume }",
"{ grant perm:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:SELECT to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:TENANT by system and assume }",
"{ grant role:hs_booking_item#D-1000111:someCloudServer:TENANT to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:TENANT by system and assume }",
null));
}
private void assertThatManagedServerIsPersisted(final HsManagedServerEntity saved) {
final var found = managedServerRepo.findByUuid(saved.getUuid());
assertThat(found).isNotEmpty().map(HsManagedServerEntity::toString).get().isEqualTo(saved.toString());
}
}
@Nested
class FindByDebitorUuid {
@Test
public void globalAdmin_withoutAssumedRole_canViewAllManagedServersOfArbitraryDebitor() {
// given
context("superuser-alex@hostsharing.net");
final var debitorUuid = debitorRepo.findDebitorByDebitorNumber(1000212).stream()
.findAny().orElseThrow().getUuid();
// when
final var result = managedServerRepo.findAllByDebitorUuid(debitorUuid);
// then
allTheseManagedServersAreReturned(
result,
"HsManagedServerEntity(D-1000212:some PrivateCloud, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
"HsManagedServerEntity(D-1000212:some PrivateCloud, [2023-01-15,2024-04-15), another CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
"HsManagedServerEntity(D-1000212:some PrivateCloud, [2024-04-01,), some Whatever, { CPU: 1, HDD: 2048, SDD: 512, extra: 42 })");
}
@Test
public void normalUser_canViewOnlyRelatedManagedServers() {
// given:
context("person-FirbySusan@example.com");
final var debitorUuid = debitorRepo.findDebitorByDebitorNumber(1000111).stream().findAny().orElseThrow().getUuid();
// when:
final var result = managedServerRepo.findAllByDebitorUuid(debitorUuid);
// then:
exactlyTheseManagedServersAreReturned(
result,
"HsManagedServerEntity(D-1000111:some PrivateCloud, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
"HsManagedServerEntity(D-1000111:some PrivateCloud, [2023-01-15,2024-04-15), another CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
"HsManagedServerEntity(D-1000111:some PrivateCloud, [2024-04-01,), some Whatever, { CPU: 1, HDD: 2048, SDD: 512, extra: 42 })");
}
}
@Nested
class UpdateManagedServer {
@Test
public void hostsharingAdmin_canUpdateArbitraryManagedServer() {
// given
final var givenManagedServerUuid = givenSomeTemporaryManagedServer(1000111).getUuid();
// when
final var result = jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
final var foundManagedServer = em.find(HsManagedServerEntity.class, givenManagedServerUuid);
foundManagedServer.getConfig().put("CPUs", 2);
foundManagedServer.getConfig().remove("SSD-storage");
foundManagedServer.getConfig().put("HSD-storage", 2048);
foundManagedServer.setValidity(Range.closedOpen(
LocalDate.parse("2019-05-17"), LocalDate.parse("2023-01-01")));
return toCleanup(managedServerRepo.save(foundManagedServer));
});
// then
result.assertSuccessful();
jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
assertThatManagedServerActuallyInDatabase(result.returnedValue());
}).assertSuccessful();
}
private void assertThatManagedServerActuallyInDatabase(final HsManagedServerEntity saved) {
final var found = managedServerRepo.findByUuid(saved.getUuid());
assertThat(found).isNotEmpty().get().isNotSameAs(saved)
.extracting(Object::toString).isEqualTo(saved.toString());
}
}
@Nested
class DeleteByUuid {
@Test
public void globalAdmin_withoutAssumedRole_canDeleteAnyManagedServer() {
// given
context("superuser-alex@hostsharing.net", null);
final var givenManagedServer = givenSomeTemporaryManagedServer(1000111);
// when
final var result = jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
managedServerRepo.deleteByUuid(givenManagedServer.getUuid());
});
// then
result.assertSuccessful();
assertThat(jpaAttempt.transacted(() -> {
context("superuser-fran@hostsharing.net", null);
return managedServerRepo.findByUuid(givenManagedServer.getUuid());
}).assertSuccessful().returnedValue()).isEmpty();
}
@Test
public void nonGlobalAdmin_canNotDeleteTheirRelatedManagedServer() {
// given
context("superuser-alex@hostsharing.net", null);
final var givenManagedServer = givenSomeTemporaryManagedServer(1000111);
// when
final var result = jpaAttempt.transacted(() -> {
context("person-FirbySusan@example.com");
assertThat(managedServerRepo.findByUuid(givenManagedServer.getUuid())).isPresent();
managedServerRepo.deleteByUuid(givenManagedServer.getUuid());
});
// then
result.assertExceptionWithRootCauseMessage(
JpaSystemException.class,
"[403] Subject ", " is not allowed to delete hs_hosting_managedserver");
assertThat(jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
return managedServerRepo.findByUuid(givenManagedServer.getUuid());
}).assertSuccessful().returnedValue()).isPresent(); // still there
}
@Test
public void deletingAManagedServerAlsoDeletesRelatedRolesAndGrants() {
// given
context("superuser-alex@hostsharing.net");
final var initialRoleNames = Array.from(distinctRoleNamesOf(rawRoleRepo.findAll()));
final var initialGrantNames = Array.from(distinctGrantDisplaysOf(rawGrantRepo.findAll()));
final var givenManagedServer = givenSomeTemporaryManagedServer(1000111);
// when
final var result = jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
return managedServerRepo.deleteByUuid(givenManagedServer.getUuid());
});
// then
result.assertSuccessful();
assertThat(result.returnedValue()).isEqualTo(1);
assertThat(distinctRoleNamesOf(rawRoleRepo.findAll())).containsExactlyInAnyOrder(initialRoleNames);
assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll())).containsExactlyInAnyOrder(initialGrantNames);
}
}
@Test
public void auditJournalLogIsAvailable() {
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp
from tx_journal_v
where targettable = 'hs_hosting_managedserver';
""");
// when
@SuppressWarnings("unchecked") final List<Object[]> customerLogEntries = query.getResultList();
// then
assertThat(customerLogEntries).map(Arrays::toString).contains(
"[creating hosting-managedserver test-data 1000111, hs_hosting_managedserver, INSERT]",
"[creating hosting-managedserver test-data 1000212, hs_hosting_managedserver, INSERT]",
"[creating hosting-managedserver test-data 1000313, hs_hosting_managedserver, INSERT]");
}
private HsManagedServerEntity givenSomeTemporaryManagedServer(final int debitorNumber) {
return jpaAttempt.transacted(() -> {
context("superuser-alex@hostsharing.net");
final var givenBookingItem = givenBookingItem("First", "some CloudServer");
final var newManagedServer = HsManagedServerEntity.builder()
.bookingItem(givenBookingItem)
.caption("some temp booking managedserver")
.validity(Range.closedOpen(
LocalDate.parse("2020-01-01"), LocalDate.parse("2023-01-01")))
.config(Map.ofEntries(
entry("CPUs", 1),
entry("SSD-storage", 256)))
.build();
return toCleanup(managedServerRepo.save(newManagedServer));
}).assertSuccessful().returnedValue();
}
HsBookingItemEntity givenBookingItem(final String debitorName, final String bookingItemCaption) {
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike(debitorName).stream().findAny().orElseThrow();
return bookingItemRepo.findAllByDebitorUuid(givenDebitor.getUuid()).stream()
.filter(i -> i.getCaption().equals(bookingItemCaption))
.findAny().orElseThrow();
}
void exactlyTheseManagedServersAreReturned(
final List<HsManagedServerEntity> actualResult,
final String... managedServerNames) {
assertThat(actualResult)
.extracting(managedServerEntity -> managedServerEntity.toString())
.containsExactlyInAnyOrder(managedServerNames);
}
void allTheseManagedServersAreReturned(final List<HsManagedServerEntity> actualResult, final String... managedServerNames) {
assertThat(actualResult)
.extracting(managedServerEntity -> managedServerEntity.toString())
.contains(managedServerNames);
}
}