WIP for fixing tests before large refactor

OpenConext · Dec 19, 2023 · e7ddcaf · e7ddcaf
1 parent 6fa1b8a
commit e7ddcaf
Show file tree

Hide file tree

Showing 6 changed files with 27 additions and 18 deletions.
diff --git a/server/src/main/java/access/api/RoleController.java b/server/src/main/java/access/api/RoleController.java
@@ -125,7 +125,7 @@ public ResponseEntity<Void> deleteRole(@PathVariable("id") Long id, @Parameter(h
         LOG.debug("/deleteRole");
         Role role = roleRepository.findById(id).orElseThrow(NotFoundException::new);
         manage.addManageMetaData(List.of(role));
-        UserPermissions.assertManagerRole(role.getApplicationMaps(), user);
+        UserPermissions.assertManagerRole(role.getApplications().stream().map(Application::getManageId).toList(), user);
         provisioningService.deleteGroupRequest(role);
         roleRepository.delete(role);
         AccessLogger.role(LOG, Event.Deleted, user, role);
@@ -140,8 +140,9 @@ private ResponseEntity<Role> saveOrUpdate(Role role, User user) {
             throw new InvalidInputException();
         }
         manage.addManageMetaData(List.of(role));
-
-        UserPermissions.assertManagerRole(role.getApplicationMaps(), user);
+        Set<Application> applications = role.getClientApplications();
+        List<String> manageIdentifiers = applications.stream().map(Application::getManageId).toList();
+        UserPermissions.assertManagerRole(manageIdentifiers, user);
 
         boolean isNew = role.getId() == null;
         List<String> previousApplicationIdentifiers = new ArrayList<>();
@@ -152,7 +153,6 @@ private ResponseEntity<Role> saveOrUpdate(Role role, User user) {
             previousApplicationIdentifiers.addAll(previousRole.applicationIdentifiers());
         }
         //This is the disadvantage of having to save references from Manage
-        Set<Application> applications = role.getClientApplications();
         Set<ApplicationUsage> applicationUsages = applications.stream()
                 .map(applicationFromClient -> {
                     Application applicationFromDB = applicationRepository

diff --git a/server/src/main/java/access/model/Application.java b/server/src/main/java/access/model/Application.java
@@ -5,7 +5,10 @@
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import jakarta.persistence.*;
 import jakarta.validation.constraints.NotNull;
-import lombok.*;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
 
 import java.io.Serializable;
 import java.util.HashSet;
@@ -41,7 +44,12 @@ public class Application implements Serializable {
     private Set<ApplicationUsage> applicationUsages = new HashSet<>();
 
     public Application(String manageId, EntityType manageType) {
+        this(manageId, manageType, "https://landingpage.com");
+    }
+
+    public Application(String manageId, EntityType manageType, String landingPage) {
         this.manageId = manageId;
         this.manageType = manageType;
+        this.landingPage = landingPage;
     }
 }
diff --git a/server/src/main/java/access/model/Role.java b/server/src/main/java/access/model/Role.java
@@ -1,5 +1,5 @@
 package access.model;
-
+import com.fasterxml.jackson.annotation.JsonProperty;
 
 import access.provision.scim.GroupURN;
 import com.fasterxml.jackson.annotation.JsonIgnore;
@@ -130,12 +130,14 @@ public List<String> applicationIdentifiers() {
     }
 
     @Transient
+    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
     public Set<Application> getApplications() {
         return applicationUsages.stream()
                 .map(ApplicationUsage::getApplication).collect(Collectors.toSet());
     }
 
     @Transient
+    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
     public Set<Application> getClientApplications() {
         return applications;
     }

diff --git a/server/src/main/java/access/security/UserPermissions.java b/server/src/main/java/access/security/UserPermissions.java
@@ -82,8 +82,7 @@ private static boolean mayInviteByAuthority(Set<UserRole> userRoles, Authority i
                         userRole.getRole().getId().equals(role.getId()));
     }
 
-    public static void assertManagerRole(List<Map<String, Object>> providers, User user) {
-        List<String> manageIdentifiers = providers.stream().map(provider -> (String) provider.get("id")).toList() ;
+    public static void assertManagerRole(List<String> manageIdentifiers, User user) {
         if (user.isSuperUser()) {
             return;
         }

diff --git a/server/src/test/java/access/api/RoleControllerTest.java b/server/src/test/java/access/api/RoleControllerTest.java
@@ -112,21 +112,21 @@ void updateApplications() throws Exception {
         super.stubForDeleteScimRole();
 
         Role roleDB = roleRepository.search("Network", 1).get(0);
-        roleDB.setApplicationUsages(Set.of(
-                new ApplicationUsage(new Application("1", EntityType.SAML20_SP), "https://landingpage.com"),
-                new ApplicationUsage(new Application("4", EntityType.SAML20_SP), "https://landingpage.com"))
+        roleDB.setApplications(Set.of(
+                new Application("1", EntityType.SAML20_SP, "https://landingpage.com"),
+                new Application("4", EntityType.SAML20_SP, "https://landingpage.com"))
         );
-
+        String body = super.objectMapper.writeValueAsString(roleDB);
         Role updated = given()
                 .when()
                 .filter(accessCookieFilter.cookieFilter())
                 .accept(ContentType.JSON)
                 .header(accessCookieFilter.csrfToken().getHeaderName(), accessCookieFilter.csrfToken().getToken())
                 .contentType(ContentType.JSON)
-                .body(roleDB)
+                .body(body)
                 .put("/api/v1/roles")
                 .as(Role.class);
-        assertEquals(2, updated.getApplications().size());
+        assertEquals(2, updated.getClientApplications().size());
     }
 
     @Test

diff --git a/server/src/test/java/access/security/UserPermissionsTest.java b/server/src/test/java/access/security/UserPermissionsTest.java
@@ -112,20 +112,20 @@ void assertInvalidInvitation() {
     void assertManagerRole() {
         String identifier = UUID.randomUUID().toString();
         User user = userWithRole(Authority.MANAGER, identifier);
-        UserPermissions.assertManagerRole(List.of(Map.of("id", identifier)), user);
+        UserPermissions.assertManagerRole(List.of(identifier), user);
     }
 
     @Test
     void assertNotManagerRole() {
         String identifier = UUID.randomUUID().toString();
         User user = userWithRole(Authority.INVITER, identifier);
-        assertThrows(UserRestrictionException.class, () -> UserPermissions.assertManagerRole(List.of(Map.of("id", identifier)), user));
+        assertThrows(UserRestrictionException.class, () -> UserPermissions.assertManagerRole(List.of(identifier), user));
     }
 
     @Test
     void assertManagerRoleNotProvisioning() {
         User user = userWithRole(Authority.MANAGER, "identifier");
-        assertThrows(UserRestrictionException.class, () -> UserPermissions.assertManagerRole(List.of(Map.of("id", "nope")), user));
+        assertThrows(UserRestrictionException.class, () -> UserPermissions.assertManagerRole(List.of("nope"), user));
     }
 
     @Test
@@ -134,7 +134,7 @@ void assertManagerRoleInstitutionAdmin() {
         user.setInstitutionAdmin(true);
         user.setApplications(List.of(Map.of("id", "1")));
 
-        UserPermissions.assertManagerRole(List.of(Map.of("id", "1")), user);
+        UserPermissions.assertManagerRole(List.of("1"), user);
     }
 
     @Test