it's always better to test for exact returns then just for "contains", amended all calls, thus this methods is not needed anymore
the test name says "normalUser ..." but the superuser context without assumed role was still open, now assuming a normal users role
because of the mismatch of debitor+project, ?projectUuid=" + givenProject.getUuid()
was ignored and too many rows were returned, now, where this is fixed, only the rows for "D-1000111 default project" get returned
This was a remnant from times before we had a project between debitor and asset. project makes more sense and the actual query was only implemented for project anyway.
This JPQL query did only work for hosting-assets which have a directly-assigned booking-item because "left" was missing for the joins.