introduce-booking-project-and-nested-booking-items #57
@ -150,7 +150,7 @@ public class InsertTriggerGenerator {
|
|||||||
returns trigger
|
returns trigger
|
||||||
language plpgsql as $$
|
language plpgsql as $$
|
||||||
begin
|
begin
|
||||||
raise exception '[403] insert into ${rawSubTable} not allowed regardless of current subject, no insert permissions grated at all';
|
raise exception '[403] insert into ${rawSubTable} values(%) not allowed regardless of current subject, no insert permissions granted at all', NEW;
|
||||||
end; $$;
|
end; $$;
|
||||||
|
|
||||||
create trigger ${rawSubTable}_insert_permission_check_tg
|
create trigger ${rawSubTable}_insert_permission_check_tg
|
||||||
@ -254,8 +254,8 @@ public class InsertTriggerGenerator {
|
|||||||
private void generateInsertPermissionsChecksFooter(final StringWriter plPgSql) {
|
private void generateInsertPermissionsChecksFooter(final StringWriter plPgSql) {
|
||||||
plPgSql.writeLn();
|
plPgSql.writeLn();
|
||||||
plPgSql.writeLn("""
|
plPgSql.writeLn("""
|
||||||
raise exception '[403] insert into ${rawSubTable} not allowed for current subjects % (%)',
|
raise exception '[403] insert into ${rawSubTable} values(%) not allowed for current subjects % (%)',
|
||||||
currentSubjects(), currentSubjectsUuids();
|
NEW, currentSubjects(), currentSubjectsUuids();
|
||||||
end; $$;
|
end; $$;
|
||||||
|
|
||||||
create trigger ${rawSubTable}_insert_permission_check_tg
|
create trigger ${rawSubTable}_insert_permission_check_tg
|
||||||
|
|||||||
@ -232,8 +232,8 @@ begin
|
|||||||
return NEW;
|
return NEW;
|
||||||
end if;
|
end if;
|
||||||
|
|
||||||
raise exception '[403] insert into hs_hosting_asset not allowed for current subjects % (%)',
|
raise exception '[403] insert into hs_hosting_asset values(%) not allowed for current subjects % (%)',
|
||||||
currentSubjects(), currentSubjectsUuids();
|
NEW, currentSubjects(), currentSubjectsUuids();
|
||||||
end; $$;
|
end; $$;
|
||||||
|
|
||||||
create trigger hs_hosting_asset_insert_permission_check_tg
|
create trigger hs_hosting_asset_insert_permission_check_tg
|
||||||
|
|||||||
@ -39,6 +39,7 @@ public class ArchitectureTest {
|
|||||||
"..context",
|
"..context",
|
||||||
"..generated..",
|
"..generated..",
|
||||||
"..persistence..",
|
"..persistence..",
|
||||||
|
"..validation..",
|
||||||
"..hs.office.bankaccount",
|
"..hs.office.bankaccount",
|
||||||
"..hs.office.contact",
|
"..hs.office.contact",
|
||||||
"..hs.office.coopassets",
|
"..hs.office.coopassets",
|
||||||
@ -50,9 +51,11 @@ public class ArchitectureTest {
|
|||||||
"..hs.office.person",
|
"..hs.office.person",
|
||||||
"..hs.office.relation",
|
"..hs.office.relation",
|
||||||
"..hs.office.sepamandate",
|
"..hs.office.sepamandate",
|
||||||
|
"..hs.booking.project",
|
||||||
"..hs.booking.item",
|
"..hs.booking.item",
|
||||||
|
"..hs.booking.item.validators",
|
||||||
"..hs.hosting.asset",
|
"..hs.hosting.asset",
|
||||||
"..hs.hosting.asset.validator",
|
"..hs.hosting.asset.validators",
|
||||||
"..errors",
|
"..errors",
|
||||||
"..mapper",
|
"..mapper",
|
||||||
"..ping",
|
"..ping",
|
||||||
|
|||||||
@ -5,8 +5,10 @@ import io.restassured.http.ContentType;
|
|||||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||||
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
|
||||||
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemRepository;
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemRepository;
|
||||||
|
import net.hostsharing.hsadminng.hs.booking.project.HsBookingProjectEntity;
|
||||||
import net.hostsharing.hsadminng.hs.booking.project.HsBookingProjectRepository;
|
import net.hostsharing.hsadminng.hs.booking.project.HsBookingProjectRepository;
|
||||||
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
|
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
|
||||||
|
import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantsDiagramService;
|
||||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||||
import org.junit.jupiter.api.Nested;
|
import org.junit.jupiter.api.Nested;
|
||||||
@ -20,6 +22,7 @@ import java.util.Map;
|
|||||||
import java.util.UUID;
|
import java.util.UUID;
|
||||||
|
|
||||||
import static java.util.Map.entry;
|
import static java.util.Map.entry;
|
||||||
|
import static java.util.Optional.ofNullable;
|
||||||
import static net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType.CLOUD_SERVER;
|
import static net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType.CLOUD_SERVER;
|
||||||
import static net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType.MANAGED_SERVER;
|
import static net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType.MANAGED_SERVER;
|
||||||
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
|
import static net.hostsharing.hsadminng.rbac.test.JsonMatcher.lenientlyEquals;
|
||||||
@ -68,7 +71,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
.header("current-user", "superuser-alex@hostsharing.net")
|
.header("current-user", "superuser-alex@hostsharing.net")
|
||||||
.port(port)
|
.port(port)
|
||||||
.when()
|
.when()
|
||||||
.get("http://localhost/api/hs/hosting/assets?projectUuid=" + givenProject.getUuid())
|
.get("http://localhost/api/hs/hosting/assets?projectUuid=" + givenProject.getUuid() + "&type=MANAGED_WEBSPACE")
|
||||||
.then().log().all().assertThat()
|
.then().log().all().assertThat()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.contentType("application/json")
|
.contentType("application/json")
|
||||||
@ -76,7 +79,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
[
|
[
|
||||||
{
|
{
|
||||||
"type": "MANAGED_WEBSPACE",
|
"type": "MANAGED_WEBSPACE",
|
||||||
"identifier": "aaa01",
|
"identifier": "sec01",
|
||||||
"caption": "some Webspace",
|
"caption": "some Webspace",
|
||||||
"config": {
|
"config": {
|
||||||
"HDD": 2048,
|
"HDD": 2048,
|
||||||
@ -86,22 +89,24 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "MANAGED_SERVER",
|
"type": "MANAGED_WEBSPACE",
|
||||||
"identifier": "vm1011",
|
"identifier": "fir01",
|
||||||
"caption": "some ManagedServer",
|
"caption": "some Webspace",
|
||||||
"config": {
|
"config": {
|
||||||
"CPU": 2,
|
"HDD": 2048,
|
||||||
|
"RAM": 1,
|
||||||
"SDD": 512,
|
"SDD": 512,
|
||||||
"extra": 42
|
"extra": 42
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "CLOUD_SERVER",
|
"type": "MANAGED_WEBSPACE",
|
||||||
"identifier": "vm2011",
|
"identifier": "thi01",
|
||||||
"caption": "another CloudServer",
|
"caption": "some Webspace",
|
||||||
"config": {
|
"config": {
|
||||||
"CPU": 2,
|
"HDD": 2048,
|
||||||
"HDD": 1024,
|
"RAM": 1,
|
||||||
|
"SDD": 512,
|
||||||
"extra": 42
|
"extra": 42
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -170,7 +175,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
void globalAdmin_canAddBookedAsset() {
|
void globalAdmin_canAddBookedAsset() {
|
||||||
|
|
||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var givenBookingItem = givenBookingItem("First", "some PrivateCloud");
|
final var givenBookingItem = givenBookingItem("D-1000111 default project", "some PrivateCloud");
|
||||||
|
|
||||||
final var location = RestAssured // @formatter:off
|
final var location = RestAssured // @formatter:off
|
||||||
.given()
|
.given()
|
||||||
@ -212,7 +217,11 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
void parentAssetAgent_canAddSubAsset() {
|
void parentAssetAgent_canAddSubAsset() {
|
||||||
|
|
||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var givenParentAsset = givenParentAsset("First", MANAGED_SERVER);
|
final var givenParentAsset = givenParentAsset("D-1000111 default project", MANAGED_SERVER);
|
||||||
|
|
||||||
|
context.define("person-FirbySusan@example.com");
|
||||||
|
|
||||||
|
generateRbacDiagramForCurrentSubjects(RbacGrantsDiagramService.Include.ALL_NON_TEST_ENTITY_RELATED, "parentAssetAgent_canAddSubAsset"); // FIXME
|
||||||
|
|
||||||
|
hsh-michaelhoennig marked this conversation as resolved
|
|||||||
final var location = RestAssured // @formatter:off
|
final var location = RestAssured // @formatter:off
|
||||||
.given()
|
.given()
|
||||||
@ -254,7 +263,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
void additionalValidationsArePerformend_whenAddingAsset() {
|
void additionalValidationsArePerformend_whenAddingAsset() {
|
||||||
|
|
||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var givenBookingItem = givenBookingItem("First", "some PrivateCloud");
|
final var givenBookingItem = givenBookingItem("D-1000111 default project", "some PrivateCloud");
|
||||||
|
|
||||||
final var location = RestAssured // @formatter:off
|
final var location = RestAssured // @formatter:off
|
||||||
.given()
|
.given()
|
||||||
@ -410,7 +419,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
assertThat(assetRepo.findByUuid(givenAsset.getUuid())).isPresent().get()
|
assertThat(assetRepo.findByUuid(givenAsset.getUuid())).isPresent().get()
|
||||||
.matches(asset -> {
|
.matches(asset -> {
|
||||||
assertThat(asset.toString()).isEqualTo("HsHostingAssetEntity(CLOUD_SERVER, vm2001, some test-asset, D-1000111:some CloudServer, { CPUs: 2, RAM: 100, SSD: 250, Traffic: 2000 })");
|
assertThat(asset.toString()).isEqualTo("HsHostingAssetEntity(CLOUD_SERVER, vm2001, some test-asset, D-1000111:D-1000111 default project:some CloudServer, { CPUs: 2, RAM: 100, SSD: 250, Traffic: 2000 })");
|
||||||
return true;
|
return true;
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
@ -467,9 +476,15 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
.findAny().orElseThrow();
|
.findAny().orElseThrow();
|
||||||
}
|
}
|
||||||
|
|
||||||
HsHostingAssetEntity givenParentAsset(final String debitorName, final HsHostingAssetType assetType) {
|
HsHostingAssetEntity givenParentAsset(final String projectCaption, final HsHostingAssetType assetType) {
|
||||||
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike(debitorName).stream().findAny().orElseThrow();
|
final var givenAsset = assetRepo.findAll().stream()
|
||||||
final var givenAsset = assetRepo.findAllByCriteria(givenDebitor.getUuid(), null, assetType).stream().findAny().orElseThrow();
|
.filter(a -> ofNullable(a)
|
||||||
|
.map(HsHostingAssetEntity::getBookingItem)
|
||||||
|
.map(HsBookingItemEntity::getProject)
|
||||||
|
.map(HsBookingProjectEntity::getCaption)
|
||||||
|
.filter(c -> c.equals(projectCaption))
|
||||||
|
.isPresent())
|
||||||
|
.findAny().orElseThrow();
|
||||||
return givenAsset;
|
return givenAsset;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -481,7 +496,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var newAsset = HsHostingAssetEntity.builder()
|
final var newAsset = HsHostingAssetEntity.builder()
|
||||||
.uuid(UUID.randomUUID())
|
.uuid(UUID.randomUUID())
|
||||||
.bookingItem(givenBookingItem("First", "some CloudServer"))
|
.bookingItem(givenBookingItem("D-1000111 default project", "some CloudServer"))
|
||||||
.type(hostingAssetType)
|
.type(hostingAssetType)
|
||||||
.identifier("vm" + identifierSuffix)
|
.identifier("vm" + identifierSuffix)
|
||||||
.caption("some test-asset")
|
.caption("some test-asset")
|
||||||
|
|||||||
@ -181,7 +181,7 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
.containsExactlyInAnyOrder(Array.fromFormatted(
|
.containsExactlyInAnyOrder(Array.fromFormatted(
|
||||||
initialGrantNames,
|
initialGrantNames,
|
||||||
"{ grant perm:relation#FirstGmbH-with-DEBITOR-FourtheG:INSERT>sepamandate to role:relation#FirstGmbH-with-DEBITOR-FourtheG:ADMIN by system and assume }",
|
"{ grant perm:relation#FirstGmbH-with-DEBITOR-FourtheG:INSERT>sepamandate to role:relation#FirstGmbH-with-DEBITOR-FourtheG:ADMIN by system and assume }",
|
||||||
"{ grant perm:relation#FirstGmbH-with-DEBITOR-FourtheG:INSERT>hs_booking_item to role:relation#FirstGmbH-with-DEBITOR-FourtheG:ADMIN by system and assume }",
|
"{ grant perm:relation#FirstGmbH-with-DEBITOR-FourtheG:INSERT>hs_booking_project to role:relation#FirstGmbH-with-DEBITOR-FourtheG:ADMIN by system and assume }",
|
||||||
|
|
||||||
// owner
|
// owner
|
||||||
"{ grant perm:debitor#D-1000122:DELETE to role:relation#FirstGmbH-with-DEBITOR-FourtheG:OWNER by system and assume }",
|
"{ grant perm:debitor#D-1000122:DELETE to role:relation#FirstGmbH-with-DEBITOR-FourtheG:OWNER by system and assume }",
|
||||||
|
|||||||
@ -20,5 +20,6 @@ public class TestHsOfficeDebitor {
|
|||||||
.contact(TEST_CONTACT)
|
.contact(TEST_CONTACT)
|
||||||
.build())
|
.build())
|
||||||
.partner(TEST_PARTNER)
|
.partner(TEST_PARTNER)
|
||||||
|
.defaultPrefix("abc")
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user
kann weg