diff --git a/dataset/src/integrationTest/kotlin/com/cosmotech/dataset/service/DatasetServiceIntegrationTest.kt b/dataset/src/integrationTest/kotlin/com/cosmotech/dataset/service/DatasetServiceIntegrationTest.kt index 303ce8b36..f5ee8cb78 100644 --- a/dataset/src/integrationTest/kotlin/com/cosmotech/dataset/service/DatasetServiceIntegrationTest.kt +++ b/dataset/src/integrationTest/kotlin/com/cosmotech/dataset/service/DatasetServiceIntegrationTest.kt @@ -43,6 +43,7 @@ import com.cosmotech.dataset.repository.DatasetRepository import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationSecurity import com.cosmotech.solution.SolutionApiServiceInterface import com.cosmotech.solution.domain.Solution @@ -122,7 +123,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { lateinit var workspace: Workspace lateinit var unifiedJedis: UnifiedJedis - lateinit var organization: Organization + lateinit var organization: OrganizationCreateRequest lateinit var organizationSaved: Organization lateinit var solutionSaved: Solution lateinit var workspaceSaved: Workspace @@ -153,8 +154,8 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { connectorSaved = connectorApiService.registerConnector(makeConnector()) - organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest() + organizationSaved = organizationApiService.createOrganization(organization) dataset = makeDatasetWithRole() datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) dataset2 = makeDataset() @@ -172,7 +173,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `test Dataset CRUD`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) val registeredDataset2 = datasetApiService.createDataset(organizationSaved.id!!, dataset2) @@ -196,7 +197,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `test Dataset - findByOrganizationIdAndDatasetId`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) logger.info("Fetch dataset...") @@ -209,7 +210,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `test Dataset - findByOrganizationIdAndDatasetId wrong dataset id`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) logger.info("Fetch dataset...") @@ -222,7 +223,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { fun `can delete dataset when user is not the owner and is Platform Admin`() { logger.info("Register dataset : ${dataset.id}...") - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) assertNotNull(datasetSaved) logger.info("Change current user...") @@ -242,7 +243,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { fun `can not delete dataset when user is not the owner and not Platform Admin`() { logger.info("Register dataset : ${dataset.id}...") - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) assertNotNull(datasetSaved) logger.info("Change current user...") @@ -259,7 +260,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { fun `can update dataset owner when user is not the owner and is Platform Admin`() { logger.info("Register dataset : ${dataset.id}...") - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) assertNotNull(datasetSaved) logger.info("Change current user...") @@ -282,7 +283,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { fun `cannot update dataset owner when user is not the owner and is not Platform Admin`() { logger.info("Register dataset : ${dataset.id}...") - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) assertNotNull(datasetSaved) logger.info("Change current user...") @@ -336,7 +337,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `test find All Datasets as Platform Admin`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) val numberOfDatasets = 20 val defaultPageSize = csmPlatformProperties.twincache.dataset.defaultPageSize val expectedPageSize = 15 @@ -368,7 +369,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `test find All Datasets as Organization User`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) val numberOfDatasets = 20 val defaultPageSize = csmPlatformProperties.twincache.dataset.defaultPageSize val expectedSize = 15 @@ -399,7 +400,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `PROD-12947 - test find All Datasets as Organization User`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) // Create a dataset that current user should not see because he does not have permission to val numberOfDatasets = 200 @@ -421,7 +422,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { // Create a dataset that current user should not see because it has been created under another // organization - val newOrganization = organizationApiService.registerOrganization(makeOrganizationWithRole()) + val newOrganization = organizationApiService.createOrganization(makeOrganizationCreateRequest()) val datasetNotReachableByCurrentUserBecausePartOfAnotherOrganization = datasetApiService.createDataset( newOrganization.id!!, makeDatasetWithRole(organizationId = newOrganization.id!!)) @@ -441,7 +442,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `PROD-12947 - test find All Datasets as Platform Admin`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) // Create a dataset that current user should not see because he does not have permission to val numberOfDatasets = 20 @@ -463,7 +464,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { // Create a dataset that current user should not see because it has been created under another // organization - val newOrganization = organizationApiService.registerOrganization(makeOrganizationWithRole()) + val newOrganization = organizationApiService.createOrganization(makeOrganizationCreateRequest()) val datasetNotReachableByCurrentUserBecausePartOfAnotherOrganization = datasetApiService.createDataset( newOrganization.id!!, makeDatasetWithRole(organizationId = newOrganization.id!!)) @@ -479,7 +480,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { } @Test fun `test find All Datasets with wrong pagination params`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetApiService.createDataset(organizationSaved.id!!, dataset) logger.info("Should throw IllegalArgumentException when page and size are zeros") @@ -505,7 +506,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { "loading nodes: Double=2, Single=1, Users=9 & relationships: Double=2, Single=1, Follows=2") val file = this::class.java.getResource("/integrationTest.zip")?.file val resource = ByteArrayResource(File(file!!).readBytes()) - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) dataset = makeDatasetWithRole() datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) datasetApiService.updateDataset( @@ -600,7 +601,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { fun `Twingraph CRUD test`() { logger.info("Create Nodes") - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) val nodeStart = datasetApiService.createTwingraphEntities( @@ -694,7 +695,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `test get security endpoint`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) // should return the current security val datasetSecurity = @@ -704,7 +705,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `test set default security endpoint`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) // should update the default security and assert it worked val datasetDefaultSecurity = @@ -716,7 +717,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `test uploadTwingraph status`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) dataset.apply { sourceType = DatasetSourceType.File } datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) val file = this::class.java.getResource("/integrationTest.zip")?.file @@ -741,7 +742,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `test uploadTwingraph fail set dataset status to error`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) dataset.apply { sourceType = DatasetSourceType.File } datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) val file = this::class.java.getResource("/brokenGraph.zip")?.file @@ -767,7 +768,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `access control list shouldn't contain more than one time each user on creation`() { connectorSaved = connectorApiService.registerConnector(makeConnector()) - organizationSaved = organizationApiService.registerOrganization(makeOrganizationWithRole()) + organizationSaved = organizationApiService.createOrganization(makeOrganizationCreateRequest()) val brokenDataset = Dataset( name = "dataset", @@ -787,7 +788,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `access control list shouldn't contain more than one time each user on ACL addition`() { connectorSaved = connectorApiService.registerConnector(makeConnector()) - organizationSaved = organizationApiService.registerOrganization(makeOrganizationWithRole()) + organizationSaved = organizationApiService.createOrganization(makeOrganizationCreateRequest()) val workingDataset = makeDatasetWithRole("dataset", sourceType = DatasetSourceType.None) val datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, workingDataset) @@ -801,7 +802,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `reupload a twingraph in dataset with source type File`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) dataset.apply { sourceType = DatasetSourceType.File } datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -838,7 +839,7 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `rollback endpoint call should fail if status is not ERROR`() { - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) datasetSaved = @@ -869,8 +870,8 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { @Test fun `status should go back to normal on rollback endpoint call`() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole("organization") - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest("organization") + organizationSaved = organizationApiService.createOrganization(organization) dataset = makeDatasetWithRole(sourceType = DatasetSourceType.File) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -910,8 +911,8 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test RBAC refreshDataset : $sourceType") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole("organization")) + organizationApiService.createOrganization( + makeOrganizationCreateRequest("organization")) val parentDataset = datasetApiService.createDataset( organizationSaved.id!!, makeDatasetWithRole(sourceType = sourceType)) @@ -1092,14 +1093,12 @@ class DatasetServiceIntegrationTest : CsmRedisTestBase() { id = "c-AbCdEf123") } - fun makeOrganizationWithRole( + fun makeOrganizationCreateRequest( userName: String = TEST_USER_MAIL, role: String = ROLE_EDITOR - ): Organization { - return Organization( - id = UUID.randomUUID().toString(), + ): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization NameRbac", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/dataset/src/integrationTest/kotlin/com/cosmotech/dataset/service/DatasetServiceRBACTest.kt b/dataset/src/integrationTest/kotlin/com/cosmotech/dataset/service/DatasetServiceRBACTest.kt index 9ce759909..d7bd7f9f3 100644 --- a/dataset/src/integrationTest/kotlin/com/cosmotech/dataset/service/DatasetServiceRBACTest.kt +++ b/dataset/src/integrationTest/kotlin/com/cosmotech/dataset/service/DatasetServiceRBACTest.kt @@ -45,6 +45,7 @@ import com.cosmotech.dataset.repository.DatasetRepository import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationSecurity import com.ninjasquad.springmockk.SpykBean import com.redis.om.spring.RediSearchIndexer @@ -108,7 +109,7 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { lateinit var retrievedDataset1: Dataset lateinit var jedis: UnifiedJedis - lateinit var organization: Organization + lateinit var organization: OrganizationCreateRequest lateinit var organizationSaved: Organization @BeforeAll @@ -135,7 +136,7 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { connectorSaved = connectorApiService.registerConnector(makeConnector()) - organization = makeOrganization("Organization") + organization = makeOrganizationCreateRequest("Organization") dataset = makeDataset("d-dataset-1", "dataset-1") dataset2 = makeDataset("d-dataset-2", "dataset-2") } @@ -158,8 +159,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC rollbackRefresh : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -197,8 +198,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC rollbackRefresh : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -236,8 +237,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC twingraphBatchUpdate : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -281,8 +282,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC twingraphBatchUpdate : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -333,8 +334,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { "Test Organization RBAC addOrReplaceDatasetCompatibilityElements : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -377,8 +378,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { "Test Dataset RBAC addOrReplaceDatasetCompatibilityElements : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -420,8 +421,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test RBAC createDataset : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole() every { getCurrentAccountIdentifier(any()) } returns TEST_USER_MAIL @@ -455,8 +456,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC createSubDataset : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -496,8 +497,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC createSubDataset : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -543,8 +544,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC createTwingraphEntities : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -588,8 +589,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC createTwingraphEntities : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -639,8 +640,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC deleteDataset : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -676,8 +677,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC deleteDataset : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -713,8 +714,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC deleteTwingraphEntities : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -752,8 +753,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC deleteTwingraphEntities : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -797,8 +798,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test RBAC downloadTwingraph : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole() datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -841,8 +842,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test RBAC findAllDatasets : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole() datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -878,8 +879,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC findDatasetById : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -915,8 +916,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC findDatasetById : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -952,8 +953,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getDatasetTwingraphStatus : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -991,8 +992,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC getDatasetTwingraphStatus : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1030,8 +1031,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getTwingraphEntities : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1069,8 +1070,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC getTwingraphEntities : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1108,8 +1109,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC refreshDataset : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN, sourceType = DatasetSourceType.Twincache) val datasetParentSaved = @@ -1157,8 +1158,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC refreshDataset : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role, sourceType = DatasetSourceType.Twincache) val datasetParentSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1212,8 +1213,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { "Test Organization RBAC removeAllDatasetCompatibilityElements : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1252,8 +1253,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { "Test Dataset RBAC removeAllDatasetCompatibilityElements : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1291,8 +1292,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test RBAC searchDatasets : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole() datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1332,8 +1333,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC twingraphBatchQuery : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1374,8 +1375,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC twingraphBatchQuery : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1416,8 +1417,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC twingraphQuery : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1456,8 +1457,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC twingraphQuery : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1496,8 +1497,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC updateDataset : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1535,8 +1536,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC updateDataset : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1574,8 +1575,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC updateTwingraphEntities : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1613,8 +1614,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC updateTwingraphEntities : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1658,8 +1659,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC uploadTwingraph : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN, sourceType = DatasetSourceType.File) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1700,8 +1701,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC uploadTwingraph : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role, sourceType = DatasetSourceType.File) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) val fileName = this::class.java.getResource("/integrationTest.zip")?.file @@ -1747,8 +1748,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC addDatasetAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1788,8 +1789,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC addDatasetAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1829,8 +1830,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getDatasetAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN, sourceType = DatasetSourceType.None) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1868,8 +1869,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC getDatasetAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1907,8 +1908,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC updateDatasetAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1952,8 +1953,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC updateDatasetAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -1997,8 +1998,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC removeDatasetAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -2036,8 +2037,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC removeDatasetAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -2075,8 +2076,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getDatasetSecurityUsers : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -2114,8 +2115,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC getDatasetSecurityUsers : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() @@ -2153,8 +2154,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getDatasetSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2190,8 +2191,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC getDatasetSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2227,8 +2228,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC setDatasetDefaultSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole(role = role) + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = ROLE_ADMIN) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2265,8 +2266,8 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Dataset RBAC setDatasetDefaultSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole() - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequestWithRole() + organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDatasetWithRole(role = role) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2332,10 +2333,9 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { DatasetAccessControl(id = CONNECTED_ADMIN_USER, role = ROLE_ADMIN)))) } - fun makeOrganization(name: String): Organization { - return Organization( + fun makeOrganizationCreateRequest(name: String): OrganizationCreateRequest { + return OrganizationCreateRequest( name = name, - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_ADMIN, @@ -2344,14 +2344,12 @@ class DatasetServiceRBACTest : CsmRedisTestBase() { OrganizationAccessControl(id = CONNECTED_ADMIN_USER, role = "admin")))) } - fun makeOrganizationWithRole( + fun makeOrganizationCreateRequestWithRole( id: String = TEST_USER_MAIL, role: String = ROLE_ADMIN - ): Organization { - return Organization( - id = UUID.randomUUID().toString(), + ): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization NameRbac", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/dataset/src/test/kotlin/com/cosmotech/dataset/service/DatasetServiceImplTests.kt b/dataset/src/test/kotlin/com/cosmotech/dataset/service/DatasetServiceImplTests.kt index c456d67d7..52206851d 100644 --- a/dataset/src/test/kotlin/com/cosmotech/dataset/service/DatasetServiceImplTests.kt +++ b/dataset/src/test/kotlin/com/cosmotech/dataset/service/DatasetServiceImplTests.kt @@ -12,7 +12,9 @@ import com.cosmotech.api.id.CsmIdGenerator import com.cosmotech.api.rbac.CsmAdmin import com.cosmotech.api.rbac.CsmRbac import com.cosmotech.api.rbac.PERMISSION_CREATE_CHILDREN +import com.cosmotech.api.rbac.ROLE_ADMIN import com.cosmotech.api.rbac.ROLE_NONE +import com.cosmotech.api.rbac.ROLE_VIEWER import com.cosmotech.api.security.ROLE_PLATFORM_ADMIN import com.cosmotech.api.utils.ResourceScanner import com.cosmotech.api.utils.getCurrentAccountIdentifier @@ -27,6 +29,8 @@ import com.cosmotech.dataset.repository.DatasetRepository import com.cosmotech.dataset.utils.toJsonString import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.Organization +import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationSecurity import io.mockk.* import io.mockk.impl.annotations.InjectMockKs import io.mockk.impl.annotations.MockK @@ -103,7 +107,8 @@ class DatasetServiceImplTests { @Test fun `findAllDatasets should return empty list when no dataset exists`() { - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findByOrganizationIdNoSecurity(any(), any()) } returns Page.empty() @@ -114,7 +119,8 @@ class DatasetServiceImplTests { @Test fun `findDatasetById should return the dataset when it exists`() { val dataset = baseDataset() - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) val result = datasetService.findDatasetById(ORGANIZATION_ID, DATASET_ID) assertEquals(dataset, result) @@ -129,7 +135,7 @@ class DatasetServiceImplTests { ) every { organizationService.getVerifiedOrganization(ORGANIZATION_ID, PERMISSION_CREATE_CHILDREN) - } returns Organization() + } returns mockOrganization() every { connectorService.findConnectorById(any()) } returns Connector( key = "key", @@ -152,7 +158,7 @@ class DatasetServiceImplTests { val dataset = baseDataset().copy(name = "") every { organizationService.getVerifiedOrganization(ORGANIZATION_ID, PERMISSION_CREATE_CHILDREN) - } returns Organization() + } returns mockOrganization() every { datasetRepository.save(any()) } returnsArgument 0 assertThrows { datasetService.createDataset(ORGANIZATION_ID, dataset) @@ -164,7 +170,7 @@ class DatasetServiceImplTests { val typeList = listOf(DatasetSourceType.ADT, DatasetSourceType.AzureStorage) every { organizationService.getVerifiedOrganization(ORGANIZATION_ID, PERMISSION_CREATE_CHILDREN) - } returns Organization() + } returns mockOrganization() typeList.forEach { type -> val dataset = baseDataset().copy(sourceType = type, source = null) every { datasetRepository.save(any()) } returnsArgument 0 @@ -190,7 +196,8 @@ class DatasetServiceImplTests { name = "My Sub Dataset", description = "My Sub Dataset description", ) - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { idGenerator.generate("twingraph") } returns SUB_TWINGRAPH_ID every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) every { unifiedJedis.eval(any(), any(), dataset.twingraphId, SUB_TWINGRAPH_ID) } returns Unit @@ -220,7 +227,8 @@ class DatasetServiceImplTests { val dataset = baseDataset().copy(twingraphId = "", ingestionStatus = IngestionStatusEnum.SUCCESS) val subDatasetGraphQuery = SubDatasetGraphQuery() - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) assertThrows { datasetService.createSubDataset(ORGANIZATION_ID, dataset.id!!, subDatasetGraphQuery) @@ -235,7 +243,8 @@ class DatasetServiceImplTests { twingraphId = "twingraphId", sourceType = DatasetSourceType.File, ingestionStatus = IngestionStatusEnum.SUCCESS) - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) val fileName = this::class.java.getResource("/Users.csv")?.file @@ -254,7 +263,8 @@ class DatasetServiceImplTests { twingraphId = "twingraphId", sourceType = DatasetSourceType.File, ingestionStatus = IngestionStatusEnum.SUCCESS) - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) val fileName = this::class.java.getResource("/Users.7z")?.file @@ -275,7 +285,8 @@ class DatasetServiceImplTests { val fileName = this::class.java.getResource("/Graph.zip")?.file val file = File(fileName!!) val resource = ByteArrayResource(file.readBytes()) - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) assertThrows { datasetService.uploadTwingraph(ORGANIZATION_ID, DATASET_ID, resource) @@ -291,7 +302,8 @@ class DatasetServiceImplTests { val fileName = this::class.java.getResource("/Graph.zip")?.file val file = File(fileName!!) val resource = ByteArrayResource(file.readBytes()) - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) assertThrows { datasetService.uploadTwingraph(ORGANIZATION_ID, DATASET_ID, resource) @@ -309,7 +321,8 @@ class DatasetServiceImplTests { val fileName = this::class.java.getResource("/Graph.zip")?.file val file = File(fileName!!) val resource = ByteArrayResource(file.readBytes()) - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) every { unifiedJedis.exists(any()) } returns true every { datasetRepository.save(any()) } returnsArgument 0 @@ -331,7 +344,8 @@ class DatasetServiceImplTests { ingestionStatus = IngestionStatusEnum.NONE, sourceType = DatasetSourceType.File, twingraphId = "twingraphId") - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) every { unifiedJedis.exists(any()) } returns false val result = datasetService.getDatasetTwingraphStatus(ORGANIZATION_ID, DATASET_ID) @@ -346,7 +360,8 @@ class DatasetServiceImplTests { ingestionStatus = IngestionStatusEnum.SUCCESS, sourceType = DatasetSourceType.File, twingraphId = "twingraphId") - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) every { unifiedJedis.exists(any()) } returns true every { datasetRepository.save(any()) } returns mockk() @@ -364,7 +379,8 @@ class DatasetServiceImplTests { source = SourceInfo(location = "test", jobId = "0"), twingraphId = "twingraphId") mockkConstructor(TwingraphImportJobInfoRequest::class) - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { anyConstructed().response } returns "Succeeded" every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) every { unifiedJedis.exists(any()) } returns true @@ -381,7 +397,8 @@ class DatasetServiceImplTests { baseDataset() .copy( sourceType = DatasetSourceType.File, source = SourceInfo("http://storage.location")) - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) assertThrows { datasetService.refreshDataset(ORGANIZATION_ID, DATASET_ID) @@ -397,7 +414,8 @@ class DatasetServiceImplTests { sourceType = DatasetSourceType.ADT, source = SourceInfo("http://storage.location", jobId = "0"), twingraphId = "twingraphId") - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) every { unifiedJedis.exists(any()) } returns true every { datasetRepository.save(any()) } returnsArgument 0 @@ -409,7 +427,8 @@ class DatasetServiceImplTests { @Test fun `deleteDataset should throw CsmResourceNotFoundException when Dataset is not found`() { - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.empty() assertThrows { datasetService.deleteDataset(ORGANIZATION_ID, DATASET_ID) @@ -420,7 +439,8 @@ class DatasetServiceImplTests { fun `deleteDataset do not throw error - rbac is disabled`() { val twingraphIdValue = "mytwingraphId" val dataset = baseDataset().apply { twingraphId = twingraphIdValue } - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) every { datasetRepository.delete(dataset) } returns Unit every { unifiedJedis.exists(twingraphIdValue) } returns true @@ -433,7 +453,8 @@ class DatasetServiceImplTests { @Test fun `deleteDataset should delete Dataset and its twingraph`() { val dataset = baseDataset().copy(twingraphId = "twingraphId") - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) every { getCurrentAuthenticatedRoles(csmPlatformProperties) } returns listOf(ROLE_PLATFORM_ADMIN) @@ -452,7 +473,8 @@ class DatasetServiceImplTests { val graphQuery = "MATCH(n) RETURN n" val twinGraphQuery = DatasetTwinGraphQuery(graphQuery) - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { datasetRepository.save(any()) } returnsArgument 0 every { datasetRepository.findBy(ORGANIZATION_ID, DATASET_ID) } returns Optional.of(dataset) every { csmPlatformProperties.twincache.queryBulkTTL } returns 1000L @@ -473,7 +495,8 @@ class DatasetServiceImplTests { @Test fun `test bulkQueryGraphs as Admin - should call query and set data to Redis`() { every { getCurrentAuthenticatedRoles(any()) } returns listOf("Platform.Admin") - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() val dataset = baseDataset().copy(twingraphId = "graphId", ingestionStatus = IngestionStatusEnum.SUCCESS) val graphQuery = "MATCH(n) RETURN n" @@ -501,7 +524,8 @@ class DatasetServiceImplTests { @Test fun `test bulkQueryGraphs as Admin - should return existing Hash when data found`() { every { getCurrentAuthenticatedRoles(any()) } returns listOf("Platform.Admin") - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() val dataset = baseDataset().copy(twingraphId = "graphId", ingestionStatus = IngestionStatusEnum.SUCCESS) every { datasetRepository.save(any()) } returnsArgument 0 @@ -517,7 +541,8 @@ class DatasetServiceImplTests { @Test fun `test downloadGraph as Admin - should get graph data`() { every { getCurrentAuthenticatedRoles(any()) } returns listOf("Platform.Admin") - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() mockkStatic("org.springframework.web.context.request.RequestContextHolder") every { @@ -538,9 +563,10 @@ class DatasetServiceImplTests { @Test fun `test downloadGraph as Admin - should throw exception if data not found`() { - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { getCurrentAuthenticatedRoles(any()) } returns listOf("Platform.Admin") - every { organizationService.findOrganizationById(any()) } returns mockk() + every { organizationService.getOrganization(any()) } returns mockk() every { unifiedJedis.exists(any()) } returns false assertThrows { @@ -551,7 +577,8 @@ class DatasetServiceImplTests { @Test fun `test downloadGraph as Admin - should throw exception if data expired`() { every { getCurrentAuthenticatedRoles(any()) } returns listOf("Platform.Admin") - every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns Organization() + every { organizationService.getVerifiedOrganization(ORGANIZATION_ID) } returns + mockOrganization() every { unifiedJedis.exists(any()) } returns true every { unifiedJedis.ttl(any()) } returns -1L @@ -571,3 +598,12 @@ class DatasetServiceImplTests { return resultSet } } + +private fun mockOrganization( + name: String = "orgaName", + security: OrganizationSecurity = + OrganizationSecurity( + ROLE_VIEWER, mutableListOf(OrganizationAccessControl(USER_ID, ROLE_ADMIN))) +): Organization { + return Organization(id = "o-123456789", name = name, ownerId = "123456789", security = security) +} diff --git a/doc/.openapi-generator/FILES b/doc/.openapi-generator/FILES index 4c61ad5b3..e3f7bebc8 100644 --- a/doc/.openapi-generator/FILES +++ b/doc/.openapi-generator/FILES @@ -31,8 +31,10 @@ Models/GraphProperties.md Models/IngestionStatusEnum.md Models/Organization.md Models/OrganizationAccessControl.md +Models/OrganizationCreateRequest.md Models/OrganizationRole.md Models/OrganizationSecurity.md +Models/OrganizationUpdateRequest.md Models/QueryResult.md Models/ResourceSizeInfo.md Models/Run.md diff --git a/doc/Apis/OrganizationApi.md b/doc/Apis/OrganizationApi.md index b151b00d6..9dddb8c89 100644 --- a/doc/Apis/OrganizationApi.md +++ b/doc/Apis/OrganizationApi.md @@ -4,25 +4,50 @@ All URIs are relative to *http://localhost* | Method | HTTP request | Description | |------------- | ------------- | -------------| -| [**addOrganizationAccessControl**](OrganizationApi.md#addOrganizationAccessControl) | **POST** /organizations/{organization_id}/security/access | Add a control access to the Organization | -| [**findAllOrganizations**](OrganizationApi.md#findAllOrganizations) | **GET** /organizations | List all Organizations | -| [**findOrganizationById**](OrganizationApi.md#findOrganizationById) | **GET** /organizations/{organization_id} | Get the details of an Organization | -| [**getAllPermissions**](OrganizationApi.md#getAllPermissions) | **GET** /organizations/permissions | Get all permissions per components | +| [**createOrganization**](OrganizationApi.md#createOrganization) | **POST** /organizations | Create a new organization | +| [**createOrganizationAccessControl**](OrganizationApi.md#createOrganizationAccessControl) | **POST** /organizations/{organization_id}/security/access | Add a control access to the Organization | +| [**deleteOrganization**](OrganizationApi.md#deleteOrganization) | **DELETE** /organizations/{organization_id} | Delete an organization | +| [**deleteOrganizationAccessControl**](OrganizationApi.md#deleteOrganizationAccessControl) | **DELETE** /organizations/{organization_id}/security/access/{identity_id} | Remove the specified access from the given Organization | +| [**getOrganization**](OrganizationApi.md#getOrganization) | **GET** /organizations/{organization_id} | Get the details of an Organization | | [**getOrganizationAccessControl**](OrganizationApi.md#getOrganizationAccessControl) | **GET** /organizations/{organization_id}/security/access/{identity_id} | Get a control access for the Organization | | [**getOrganizationPermissions**](OrganizationApi.md#getOrganizationPermissions) | **GET** /organizations/{organization_id}/permissions/{role} | Get the Organization permissions by given role | | [**getOrganizationSecurity**](OrganizationApi.md#getOrganizationSecurity) | **GET** /organizations/{organization_id}/security | Get the Organization security information | -| [**getOrganizationSecurityUsers**](OrganizationApi.md#getOrganizationSecurityUsers) | **GET** /organizations/{organization_id}/security/users | Get the Organization security users list | -| [**registerOrganization**](OrganizationApi.md#registerOrganization) | **POST** /organizations | Register a new organization | -| [**removeOrganizationAccessControl**](OrganizationApi.md#removeOrganizationAccessControl) | **DELETE** /organizations/{organization_id}/security/access/{identity_id} | Remove the specified access from the given Organization | -| [**setOrganizationDefaultSecurity**](OrganizationApi.md#setOrganizationDefaultSecurity) | **POST** /organizations/{organization_id}/security/default | Set the Organization default security | -| [**unregisterOrganization**](OrganizationApi.md#unregisterOrganization) | **DELETE** /organizations/{organization_id} | Unregister an organization | +| [**listOrganizationSecurityUsers**](OrganizationApi.md#listOrganizationSecurityUsers) | **GET** /organizations/{organization_id}/security/users | Get the Organization security users list | +| [**listOrganizations**](OrganizationApi.md#listOrganizations) | **GET** /organizations | List all Organizations | +| [**listPermissions**](OrganizationApi.md#listPermissions) | **GET** /organizations/permissions | Get all permissions per components | | [**updateOrganization**](OrganizationApi.md#updateOrganization) | **PATCH** /organizations/{organization_id} | Update an Organization | | [**updateOrganizationAccessControl**](OrganizationApi.md#updateOrganizationAccessControl) | **PATCH** /organizations/{organization_id}/security/access/{identity_id} | Update the specified access to User for an Organization | +| [**updateOrganizationDefaultSecurity**](OrganizationApi.md#updateOrganizationDefaultSecurity) | **POST** /organizations/{organization_id}/security/default | Update the Organization default security | - -# **addOrganizationAccessControl** -> OrganizationAccessControl addOrganizationAccessControl(organization\_id, OrganizationAccessControl) + +# **createOrganization** +> Organization createOrganization(OrganizationCreateRequest) + +Create a new organization + +### Parameters + +|Name | Type | Description | Notes | +|------------- | ------------- | ------------- | -------------| +| **OrganizationCreateRequest** | [**OrganizationCreateRequest**](../Models/OrganizationCreateRequest.md)| the Organization to create | | + +### Return type + +[**Organization**](../Models/Organization.md) + +### Authorization + +[oAuth2AuthCode](../README.md#oAuth2AuthCode) + +### HTTP request headers + +- **Content-Type**: application/json, application/yaml +- **Accept**: application/json + + +# **createOrganizationAccessControl** +> OrganizationAccessControl createOrganizationAccessControl(organization\_id, OrganizationAccessControl) Add a control access to the Organization @@ -46,22 +71,21 @@ Add a control access to the Organization - **Content-Type**: application/json, application/yaml - **Accept**: application/json - -# **findAllOrganizations** -> List findAllOrganizations(page, size) + +# **deleteOrganization** +> deleteOrganization(organization\_id) -List all Organizations +Delete an organization ### Parameters |Name | Type | Description | Notes | |------------- | ------------- | ------------- | -------------| -| **page** | **Integer**| page number to query (first page is at index 0) | [optional] [default to null] | -| **size** | **Integer**| amount of result by page | [optional] [default to null] | +| **organization\_id** | **String**| the Organization identifier | [default to null] | ### Return type -[**List**](../Models/Organization.md) +null (empty response body) ### Authorization @@ -70,23 +94,24 @@ List all Organizations ### HTTP request headers - **Content-Type**: Not defined -- **Accept**: application/json +- **Accept**: Not defined - -# **findOrganizationById** -> Organization findOrganizationById(organization\_id) + +# **deleteOrganizationAccessControl** +> deleteOrganizationAccessControl(organization\_id, identity\_id) -Get the details of an Organization +Remove the specified access from the given Organization ### Parameters |Name | Type | Description | Notes | |------------- | ------------- | ------------- | -------------| | **organization\_id** | **String**| the Organization identifier | [default to null] | +| **identity\_id** | **String**| the User identifier | [default to null] | ### Return type -[**Organization**](../Models/Organization.md) +null (empty response body) ### Authorization @@ -95,20 +120,23 @@ Get the details of an Organization ### HTTP request headers - **Content-Type**: Not defined -- **Accept**: application/json +- **Accept**: Not defined - -# **getAllPermissions** -> List getAllPermissions() + +# **getOrganization** +> Organization getOrganization(organization\_id) -Get all permissions per components +Get the details of an Organization ### Parameters -This endpoint does not need any parameter. + +|Name | Type | Description | Notes | +|------------- | ------------- | ------------- | -------------| +| **organization\_id** | **String**| the Organization identifier | [default to null] | ### Return type -[**List**](../Models/ComponentRolePermissions.md) +[**Organization**](../Models/Organization.md) ### Authorization @@ -196,9 +224,9 @@ Get the Organization security information - **Content-Type**: Not defined - **Accept**: application/json - -# **getOrganizationSecurityUsers** -> List getOrganizationSecurityUsers(organization\_id) + +# **listOrganizationSecurityUsers** +> List listOrganizationSecurityUsers(organization\_id) Get the Organization security users list @@ -221,21 +249,22 @@ Get the Organization security users list - **Content-Type**: Not defined - **Accept**: application/json - -# **registerOrganization** -> Organization registerOrganization(Organization) + +# **listOrganizations** +> List listOrganizations(page, size) -Register a new organization +List all Organizations ### Parameters |Name | Type | Description | Notes | |------------- | ------------- | ------------- | -------------| -| **Organization** | [**Organization**](../Models/Organization.md)| the Organization to register | | +| **page** | **Integer**| page number to query (first page is at index 0) | [optional] [default to null] | +| **size** | **Integer**| amount of result by page | [optional] [default to null] | ### Return type -[**Organization**](../Models/Organization.md) +[**List**](../Models/Organization.md) ### Authorization @@ -243,25 +272,21 @@ Register a new organization ### HTTP request headers -- **Content-Type**: application/json, application/yaml +- **Content-Type**: Not defined - **Accept**: application/json - -# **removeOrganizationAccessControl** -> removeOrganizationAccessControl(organization\_id, identity\_id) + +# **listPermissions** +> List listPermissions() -Remove the specified access from the given Organization +Get all permissions per components ### Parameters - -|Name | Type | Description | Notes | -|------------- | ------------- | ------------- | -------------| -| **organization\_id** | **String**| the Organization identifier | [default to null] | -| **identity\_id** | **String**| the User identifier | [default to null] | +This endpoint does not need any parameter. ### Return type -null (empty response body) +[**List**](../Models/ComponentRolePermissions.md) ### Authorization @@ -270,24 +295,24 @@ null (empty response body) ### HTTP request headers - **Content-Type**: Not defined -- **Accept**: Not defined +- **Accept**: application/json - -# **setOrganizationDefaultSecurity** -> OrganizationSecurity setOrganizationDefaultSecurity(organization\_id, OrganizationRole) + +# **updateOrganization** +> Organization updateOrganization(organization\_id, OrganizationUpdateRequest) -Set the Organization default security +Update an Organization ### Parameters |Name | Type | Description | Notes | |------------- | ------------- | ------------- | -------------| | **organization\_id** | **String**| the Organization identifier | [default to null] | -| **OrganizationRole** | [**OrganizationRole**](../Models/OrganizationRole.md)| This change the organization default security. The default security is the role assigned to any person not on the Access Control List. If the default security is None, then nobody outside of the ACL can access the organization. | | +| **OrganizationUpdateRequest** | [**OrganizationUpdateRequest**](../Models/OrganizationUpdateRequest.md)| the new Organization details. This endpoint can't be used to update security | | ### Return type -[**OrganizationSecurity**](../Models/OrganizationSecurity.md) +[**Organization**](../Models/Organization.md) ### Authorization @@ -298,47 +323,23 @@ Set the Organization default security - **Content-Type**: application/json, application/yaml - **Accept**: application/json - -# **unregisterOrganization** -> unregisterOrganization(organization\_id) - -Unregister an organization - -### Parameters - -|Name | Type | Description | Notes | -|------------- | ------------- | ------------- | -------------| -| **organization\_id** | **String**| the Organization identifier | [default to null] | - -### Return type - -null (empty response body) - -### Authorization - -[oAuth2AuthCode](../README.md#oAuth2AuthCode) - -### HTTP request headers - -- **Content-Type**: Not defined -- **Accept**: Not defined - - -# **updateOrganization** -> Organization updateOrganization(organization\_id, Organization) + +# **updateOrganizationAccessControl** +> OrganizationAccessControl updateOrganizationAccessControl(organization\_id, identity\_id, OrganizationRole) -Update an Organization +Update the specified access to User for an Organization ### Parameters |Name | Type | Description | Notes | |------------- | ------------- | ------------- | -------------| | **organization\_id** | **String**| the Organization identifier | [default to null] | -| **Organization** | [**Organization**](../Models/Organization.md)| the new Organization details. This endpoint can't be used to update security | | +| **identity\_id** | **String**| the User identifier | [default to null] | +| **OrganizationRole** | [**OrganizationRole**](../Models/OrganizationRole.md)| The new Organization Access Control | | ### Return type -[**Organization**](../Models/Organization.md) +[**OrganizationAccessControl**](../Models/OrganizationAccessControl.md) ### Authorization @@ -346,26 +347,25 @@ Update an Organization ### HTTP request headers -- **Content-Type**: application/json, application/yaml +- **Content-Type**: application/json - **Accept**: application/json - -# **updateOrganizationAccessControl** -> OrganizationAccessControl updateOrganizationAccessControl(organization\_id, identity\_id, OrganizationRole) + +# **updateOrganizationDefaultSecurity** +> OrganizationSecurity updateOrganizationDefaultSecurity(organization\_id, OrganizationRole) -Update the specified access to User for an Organization +Update the Organization default security ### Parameters |Name | Type | Description | Notes | |------------- | ------------- | ------------- | -------------| | **organization\_id** | **String**| the Organization identifier | [default to null] | -| **identity\_id** | **String**| the User identifier | [default to null] | -| **OrganizationRole** | [**OrganizationRole**](../Models/OrganizationRole.md)| The new Organization Access Control | | +| **OrganizationRole** | [**OrganizationRole**](../Models/OrganizationRole.md)| This change the organization default security. The default security is the role assigned to any person not on the Access Control List. If the default security is None, then nobody outside of the ACL can access the organization. | | ### Return type -[**OrganizationAccessControl**](../Models/OrganizationAccessControl.md) +[**OrganizationSecurity**](../Models/OrganizationSecurity.md) ### Authorization @@ -373,6 +373,6 @@ Update the specified access to User for an Organization ### HTTP request headers -- **Content-Type**: application/json +- **Content-Type**: application/json, application/yaml - **Accept**: application/json diff --git a/doc/Models/OrganizationAccessControlRequest.md b/doc/Models/OrganizationAccessControlRequest.md new file mode 100644 index 000000000..b4f5e174e --- /dev/null +++ b/doc/Models/OrganizationAccessControlRequest.md @@ -0,0 +1,10 @@ +# OrganizationAccessControlRequest +## Properties + +| Name | Type | Description | Notes | +|------------ | ------------- | ------------- | -------------| +| **id** | **String** | the identity id | [default to null] | +| **role** | **String** | a role | [default to null] | + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + diff --git a/doc/Models/OrganizationAccessControlResponse.md b/doc/Models/OrganizationAccessControlResponse.md new file mode 100644 index 000000000..ffe72224c --- /dev/null +++ b/doc/Models/OrganizationAccessControlResponse.md @@ -0,0 +1,10 @@ +# OrganizationAccessControlResponse +## Properties + +| Name | Type | Description | Notes | +|------------ | ------------- | ------------- | -------------| +| **id** | **String** | the identity id | [default to null] | +| **role** | **String** | a role | [default to null] | + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + diff --git a/doc/Models/OrganizationCreateRequest.md b/doc/Models/OrganizationCreateRequest.md new file mode 100644 index 000000000..aaaa9e313 --- /dev/null +++ b/doc/Models/OrganizationCreateRequest.md @@ -0,0 +1,10 @@ +# OrganizationCreateRequest +## Properties + +| Name | Type | Description | Notes | +|------------ | ------------- | ------------- | -------------| +| **name** | **String** | the Organization name | [default to null] | +| **security** | [**OrganizationSecurity**](OrganizationSecurity.md) | | [optional] [default to null] | + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + diff --git a/doc/Models/OrganizationCreationRequest.md b/doc/Models/OrganizationCreationRequest.md new file mode 100644 index 000000000..0254159a4 --- /dev/null +++ b/doc/Models/OrganizationCreationRequest.md @@ -0,0 +1,10 @@ +# OrganizationCreationRequest +## Properties + +| Name | Type | Description | Notes | +|------------ | ------------- | ------------- | -------------| +| **name** | **String** | the Organization name | [default to null] | +| **security** | [**OrganizationSecurity**](OrganizationSecurity.md) | | [optional] [default to null] | + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + diff --git a/doc/Models/OrganizationRoleRequest.md b/doc/Models/OrganizationRoleRequest.md new file mode 100644 index 000000000..ae20e2a1a --- /dev/null +++ b/doc/Models/OrganizationRoleRequest.md @@ -0,0 +1,9 @@ +# OrganizationRoleRequest +## Properties + +| Name | Type | Description | Notes | +|------------ | ------------- | ------------- | -------------| +| **role** | **String** | the Organization Role | [default to null] | + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + diff --git a/doc/Models/OrganizationSecurityRequest.md b/doc/Models/OrganizationSecurityRequest.md new file mode 100644 index 000000000..2e174afc6 --- /dev/null +++ b/doc/Models/OrganizationSecurityRequest.md @@ -0,0 +1,10 @@ +# OrganizationSecurityRequest +## Properties + +| Name | Type | Description | Notes | +|------------ | ------------- | ------------- | -------------| +| **default** | **String** | the role by default | [optional] [default to null] | +| **accessControlList** | [**List**](OrganizationAccessControlRequest.md) | the list which can access this Organization with detailed access control information | [optional] [default to null] | + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + diff --git a/doc/Models/OrganizationSecurityResponse.md b/doc/Models/OrganizationSecurityResponse.md new file mode 100644 index 000000000..e1db7beb2 --- /dev/null +++ b/doc/Models/OrganizationSecurityResponse.md @@ -0,0 +1,10 @@ +# OrganizationSecurityResponse +## Properties + +| Name | Type | Description | Notes | +|------------ | ------------- | ------------- | -------------| +| **default** | **String** | the role by default | [default to null] | +| **accessControlList** | [**List**](OrganizationAccessControlResponse.md) | the list which can access this Organization with detailed access control information | [default to null] | + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + diff --git a/doc/Models/OrganizationUpdateRequest.md b/doc/Models/OrganizationUpdateRequest.md new file mode 100644 index 000000000..e5c111b2d --- /dev/null +++ b/doc/Models/OrganizationUpdateRequest.md @@ -0,0 +1,9 @@ +# OrganizationUpdateRequest +## Properties + +| Name | Type | Description | Notes | +|------------ | ------------- | ------------- | -------------| +| **name** | **String** | the Organization name | [optional] [default to null] | + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + diff --git a/doc/Models/UpdateOrganizationRequest.md b/doc/Models/UpdateOrganizationRequest.md new file mode 100644 index 000000000..24f918b4c --- /dev/null +++ b/doc/Models/UpdateOrganizationRequest.md @@ -0,0 +1,9 @@ +# UpdateOrganizationRequest +## Properties + +| Name | Type | Description | Notes | +|------------ | ------------- | ------------- | -------------| +| **name** | **String** | the Organization name | [optional] [default to null] | + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + diff --git a/doc/README.md b/doc/README.md index fa925ac3a..466702ef1 100644 --- a/doc/README.md +++ b/doc/README.md @@ -42,20 +42,20 @@ All URIs are relative to *http://localhost* *DatasetApi* | [**updateDatasetAccessControl**](Apis/DatasetApi.md#updatedatasetaccesscontrol) | **PATCH** /organizations/{organization_id}/datasets/{dataset_id}/security/access/{identity_id} | Update the specified access to User for a Dataset | *DatasetApi* | [**updateTwingraphEntities**](Apis/DatasetApi.md#updatetwingraphentities) | **PATCH** /organizations/{organization_id}/datasets/{dataset_id}/twingraph/{type} | Update entities in a graph instance | *DatasetApi* | [**uploadTwingraph**](Apis/DatasetApi.md#uploadtwingraph) | **POST** /organizations/{organization_id}/datasets/{dataset_id} | Upload data from zip file to dataset's twingraph | -| *OrganizationApi* | [**addOrganizationAccessControl**](Apis/OrganizationApi.md#addorganizationaccesscontrol) | **POST** /organizations/{organization_id}/security/access | Add a control access to the Organization | -*OrganizationApi* | [**findAllOrganizations**](Apis/OrganizationApi.md#findallorganizations) | **GET** /organizations | List all Organizations | -*OrganizationApi* | [**findOrganizationById**](Apis/OrganizationApi.md#findorganizationbyid) | **GET** /organizations/{organization_id} | Get the details of an Organization | -*OrganizationApi* | [**getAllPermissions**](Apis/OrganizationApi.md#getallpermissions) | **GET** /organizations/permissions | Get all permissions per components | +| *OrganizationApi* | [**createOrganization**](Apis/OrganizationApi.md#createorganization) | **POST** /organizations | Create a new organization | +*OrganizationApi* | [**createOrganizationAccessControl**](Apis/OrganizationApi.md#createorganizationaccesscontrol) | **POST** /organizations/{organization_id}/security/access | Add a control access to the Organization | +*OrganizationApi* | [**deleteOrganization**](Apis/OrganizationApi.md#deleteorganization) | **DELETE** /organizations/{organization_id} | Delete an organization | +*OrganizationApi* | [**deleteOrganizationAccessControl**](Apis/OrganizationApi.md#deleteorganizationaccesscontrol) | **DELETE** /organizations/{organization_id}/security/access/{identity_id} | Remove the specified access from the given Organization | +*OrganizationApi* | [**getOrganization**](Apis/OrganizationApi.md#getorganization) | **GET** /organizations/{organization_id} | Get the details of an Organization | *OrganizationApi* | [**getOrganizationAccessControl**](Apis/OrganizationApi.md#getorganizationaccesscontrol) | **GET** /organizations/{organization_id}/security/access/{identity_id} | Get a control access for the Organization | *OrganizationApi* | [**getOrganizationPermissions**](Apis/OrganizationApi.md#getorganizationpermissions) | **GET** /organizations/{organization_id}/permissions/{role} | Get the Organization permissions by given role | *OrganizationApi* | [**getOrganizationSecurity**](Apis/OrganizationApi.md#getorganizationsecurity) | **GET** /organizations/{organization_id}/security | Get the Organization security information | -*OrganizationApi* | [**getOrganizationSecurityUsers**](Apis/OrganizationApi.md#getorganizationsecurityusers) | **GET** /organizations/{organization_id}/security/users | Get the Organization security users list | -*OrganizationApi* | [**registerOrganization**](Apis/OrganizationApi.md#registerorganization) | **POST** /organizations | Register a new organization | -*OrganizationApi* | [**removeOrganizationAccessControl**](Apis/OrganizationApi.md#removeorganizationaccesscontrol) | **DELETE** /organizations/{organization_id}/security/access/{identity_id} | Remove the specified access from the given Organization | -*OrganizationApi* | [**setOrganizationDefaultSecurity**](Apis/OrganizationApi.md#setorganizationdefaultsecurity) | **POST** /organizations/{organization_id}/security/default | Set the Organization default security | -*OrganizationApi* | [**unregisterOrganization**](Apis/OrganizationApi.md#unregisterorganization) | **DELETE** /organizations/{organization_id} | Unregister an organization | +*OrganizationApi* | [**listOrganizationSecurityUsers**](Apis/OrganizationApi.md#listorganizationsecurityusers) | **GET** /organizations/{organization_id}/security/users | Get the Organization security users list | +*OrganizationApi* | [**listOrganizations**](Apis/OrganizationApi.md#listorganizations) | **GET** /organizations | List all Organizations | +*OrganizationApi* | [**listPermissions**](Apis/OrganizationApi.md#listpermissions) | **GET** /organizations/permissions | Get all permissions per components | *OrganizationApi* | [**updateOrganization**](Apis/OrganizationApi.md#updateorganization) | **PATCH** /organizations/{organization_id} | Update an Organization | *OrganizationApi* | [**updateOrganizationAccessControl**](Apis/OrganizationApi.md#updateorganizationaccesscontrol) | **PATCH** /organizations/{organization_id}/security/access/{identity_id} | Update the specified access to User for an Organization | +*OrganizationApi* | [**updateOrganizationDefaultSecurity**](Apis/OrganizationApi.md#updateorganizationdefaultsecurity) | **POST** /organizations/{organization_id}/security/default | Update the Organization default security | | *RunApi* | [**deleteRun**](Apis/RunApi.md#deleterun) | **DELETE** /organizations/{organization_id}/workspaces/{workspace_id}/runners/{runner_id}/runs/{run_id} | Delete a run | *RunApi* | [**getRun**](Apis/RunApi.md#getrun) | **GET** /organizations/{organization_id}/workspaces/{workspace_id}/runners/{runner_id}/runs/{run_id} | Get the details of a run | *RunApi* | [**getRunLogs**](Apis/RunApi.md#getrunlogs) | **GET** /organizations/{organization_id}/workspaces/{workspace_id}/runners/{runner_id}/runs/{run_id}/logs | get the logs for the Run | @@ -149,8 +149,10 @@ All URIs are relative to *http://localhost* - [IngestionStatusEnum](./Models/IngestionStatusEnum.md) - [Organization](./Models/Organization.md) - [OrganizationAccessControl](./Models/OrganizationAccessControl.md) + - [OrganizationCreateRequest](./Models/OrganizationCreateRequest.md) - [OrganizationRole](./Models/OrganizationRole.md) - [OrganizationSecurity](./Models/OrganizationSecurity.md) + - [OrganizationUpdateRequest](./Models/OrganizationUpdateRequest.md) - [QueryResult](./Models/QueryResult.md) - [ResourceSizeInfo](./Models/ResourceSizeInfo.md) - [Run](./Models/Run.md) diff --git a/openapi/plantuml/schemas.plantuml b/openapi/plantuml/schemas.plantuml index f3584f58a..f0560e5bf 100644 --- a/openapi/plantuml/schemas.plantuml +++ b/openapi/plantuml/schemas.plantuml @@ -172,6 +172,11 @@ entity OrganizationAccessControl { * role: String } +entity OrganizationCreateRequest { + * name: String + security: OrganizationSecurity +} + entity OrganizationRole { * role: String } @@ -181,6 +186,10 @@ entity OrganizationSecurity { * accessControlList: List } +entity OrganizationUpdateRequest { + name: String +} + entity QueryResult { result: List } @@ -538,6 +547,7 @@ RunLogs -- "0..*" RunLogsEntry : logs WorkspaceSecurity -- "0..*" WorkspaceAccessControl : accessControlList ConnectorParameterGroup -- "0..*" ConnectorParameter : parameters RunContainer -- ContainerResourceSizing : runSizing +OrganizationCreateRequest -- OrganizationSecurity : security Connector -- "0..*" ConnectorParameterGroup : parameterGroups Runner -- RunnerResourceSizing : runSizing Runner -- "0..*" RunnerRunTemplateParameterValue : parametersValues diff --git a/organization/src/integrationTest/kotlin/com/cosmotech/organization/service/OrganizationServiceIntegrationTest.kt b/organization/src/integrationTest/kotlin/com/cosmotech/organization/service/OrganizationServiceIntegrationTest.kt index 5f2c73fb1..319ab87d4 100644 --- a/organization/src/integrationTest/kotlin/com/cosmotech/organization/service/OrganizationServiceIntegrationTest.kt +++ b/organization/src/integrationTest/kotlin/com/cosmotech/organization/service/OrganizationServiceIntegrationTest.kt @@ -31,8 +31,10 @@ import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.ComponentRolePermissions import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationRole import com.cosmotech.organization.domain.OrganizationSecurity +import com.cosmotech.organization.domain.OrganizationUpdateRequest import com.redis.om.spring.RediSearchIndexer import io.mockk.every import io.mockk.junit5.MockKExtension @@ -104,20 +106,20 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `findAllOrganizations with correct values`() { + fun `listOrganizations with correct values`() { val numberOfOrganizationToCreate = 20 val defaultPageSize = csmPlatformProperties.twincache.organization.defaultPageSize batchOrganizationCreation(numberOfOrganizationToCreate) - testFindAllOrganizations(null, null, numberOfOrganizationToCreate) - testFindAllOrganizations(0, null, defaultPageSize) - testFindAllOrganizations(0, 10, 10) - testFindAllOrganizations(1, 200, 0) - testFindAllOrganizations(1, 15, 5) + testlistOrganizations(null, null, numberOfOrganizationToCreate) + testlistOrganizations(0, null, defaultPageSize) + testlistOrganizations(0, 10, 10) + testlistOrganizations(1, 200, 0) + testlistOrganizations(1, 15, 5) } @Test - fun `findAllOrganizations with correct values and RBAC for current user`() { + fun `listOrganizations with correct values and RBAC for current user`() { runAsDifferentOrganizationUser() val numberOfOrganizationCreated = createOrganizationsWithAllCombinationOfRole(TEST_USER_ID) @@ -130,7 +132,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `findAllOrganizations with correct values and no RBAC for current user`() { + fun `listOrganizations with correct values and no RBAC for current user`() { runAsDifferentOrganizationUser() val numberOfOrganizationCreated = createOrganizationsWithAllCombinationOfRole(OTHER_TEST_USER_ID) @@ -146,50 +148,51 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `findAllOrganizations with wrong values`() { - testFindAllOrganizationsWithWrongValues() + fun `listOrganizations with wrong values`() { + testlistOrganizationsWithWrongValues() } @Test - fun `findOrganizationById as resource admin`() { + fun `getOrganization as resource admin`() { val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization("o-connector-test-1")) - assertNotNull(organizationApiService.findOrganizationById(organizationRegistered.id!!)) + organizationApiService.createOrganization( + makeSimpleOrganizationCreateRequest("o-connector-test-1")) + assertNotNull(organizationApiService.getOrganization(organizationRegistered.id!!)) } @Test - fun `findOrganizationById as not resource admin`() { - testFindOrganizationByIdAsNotOwner(false, null, null, null, true) { runAsOrganizationUser() } + fun `getOrganization as not resource admin`() { + testgetOrganizationAsNotOwner(false, null, null, null, true) { runAsOrganizationUser() } } @Test - fun `findOrganizationById as not resource admin but with READ role`() { - testFindOrganizationByIdAsNotOwner(true, TEST_USER_ID, ROLE_NONE, ROLE_USER, false) { + fun `getOrganization as not resource admin but with READ role`() { + testgetOrganizationAsNotOwner(true, TEST_USER_ID, ROLE_NONE, ROLE_USER, false) { runAsOrganizationUser() } } @Test - fun `findOrganizationById as not resource admin but with WRITE role`() { - testFindOrganizationByIdAsNotOwner(true, TEST_USER_ID, ROLE_NONE, ROLE_EDITOR, false) { + fun `getOrganization as not resource admin but with WRITE role`() { + testgetOrganizationAsNotOwner(true, TEST_USER_ID, ROLE_NONE, ROLE_EDITOR, false) { runAsOrganizationUser() } } @Test - fun `findOrganizationById as not resource admin but with NONE role`() { - testFindOrganizationByIdAsNotOwner(true, TEST_USER_ID, ROLE_NONE, ROLE_NONE, true) { + fun `getOrganization as not resource admin but with NONE role`() { + testgetOrganizationAsNotOwner(true, TEST_USER_ID, ROLE_NONE, ROLE_NONE, true) { runAsOrganizationUser() } } @Test - fun `registerOrganization with minimal values`() { + fun `createOrganization with minimal values`() { assertDoesNotThrow { val name = "o-connector-test-1" - val organizationToRegister = createTestOrganization(name) + val organizationToRegister = makeSimpleOrganizationCreateRequest(name) val organizationRegistered = - organizationApiService.registerOrganization(organizationToRegister) + organizationApiService.createOrganization(organizationToRegister) assertEquals( OrganizationSecurity( default = ROLE_NONE, @@ -201,27 +204,21 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `registerOrganization without required organization name`() { + fun `createOrganization without required organization name`() { assertThrows { - organizationApiService.registerOrganization(createTestOrganization("")) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest("")) } } @Test - fun `registerOrganization with null required organization name`() { - assertThrows { - organizationApiService.registerOrganization(Organization(name = null)) - } - } - - @Test - fun `registerOrganization with security values`() { + fun `createOrganization with security values`() { assertDoesNotThrow { val name = "o-connector-test-1" val organizationToRegister = - createTestOrganizationWithSimpleSecurity(name, OTHER_TEST_USER_ID, ROLE_USER, ROLE_NONE) + makeOrganizationCreateRequestWithSimpleSecurity( + name, OTHER_TEST_USER_ID, ROLE_USER, ROLE_NONE) val organizationRegistered = - organizationApiService.registerOrganization(organizationToRegister) + organizationApiService.createOrganization(organizationToRegister) assertEquals( OrganizationSecurity( default = ROLE_USER, @@ -235,47 +232,48 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `unregisterOrganization as resource admin`() { + fun `deleteOrganization as resource admin`() { assertDoesNotThrow { val name = "o-connector-test-1" - val organizationToRegister = createTestOrganization(name) + val organizationToRegister = makeSimpleOrganizationCreateRequest(name) val organizationRegistered = - organizationApiService.registerOrganization(organizationToRegister) - organizationApiService.unregisterOrganization(organizationRegistered.id!!) + organizationApiService.createOrganization(organizationToRegister) + organizationApiService.deleteOrganization(organizationRegistered.id!!) } } @Test - fun `unregisterOrganization unexisting organization `() { + fun `deleteOrganization unexisting organization `() { assertThrows { - organizationApiService.unregisterOrganization("o-connector-test-1") + organizationApiService.deleteOrganization("o-connector-test-1") } } @Test - fun `unregisterOrganization no DELETE permission `() { + fun `deleteOrganization no DELETE permission `() { assertThrows { val name = "o-connector-test-1" val organizationToRegister = - createTestOrganizationWithSimpleSecurity( + makeOrganizationCreateRequestWithSimpleSecurity( name, OTHER_TEST_USER_ID, ROLE_USER, ROLE_ADMIN) val organizationRegistered = - organizationApiService.registerOrganization(organizationToRegister) - organizationApiService.unregisterOrganization(organizationRegistered.id!!) + organizationApiService.createOrganization(organizationToRegister) + organizationApiService.deleteOrganization(organizationRegistered.id!!) } } @Test - fun `unregisterOrganization not as resource admin but DELETE permission `() { + fun `deleteOrganization not as resource admin but DELETE permission `() { assertDoesNotThrow { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationToRegister = - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_ADMIN) + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_ADMIN) val organizationRegistered = - organizationApiService.registerOrganization(organizationToRegister) + organizationApiService.createOrganization(organizationToRegister) runAsOrganizationUser() - organizationApiService.unregisterOrganization(organizationRegistered.id!!) + organizationApiService.deleteOrganization(organizationRegistered.id!!) } } @@ -284,40 +282,15 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertDoesNotThrow { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) organizationRegistered.name = "my-new-name" organizationApiService.updateOrganization( - organizationRegistered.id!!, organizationRegistered) + organizationRegistered.id!!, OrganizationUpdateRequest(organizationRegistered.name)) assertEquals( organizationRegistered, - organizationApiService.findOrganizationById(organizationRegistered.id!!)) - } - } - - @Test - fun `updateOrganization as resource admin, organization security`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - - organizationRegistered.security = - OrganizationSecurity( - default = ROLE_NONE, - mutableListOf(OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_USER))) - - organizationApiService.updateOrganization( - organizationRegistered.id!!, organizationRegistered) - - // Organization Security cannot be updated via updateOrganization endpoint - // setOrganizationDefaultSecurity or - // addOrganizationAccessControl/updateOrganizationAccessControl/removeOrganizationAccessControl - // Should be used instead - assertNotEquals( - organizationRegistered, - organizationApiService.findOrganizationById(organizationRegistered.id!!)) + organizationApiService.getOrganization(organizationRegistered.id!!)) } } @@ -327,19 +300,19 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( name, TEST_USER_ID, ROLE_NONE, ROLE_EDITOR)) runAsOrganizationUser() organizationRegistered.name = "my-new-name" organizationApiService.updateOrganization( - organizationRegistered.id!!, organizationRegistered) + organizationRegistered.id!!, OrganizationUpdateRequest(organizationRegistered.name)) assertEquals( organizationRegistered, - organizationApiService.findOrganizationById(organizationRegistered.id!!)) + organizationApiService.getOrganization(organizationRegistered.id!!)) } } @@ -349,15 +322,15 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) runAsOrganizationUser() organizationApiService.updateOrganization( - organizationRegistered.id!!, organizationRegistered) + organizationRegistered.id!!, OrganizationUpdateRequest("name")) } } @Test - fun getAllPermissions() { + fun listPermissions() { val mapAllPermissions = listOf( ComponentRolePermissions( @@ -438,7 +411,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { PERMISSION_WRITE_SECURITY, PERMISSION_DELETE), ))) - assertEquals(mapAllPermissions, organizationApiService.getAllPermissions()) + assertEquals(mapAllPermissions, organizationApiService.listPermissions()) } @Test @@ -446,7 +419,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertDoesNotThrow { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) var organizationUserPermissions = organizationApiService.getOrganizationPermissions( organizationRegistered.id!!, ROLE_VIEWER) @@ -492,8 +465,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) runAsOrganizationUser() var organizationUserPermissions = organizationApiService.getOrganizationPermissions( @@ -540,7 +514,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) runAsOrganizationUser() organizationApiService.getOrganizationPermissions(organizationRegistered.id!!, ROLE_VIEWER) } @@ -551,7 +525,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertDoesNotThrow { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) assertNotNull(organizationApiService.getOrganizationSecurity(organizationRegistered.id!!)) } } @@ -569,8 +543,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) runAsOrganizationUser() assertNotNull(organizationApiService.getOrganizationSecurity(organizationRegistered.id!!)) } @@ -582,22 +557,23 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) runAsOrganizationUser() organizationApiService.getOrganizationSecurity(organizationRegistered.id!!) } } @Test - fun `setOrganizationDefaultSecurity as resource admin and existing role`() { + fun `updateOrganizationDefaultSecurity as resource admin and existing role`() { assertDoesNotThrow { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) val defaultRoleCreated = organizationRegistered.security?.default assertNotNull( - organizationApiService.setOrganizationDefaultSecurity( + organizationApiService.updateOrganizationDefaultSecurity( organizationRegistered.id!!, OrganizationRole(ROLE_ADMIN))) val defaultRoleUpdated = organizationApiService.getOrganizationSecurity(organizationRegistered.id!!).default @@ -606,28 +582,29 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `setOrganizationDefaultSecurity as resource admin and non-existing role`() { + fun `updateOrganizationDefaultSecurity as resource admin and non-existing role`() { assertThrows { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - organizationApiService.setOrganizationDefaultSecurity( + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + organizationApiService.updateOrganizationDefaultSecurity( organizationRegistered.id!!, OrganizationRole(UNKNOWN_IDENTIFIER)) } } @Test - fun `setOrganizationDefaultSecurity as not resource admin and WRITE_SECURITY_PERMISSION`() { + fun `updateOrganizationDefaultSecurity as not resource admin and WRITE_SECURITY_PERMISSION`() { assertDoesNotThrow { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_ADMIN)) val defaultRoleCreated = organizationRegistered.security?.default runAsOrganizationUser() assertNotNull( - organizationApiService.setOrganizationDefaultSecurity( + organizationApiService.updateOrganizationDefaultSecurity( organizationRegistered.id!!, OrganizationRole(ROLE_ADMIN))) val defaultRoleUpdated = organizationApiService.getOrganizationSecurity(organizationRegistered.id!!).default @@ -636,15 +613,16 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `setOrganizationDefaultSecurity as not resource admin and no WRITE_SECURITY_PERMISSION`() { + fun `updateOrganizationDefaultSecurity as not resource admin and no WRITE_SECURITY_PERMISSION`() { assertThrows { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) runAsOrganizationUser() - organizationApiService.setOrganizationDefaultSecurity( + organizationApiService.updateOrganizationDefaultSecurity( organizationRegistered.id!!, OrganizationRole(ROLE_ADMIN)) } } @@ -654,7 +632,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertDoesNotThrow { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) val organizationRole = organizationApiService.getOrganizationAccessControl( organizationRegistered.id!!, TEST_USER_ID) @@ -669,7 +647,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertThrows { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) organizationApiService.getOrganizationAccessControl(organizationRegistered.id!!, "UNKOWN") } } @@ -680,8 +658,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) runAsOrganizationUser() val organizationRole = organizationApiService.getOrganizationAccessControl( @@ -698,8 +677,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) runAsOrganizationUser() organizationApiService.getOrganizationAccessControl( organizationRegistered.id!!, UNKNOWN_IDENTIFIER) @@ -712,8 +692,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) runAsOrganizationUser() organizationApiService.getOrganizationAccessControl( organizationRegistered.id!!, UNKNOWN_IDENTIFIER) @@ -721,48 +702,50 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `addOrganizationAccessControl as resource admin`() { + fun `createOrganizationAccessControl as resource admin`() { assertDoesNotThrow { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) assertThrows { organizationApiService.getOrganizationAccessControl( organizationRegistered.id!!, OTHER_TEST_USER_ID) } val otherUserACL = OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_VIEWER) assertNotNull( - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organizationRegistered.id!!, otherUserACL)) val otherUserACLRetrieved = organizationApiService.getOrganizationAccessControl( organizationRegistered.id!!, OTHER_TEST_USER_ID) - assertEquals(otherUserACL, otherUserACLRetrieved) + assertEquals( + OrganizationAccessControl(id = OTHER_TEST_USER_ID, ROLE_VIEWER), otherUserACLRetrieved) } } @Test - fun `addOrganizationAccessControl as resource admin (ROLE_NONE)`() { + fun `createOrganizationAccessControl as resource admin (ROLE_NONE)`() { assertThrows { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) val otherUserACL = OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_NONE) - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organizationRegistered.id!!, otherUserACL) } } @Test - fun `addOrganizationAccessControl as not resource admin and PERMISSION_WRITE_SECURITY`() { + fun `createOrganizationAccessControl as not resource admin and PERMISSION_WRITE_SECURITY`() { assertDoesNotThrow { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_ADMIN)) runAsOrganizationUser() assertThrows { organizationApiService.getOrganizationAccessControl( @@ -770,31 +753,33 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } val otherUserACL = OrganizationAccessControl(id = TEST_ADMIN_USER_ID, role = ROLE_VIEWER) assertNotNull( - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organizationRegistered.id!!, otherUserACL)) val otherUserACLRetrieved = organizationApiService.getOrganizationAccessControl( organizationRegistered.id!!, TEST_ADMIN_USER_ID) - assertEquals(otherUserACL, otherUserACLRetrieved) + assertEquals( + OrganizationAccessControl(TEST_ADMIN_USER_ID, ROLE_VIEWER), otherUserACLRetrieved) } } @Test - fun `addOrganizationAccessControl as not resource admin and no PERMISSION_WRITE_SECURITY`() { + fun `createOrganizationAccessControl as not resource admin and no PERMISSION_WRITE_SECURITY`() { assertThrows { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) runAsOrganizationUser() assertThrows { organizationApiService.getOrganizationAccessControl( organizationRegistered.id!!, TEST_ADMIN_USER_ID) } val otherUserACL = OrganizationAccessControl(id = TEST_ADMIN_USER_ID, role = ROLE_VIEWER) - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organizationRegistered.id!!, otherUserACL) } } @@ -804,7 +789,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertThrows { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) organizationApiService.updateOrganizationAccessControl( organizationRegistered.id!!, TEST_USER_ID, OrganizationRole(role = ROLE_VIEWER)) } @@ -815,9 +800,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertDoesNotThrow { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organizationRegistered.id!!, OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_VIEWER)) @@ -840,7 +825,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertThrows { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) organizationApiService.updateOrganizationAccessControl( organizationRegistered.id!!, TEST_USER_ID, OrganizationRole(role = ROLE_NONE)) @@ -852,7 +837,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertThrows { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) organizationApiService.updateOrganizationAccessControl( organizationRegistered.id!!, UNKNOWN_IDENTIFIER, OrganizationRole(role = ROLE_EDITOR)) @@ -864,7 +849,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertThrows { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) organizationApiService.updateOrganizationAccessControl( organizationRegistered.id!!, TEST_USER_ID, OrganizationRole(role = UNKNOWN_IDENTIFIER)) @@ -877,9 +862,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organizationRegistered.id!!, OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_ADMIN)) @@ -904,9 +889,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organizationRegistered.id!!, OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_VIEWER)) @@ -923,9 +908,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organizationRegistered.id!!, OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_VIEWER)) @@ -937,15 +922,16 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `removeOrganizationAccessControl as resource admin`() { + fun `deleteOrganizationAccessControl as resource admin`() { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) val otherUserACL = OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_VIEWER) - organizationApiService.addOrganizationAccessControl(organizationRegistered.id!!, otherUserACL) + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL) - organizationApiService.removeOrganizationAccessControl( + organizationApiService.deleteOrganizationAccessControl( organizationRegistered.id!!, OTHER_TEST_USER_ID) assertThrows { organizationApiService.getOrganizationAccessControl( @@ -954,17 +940,18 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `removeOrganizationAccessControl as not resource admin, WRITE_SECURITY permission`() { + fun `deleteOrganizationAccessControl as not resource admin, WRITE_SECURITY permission`() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_ADMIN) - organizationApiService.addOrganizationAccessControl(organizationRegistered.id!!, otherUserACL) + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL) runAsOrganizationUser() - organizationApiService.removeOrganizationAccessControl( + organizationApiService.deleteOrganizationAccessControl( organizationRegistered.id!!, OTHER_TEST_USER_ID) assertThrows { organizationApiService.getOrganizationAccessControl( @@ -973,56 +960,59 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `removeOrganizationAccessControl as not resource admin, no WRITE_SECURITY permission`() { + fun `deleteOrganizationAccessControl as not resource admin, no WRITE_SECURITY permission`() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_VIEWER) - organizationApiService.addOrganizationAccessControl(organizationRegistered.id!!, otherUserACL) + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL) runAsOrganizationUser() assertThrows { - organizationApiService.removeOrganizationAccessControl( + organizationApiService.deleteOrganizationAccessControl( organizationRegistered.id!!, OTHER_TEST_USER_ID) } } @Test - fun `getOrganizationSecurityUsers as resource admin`() { + fun `listOrganizationSecurityUsers as resource admin`() { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) val orgaUsers = - organizationApiService.getOrganizationSecurityUsers(organizationRegistered.id!!) + organizationApiService.listOrganizationSecurityUsers(organizationRegistered.id!!) assertEquals(listOf(TEST_USER_ID), orgaUsers) } @Test - fun `getOrganizationSecurityUsers as not resource admin, READ_SECURITY permission`() { + fun `listOrganizationSecurityUsers as not resource admin, READ_SECURITY permission`() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_USER)) runAsOrganizationUser() val orgaUsers = - organizationApiService.getOrganizationSecurityUsers(organizationRegistered.id!!) + organizationApiService.listOrganizationSecurityUsers(organizationRegistered.id!!) assertEquals(listOf(TEST_USER_ID, OTHER_TEST_USER_ID), orgaUsers) } @Test - fun `getOrganizationSecurityUsers as not resource admin, no READ_SECURITY permission`() { + fun `listOrganizationSecurityUsers as not resource admin, no READ_SECURITY permission`() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) runAsOrganizationUser() assertThrows { - organizationApiService.getOrganizationSecurityUsers(organizationRegistered.id!!) + organizationApiService.listOrganizationSecurityUsers(organizationRegistered.id!!) } } @@ -1030,7 +1020,7 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { fun `testVerifyPermissionsAndReturnOrganization`() { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) assertDoesNotThrow { val organizationVerified = organizationApiService.getVerifiedOrganization(organizationRegistered.id!!) @@ -1043,8 +1033,9 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) runAsOrganizationUser() assertThrows { organizationApiService.getVerifiedOrganization(organizationRegistered.id!!) @@ -1059,32 +1050,32 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } @Test - fun `As a viewer, I can only see my information in security property for findOrganizationById`() { - val organization = makeOrganization(role = ROLE_VIEWER) - var organizationSaved = organizationApiService.registerOrganization(organization) + fun `As a viewer, I can only see my information in security property for getOrganization`() { + val organization = makeOrganizationCreateRequest(role = ROLE_VIEWER) + var organizationSaved = organizationApiService.createOrganization(organization) - organizationSaved = organizationApiService.findOrganizationById(organizationSaved.id!!) + organizationSaved = organizationApiService.getOrganization(organizationSaved.id!!) assertEquals( OrganizationSecurity( default = ROLE_NONE, mutableListOf(OrganizationAccessControl(TEST_USER_ID, ROLE_VIEWER))), organizationSaved.security) - assertEquals(1, organizationSaved.security!!.accessControlList.size) + assertEquals(1, organizationSaved.security!!.accessControlList!!.size) } @Test - fun `As a viewer, I can only see my information in security property for findAllOrganizations`() { - val organization = makeOrganization(role = ROLE_VIEWER) - organizationApiService.registerOrganization(organization) + fun `As a viewer, I can only see my information in security property for listOrganizations`() { + val organization = makeOrganizationCreateRequest(role = ROLE_VIEWER) + organizationApiService.createOrganization(organization) - val organizations = organizationApiService.findAllOrganizations(null, null) + val organizations = organizationApiService.listOrganizations(null, null) organizations.forEach { assertEquals( OrganizationSecurity( default = ROLE_NONE, mutableListOf(OrganizationAccessControl(TEST_USER_ID, ROLE_VIEWER))), it.security) - assertEquals(1, it.security!!.accessControlList.size) + assertEquals(1, it.security!!.accessControlList!!.size) } } } @@ -1102,11 +1093,11 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { val defaultPageSize = csmPlatformProperties.twincache.organization.defaultPageSize batchOrganizationCreation(numberOfOrganizationToCreate) - testFindAllOrganizations(null, null, numberOfOrganizationToCreate) - testFindAllOrganizations(0, null, defaultPageSize) - testFindAllOrganizations(0, 10, 10) - testFindAllOrganizations(1, 200, 0) - testFindAllOrganizations(1, 15, 5) + testlistOrganizations(null, null, numberOfOrganizationToCreate) + testlistOrganizations(0, null, defaultPageSize) + testlistOrganizations(0, 10, 10) + testlistOrganizations(1, 200, 0) + testlistOrganizations(1, 15, 5) } @Test @@ -1131,28 +1122,29 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { @Test fun `find All Organizations with wrong values`() { - testFindAllOrganizationsWithWrongValues() + testlistOrganizationsWithWrongValues() } @Test - fun `findOrganizationById as resource admin`() { + fun `getOrganization as resource admin`() { val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization("o-connector-test-1")) - assertNotNull(organizationApiService.findOrganizationById(organizationRegistered.id!!)) + organizationApiService.createOrganization( + makeSimpleOrganizationCreateRequest("o-connector-test-1")) + assertNotNull(organizationApiService.getOrganization(organizationRegistered.id!!)) } @Test - fun `findOrganizationById as not resource admin`() { - testFindOrganizationByIdAsNotOwner(false, null, null, null, false) { runAsPlatformAdmin() } + fun `getOrganization as not resource admin`() { + testgetOrganizationAsNotOwner(false, null, null, null, false) { runAsPlatformAdmin() } } @Test - fun `registerOrganization with minimal values`() { + fun `createOrganization with minimal values`() { assertDoesNotThrow { val name = "o-connector-test-1" - val organizationToRegister = createTestOrganization(name) + val organizationToRegister = makeSimpleOrganizationCreateRequest(name) val organizationRegistered = - organizationApiService.registerOrganization(organizationToRegister) + organizationApiService.createOrganization(organizationToRegister) assertEquals( OrganizationSecurity( default = ROLE_NONE, @@ -1163,980 +1155,947 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { assertTrue(organizationRegistered.id!!.startsWith("o-")) } } + } - @Test - fun `registerOrganization with null required organization name`() { - assertThrows { - organizationApiService.registerOrganization(Organization(name = null)) - } + @Test + fun `createOrganization without required organization name`() { + assertThrows { + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest("")) } + } - @Test - fun `registerOrganization without required organization name`() { - assertThrows { - organizationApiService.registerOrganization(createTestOrganization("")) - } + @Test + fun `createOrganization with security values`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + val organizationToRegister = + makeOrganizationCreateRequestWithSimpleSecurity( + name, OTHER_TEST_USER_ID, ROLE_USER, ROLE_NONE) + val organizationRegistered = organizationApiService.createOrganization(organizationToRegister) + assertEquals( + OrganizationSecurity( + default = ROLE_USER, + mutableListOf( + OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_NONE), + OrganizationAccessControl(id = defaultName, role = ROLE_ADMIN))), + organizationRegistered.security) + assertEquals(name, organizationRegistered.name) + assertTrue(organizationRegistered.id!!.startsWith("o-")) } + } - @Test - fun `registerOrganization with security values`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationToRegister = - createTestOrganizationWithSimpleSecurity(name, OTHER_TEST_USER_ID, ROLE_USER, ROLE_NONE) - val organizationRegistered = - organizationApiService.registerOrganization(organizationToRegister) - assertEquals( - OrganizationSecurity( - default = ROLE_USER, - mutableListOf( - OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_NONE), - OrganizationAccessControl(id = TEST_ADMIN_USER_ID, role = ROLE_ADMIN))), - organizationRegistered.security) - assertEquals(name, organizationRegistered.name) - assertTrue(organizationRegistered.id!!.startsWith("o-")) - } + @Test + fun `deleteOrganization as resource admin`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + val organizationToRegister = makeSimpleOrganizationCreateRequest(name) + val organizationRegistered = organizationApiService.createOrganization(organizationToRegister) + organizationApiService.deleteOrganization(organizationRegistered.id!!) } + } - @Test - fun `unregisterOrganization as resource admin`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationToRegister = createTestOrganization(name) - val organizationRegistered = - organizationApiService.registerOrganization(organizationToRegister) - organizationApiService.unregisterOrganization(organizationRegistered.id!!) - } + @Test + fun `deleteOrganization unexisting organization `() { + assertThrows { + organizationApiService.deleteOrganization("o-connector-test-1") } + } - @Test - fun `unregisterOrganization unexisting organization `() { - assertThrows { - organizationApiService.unregisterOrganization("o-connector-test-1") - } + @Test + fun `deleteOrganization as not resource admin `() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationToRegister = + makeOrganizationCreateRequestWithSimpleSecurity(name, defaultName, ROLE_NONE, ROLE_NONE) + val organizationRegistered = organizationApiService.createOrganization(organizationToRegister) + runAsPlatformAdmin() + organizationApiService.deleteOrganization(organizationRegistered.id!!) } + } - @Test - fun `unregisterOrganization as not resource admin `() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationToRegister = - createTestOrganizationWithSimpleSecurity(name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_NONE) - val organizationRegistered = - organizationApiService.registerOrganization(organizationToRegister) - runAsPlatformAdmin() - organizationApiService.unregisterOrganization(organizationRegistered.id!!) - } + @Test + fun `updateOrganization as resource admin organization name`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + organizationRegistered.name = "my-new-name" + organizationApiService.updateOrganization( + organizationRegistered.id!!, OrganizationUpdateRequest("my-new-name")) + + assertEquals( + organizationRegistered, + organizationApiService.getOrganization(organizationRegistered.id!!)) } + } - @Test - fun `updateOrganization as resource admin organization name`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + @Test + fun `updateOrganization as not resource admin with WRITE permission`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_EDITOR)) - organizationRegistered.name = "my-new-name" - organizationApiService.updateOrganization( - organizationRegistered.id!!, organizationRegistered) + runAsPlatformAdmin() - assertEquals( - organizationRegistered, - organizationApiService.findOrganizationById(organizationRegistered.id!!)) - } + organizationRegistered.name = "my-new-name" + organizationApiService.updateOrganization( + organizationRegistered.id!!, OrganizationUpdateRequest(organizationRegistered.name)) + + assertEquals( + organizationRegistered, + organizationApiService.getOrganization(organizationRegistered.id!!)) } + } - @Test - fun `updateOrganization as resource admin organization security`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + @Test + fun `updateOrganization as not resource admin with no WRITE permission`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + runAsPlatformAdmin() + organizationApiService.updateOrganization( + organizationRegistered.id!!, OrganizationUpdateRequest("name")) + } + } - organizationRegistered.security = - OrganizationSecurity( - default = ROLE_NONE, - mutableListOf(OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_USER))) + @Test + fun listPermissions() { + val mapAllPermissions = + listOf( + ComponentRolePermissions( + component = "organization", + roles = + mutableMapOf( + ROLE_VIEWER to mutableListOf(PERMISSION_READ), + ROLE_USER to + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN), + ROLE_EDITOR to + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE), + ROLE_ADMIN to + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE, + PERMISSION_WRITE_SECURITY, + PERMISSION_DELETE), + )), + ComponentRolePermissions( + component = "workspace", + roles = + mutableMapOf( + ROLE_VIEWER to mutableListOf(PERMISSION_READ), + ROLE_USER to + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN), + ROLE_EDITOR to + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE), + ROLE_ADMIN to + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE, + PERMISSION_WRITE_SECURITY, + PERMISSION_DELETE), + )), + ComponentRolePermissions( + component = "runner", + roles = + mutableMapOf( + ROLE_VIEWER to mutableListOf(PERMISSION_READ), + ROLE_EDITOR to + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_LAUNCH, + PERMISSION_WRITE), + ROLE_VALIDATOR to + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_LAUNCH, + PERMISSION_WRITE, + PERMISSION_VALIDATE), + ROLE_ADMIN to + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_LAUNCH, + PERMISSION_WRITE, + PERMISSION_VALIDATE, + PERMISSION_WRITE_SECURITY, + PERMISSION_DELETE), + ))) + assertEquals(mapAllPermissions, organizationApiService.listPermissions()) + } - organizationApiService.updateOrganization( - organizationRegistered.id!!, organizationRegistered) + @Test + fun `getOrganizationPermissions as resource admin`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + var organizationUserPermissions = + organizationApiService.getOrganizationPermissions( + organizationRegistered.id!!, ROLE_VIEWER) + assertEquals(mutableListOf(PERMISSION_READ), organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions(organizationRegistered.id!!, ROLE_USER) + assertEquals( + mutableListOf(PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN), + organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions( + organizationRegistered.id!!, ROLE_EDITOR) + assertEquals( + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE), + organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions(organizationRegistered.id!!, ROLE_ADMIN) + assertEquals( + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE, + PERMISSION_WRITE_SECURITY, + PERMISSION_DELETE), + organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions( + organizationRegistered.id!!, UNKNOWN_IDENTIFIER) + assertEquals(emptyList(), organizationUserPermissions) + } + } - // Organization Security cannot be updated via updateOrganization endpoint - // setOrganizationDefaultSecurity or - // addOrganizationAccessControl/updateOrganizationAccessControl/removeOrganizationAccessControl - // Should be used instead - assertNotEquals( - organizationRegistered, - organizationApiService.findOrganizationById(organizationRegistered.id!!)) - } + @Test + fun `getOrganizationPermissions as not resource admin and READ_SECURITY permission`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) + runAsPlatformAdmin() + var organizationUserPermissions = + organizationApiService.getOrganizationPermissions( + organizationRegistered.id!!, ROLE_VIEWER) + assertEquals(mutableListOf(PERMISSION_READ), organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions(organizationRegistered.id!!, ROLE_USER) + assertEquals( + mutableListOf(PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN), + organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions( + organizationRegistered.id!!, ROLE_EDITOR) + assertEquals( + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE), + organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions(organizationRegistered.id!!, ROLE_ADMIN) + assertEquals( + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE, + PERMISSION_WRITE_SECURITY, + PERMISSION_DELETE), + organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions( + organizationRegistered.id!!, UNKNOWN_IDENTIFIER) + assertEquals(emptyList(), organizationUserPermissions) } + } - @Test - fun `updateOrganization as not resource admin with WRITE permission`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_EDITOR)) + @Test + fun `getOrganizationPermissions as not resource admin and no permission`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) + runAsPlatformAdmin() + var organizationUserPermissions = + organizationApiService.getOrganizationPermissions( + organizationRegistered.id!!, ROLE_VIEWER) + assertEquals(mutableListOf(PERMISSION_READ), organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions(organizationRegistered.id!!, ROLE_USER) + assertEquals( + mutableListOf(PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN), + organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions( + organizationRegistered.id!!, ROLE_EDITOR) + assertEquals( + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE), + organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions(organizationRegistered.id!!, ROLE_ADMIN) + assertEquals( + mutableListOf( + PERMISSION_READ, + PERMISSION_READ_SECURITY, + PERMISSION_CREATE_CHILDREN, + PERMISSION_WRITE, + PERMISSION_WRITE_SECURITY, + PERMISSION_DELETE), + organizationUserPermissions) + organizationUserPermissions = + organizationApiService.getOrganizationPermissions( + organizationRegistered.id!!, UNKNOWN_IDENTIFIER) + assertEquals(emptyList(), organizationUserPermissions) + } + } - runAsPlatformAdmin() + @Test + fun `getOrganizationSecurity as resource admin`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + assertNotNull(organizationApiService.getOrganizationSecurity(organizationRegistered.id!!)) + } + } - organizationRegistered.name = "my-new-name" - organizationApiService.updateOrganization( - organizationRegistered.id!!, organizationRegistered) + @Test + fun `getOrganizationSecurity with non existing organization`() { + assertThrows { + organizationApiService.getOrganizationSecurity(UNKNOWN_IDENTIFIER) + } + } - assertEquals( - organizationRegistered, - organizationApiService.findOrganizationById(organizationRegistered.id!!)) - } + @Test + fun `getOrganizationSecurity with no security organization`() { + assertThrows { + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name = "org1")) + organizationApiService.getOrganizationSecurity("org1") } + } - @Test - fun `updateOrganization as not resource admin with no WRITE permission`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - runAsPlatformAdmin() - organizationApiService.updateOrganization( - organizationRegistered.id!!, organizationRegistered) - } + @Test + fun `getOrganizationSecurity as not resource admin with READ_SECURITY permission`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) + runAsPlatformAdmin() + assertNotNull(organizationApiService.getOrganizationSecurity(organizationRegistered.id!!)) } + } - @Test - fun getAllPermissions() { - val mapAllPermissions = - listOf( - ComponentRolePermissions( - component = "organization", - roles = - mutableMapOf( - ROLE_VIEWER to mutableListOf(PERMISSION_READ), - ROLE_USER to - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN), - ROLE_EDITOR to - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE), - ROLE_ADMIN to - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE, - PERMISSION_WRITE_SECURITY, - PERMISSION_DELETE), - )), - ComponentRolePermissions( - component = "workspace", - roles = - mutableMapOf( - ROLE_VIEWER to mutableListOf(PERMISSION_READ), - ROLE_USER to - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN), - ROLE_EDITOR to - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE), - ROLE_ADMIN to - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE, - PERMISSION_WRITE_SECURITY, - PERMISSION_DELETE), - )), - ComponentRolePermissions( - component = "runner", - roles = - mutableMapOf( - ROLE_VIEWER to mutableListOf(PERMISSION_READ), - ROLE_EDITOR to - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_LAUNCH, - PERMISSION_WRITE), - ROLE_VALIDATOR to - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_LAUNCH, - PERMISSION_WRITE, - PERMISSION_VALIDATE), - ROLE_ADMIN to - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_LAUNCH, - PERMISSION_WRITE, - PERMISSION_VALIDATE, - PERMISSION_WRITE_SECURITY, - PERMISSION_DELETE), - ))) - assertEquals(mapAllPermissions, organizationApiService.getAllPermissions()) + @Test + fun `getOrganizationSecurity as not resource admin with no READ_SECURITY permission`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, defaultName, ROLE_NONE, ROLE_NONE)) + runAsPlatformAdmin() + assertNotNull(organizationApiService.getOrganizationSecurity(organizationRegistered.id!!)) } + } - @Test - fun `getOrganizationPermissions as resource admin`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - var organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_VIEWER) - assertEquals(mutableListOf(PERMISSION_READ), organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_USER) - assertEquals( - mutableListOf(PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN), - organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_EDITOR) - assertEquals( - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE), - organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_ADMIN) - assertEquals( - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE, - PERMISSION_WRITE_SECURITY, - PERMISSION_DELETE), - organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, UNKNOWN_IDENTIFIER) - assertEquals(emptyList(), organizationUserPermissions) - } - } - - @Test - fun `getOrganizationPermissions as not resource admin and READ_SECURITY permission`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) - runAsPlatformAdmin() - var organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_VIEWER) - assertEquals(mutableListOf(PERMISSION_READ), organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_USER) - assertEquals( - mutableListOf(PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN), - organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_EDITOR) - assertEquals( - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE), - organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_ADMIN) - assertEquals( - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE, - PERMISSION_WRITE_SECURITY, - PERMISSION_DELETE), - organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, UNKNOWN_IDENTIFIER) - assertEquals(emptyList(), organizationUserPermissions) - } - } - - @Test - fun `getOrganizationPermissions as not resource admin and no permission`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) - runAsPlatformAdmin() - var organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_VIEWER) - assertEquals(mutableListOf(PERMISSION_READ), organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_USER) - assertEquals( - mutableListOf(PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN), - organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_EDITOR) - assertEquals( - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE), - organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, ROLE_ADMIN) - assertEquals( - mutableListOf( - PERMISSION_READ, - PERMISSION_READ_SECURITY, - PERMISSION_CREATE_CHILDREN, - PERMISSION_WRITE, - PERMISSION_WRITE_SECURITY, - PERMISSION_DELETE), - organizationUserPermissions) - organizationUserPermissions = - organizationApiService.getOrganizationPermissions( - organizationRegistered.id!!, UNKNOWN_IDENTIFIER) - assertEquals(emptyList(), organizationUserPermissions) - } - } - - @Test - fun `getOrganizationSecurity as resource admin`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - assertNotNull(organizationApiService.getOrganizationSecurity(organizationRegistered.id!!)) - } - } - - @Test - fun `getOrganizationSecurity with non existing organization`() { - assertThrows { - organizationApiService.getOrganizationSecurity(UNKNOWN_IDENTIFIER) - } - } - - @Test - fun `getOrganizationSecurity with no security organization`() { - assertThrows { - organizationApiService.registerOrganization(createTestOrganization(name = "org1")) - organizationApiService.getOrganizationSecurity("org1") - } - } - - @Test - fun `getOrganizationSecurity as not resource admin with READ_SECURITY permission`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) - runAsPlatformAdmin() - assertNotNull(organizationApiService.getOrganizationSecurity(organizationRegistered.id!!)) - } - } - - @Test - fun `getOrganizationSecurity as not resource admin with no READ_SECURITY permission`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_NONE)) - runAsPlatformAdmin() - assertNotNull(organizationApiService.getOrganizationSecurity(organizationRegistered.id!!)) - } - } - - @Test - fun `setOrganizationDefaultSecurity as resource admin and existing role`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - val defaultRoleCreated = organizationRegistered.security?.default - assertNotNull( - organizationApiService.setOrganizationDefaultSecurity( - organizationRegistered.id!!, OrganizationRole(ROLE_ADMIN))) - val defaultRoleUpdated = - organizationApiService.getOrganizationSecurity(organizationRegistered.id!!).default - assertNotEquals(defaultRoleCreated, defaultRoleUpdated) - } - } - - @Test - fun `setOrganizationDefaultSecurity as resource admin and non-existing role`() { - assertThrows { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - organizationApiService.setOrganizationDefaultSecurity( - organizationRegistered.id!!, OrganizationRole(UNKNOWN_IDENTIFIER)) - } - } - - @Test - fun `setOrganizationDefaultSecurity as not resource admin`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - val defaultRoleCreated = organizationRegistered.security?.default - runAsPlatformAdmin() - assertNotNull( - organizationApiService.setOrganizationDefaultSecurity( - organizationRegistered.id!!, OrganizationRole(ROLE_ADMIN))) - val defaultRoleUpdated = - organizationApiService.getOrganizationSecurity(organizationRegistered.id!!).default - assertNotEquals(defaultRoleCreated, defaultRoleUpdated) - } - } - - @Test - fun `setOrganizationDefaultSecurity as not resource admin and no WRITE_SECURITY_PERMISSION`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_NONE)) - val defaultRoleCreated = organizationRegistered.security?.default - runAsPlatformAdmin() - assertNotNull( - organizationApiService.setOrganizationDefaultSecurity( - organizationRegistered.id!!, OrganizationRole(ROLE_ADMIN))) - val defaultRoleUpdated = - organizationApiService.getOrganizationSecurity(organizationRegistered.id!!).default - assertNotEquals(defaultRoleCreated, defaultRoleUpdated) - } - } - - @Test - fun `getOrganizationAccessControl as not resource admin and current user`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - val organizationRole = - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, TEST_ADMIN_USER_ID) - assertNotNull(organizationRole) - assertEquals(ROLE_ADMIN, organizationRole.role) - assertEquals(TEST_ADMIN_USER_ID, organizationRole.id) - } - } - - @Test - fun `getOrganizationAccessControl as resource admin and non-existing user`() { - assertThrows { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - organizationApiService.getOrganizationAccessControl(organizationRegistered.id!!, "UNKOWN") - } - } - - @Test - fun `getOrganizationAccessControl as not resource admin, READ_SECURITY permission and existing user`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_VIEWER)) - runAsPlatformAdmin() - val organizationRole = - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, TEST_ADMIN_USER_ID) - assertNotNull(organizationRole) - assertEquals(ROLE_VIEWER, organizationRole.role) - assertEquals(TEST_ADMIN_USER_ID, organizationRole.id) - } - } - - @Test - fun `getOrganizationAccessControl as not resource admin, READ_SECURITY permission and non existing user`() { - assertThrows { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_VIEWER)) - runAsPlatformAdmin() - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, UNKNOWN_IDENTIFIER) - } - } - - @Test - fun `getOrganizationAccessControl as not resource admin, no READ_SECURITY permission, non-existing user`() { - assertThrows { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_NONE)) - runAsPlatformAdmin() - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, UNKNOWN_IDENTIFIER) - } - } - - @Test - fun `getOrganizationAccessControl as not resource admin, no READ_SECURITY permission, existing user`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_NONE)) - runAsPlatformAdmin() - val organizationAccessControl = - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, TEST_ADMIN_USER_ID) - assertNotNull(organizationAccessControl) - assertEquals(TEST_ADMIN_USER_ID, organizationAccessControl.id) - assertEquals(ROLE_NONE, organizationAccessControl.role) - } - } - - @Test - fun `addOrganizationAccessControl as resource admin`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - assertThrows { - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID) - } - val otherUserACL = OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_VIEWER) - assertNotNull( - organizationApiService.addOrganizationAccessControl( - organizationRegistered.id!!, otherUserACL)) - - val otherUserACLRetrieved = - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID) - assertEquals(otherUserACL, otherUserACLRetrieved) - } - } - - @Test - fun `addOrganizationAccessControl as resource admin (ROLE_NONE)`() { - assertThrows { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - - val otherUserACL = OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_NONE) - organizationApiService.addOrganizationAccessControl( - organizationRegistered.id!!, otherUserACL) - } - } - - @Test - fun `addOrganizationAccessControl as not resource admin and PERMISSION_WRITE_SECURITY`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_ADMIN)) - runAsPlatformAdmin() - assertThrows { - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, TEST_USER_ID) - } - val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_VIEWER) - assertNotNull( - organizationApiService.addOrganizationAccessControl( - organizationRegistered.id!!, otherUserACL)) - - val otherUserACLRetrieved = - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, TEST_USER_ID) - assertEquals(otherUserACL, otherUserACLRetrieved) - } - } - - @Test - fun `addOrganizationAccessControl as not resource admin and no PERMISSION_WRITE_SECURITY`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity( - name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_NONE)) - runAsPlatformAdmin() - assertThrows { - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, TEST_USER_ID) - } - val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_VIEWER) - assertNotNull( - organizationApiService.addOrganizationAccessControl( - organizationRegistered.id!!, otherUserACL)) - - val otherUserACLRetrieved = - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, TEST_USER_ID) - assertEquals(otherUserACL, otherUserACLRetrieved) - } - } - - @Test - fun `updateOrganizationAccessControl as resource admin cannot update last admin`() { - assertThrows { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - organizationApiService.updateOrganizationAccessControl( - organizationRegistered.id!!, TEST_ADMIN_USER_ID, OrganizationRole(role = ROLE_VIEWER)) - } - } - - @Test - fun `updateOrganizationAccessControl as resource admin can update user (!= ROLE_NONE)`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - - organizationApiService.addOrganizationAccessControl( - organizationRegistered.id!!, - OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_VIEWER)) - - assertNotNull( - organizationApiService.updateOrganizationAccessControl( - organizationRegistered.id!!, - OTHER_TEST_USER_ID, - OrganizationRole(role = ROLE_EDITOR))) - - val userACLRetrieved = - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID) - assertNotEquals(ROLE_VIEWER, userACLRetrieved.role) - assertEquals(ROLE_EDITOR, userACLRetrieved.role) - } - } - - @Test - fun `updateOrganizationAccessControl as resource admin cannot update user (= ROLE_NONE)`() { - assertThrows { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - - organizationApiService.updateOrganizationAccessControl( - organizationRegistered.id!!, TEST_USER_ID, OrganizationRole(role = ROLE_NONE)) - } - } - - @Test - fun `updateOrganizationAccessControl as resource admin and unknown ACL user`() { - assertThrows { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - - organizationApiService.updateOrganizationAccessControl( - organizationRegistered.id!!, UNKNOWN_IDENTIFIER, OrganizationRole(role = ROLE_EDITOR)) - } - } - - @Test - fun `updateOrganizationAccessControl as resource admin and wrong role`() { - assertThrows { - val name = "o-connector-test-1" - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - - organizationApiService.updateOrganizationAccessControl( - organizationRegistered.id!!, TEST_USER_ID, OrganizationRole(role = UNKNOWN_IDENTIFIER)) - } + @Test + fun `updateOrganizationDefaultSecurity as resource admin and existing role`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + val defaultRoleCreated = organizationRegistered.security?.default + assertNotNull( + organizationApiService.updateOrganizationDefaultSecurity( + organizationRegistered.id!!, OrganizationRole(ROLE_ADMIN))) + val defaultRoleUpdated = + organizationApiService.getOrganizationSecurity(organizationRegistered.id!!).default + assertNotEquals(defaultRoleCreated, defaultRoleUpdated) } + } - @Test - fun `updateOrganizationAccessControl as not resource admin, WRITE_SECURITY permission, can update user (!= ROLE_NONE)`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - - organizationApiService.addOrganizationAccessControl( - organizationRegistered.id!!, - OrganizationAccessControl(id = TEST_ADMIN_USER_ID, role = ROLE_ADMIN)) - - runAsPlatformAdmin() - - assertNotNull( - organizationApiService.updateOrganizationAccessControl( - organizationRegistered.id!!, - OTHER_TEST_USER_ID, - OrganizationRole(role = ROLE_EDITOR))) - - val userACLRetrieved = - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID) - assertEquals(ROLE_EDITOR, userACLRetrieved.role) - } + @Test + fun `updateOrganizationDefaultSecurity as resource admin and non-existing role`() { + assertThrows { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + organizationApiService.updateOrganizationDefaultSecurity( + organizationRegistered.id!!, OrganizationRole(UNKNOWN_IDENTIFIER)) } + } - @Test - fun `updateOrganizationAccessControl as not resource admin, no WRITE_SECURITY permission`() { - assertDoesNotThrow { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - - organizationApiService.addOrganizationAccessControl( - organizationRegistered.id!!, - OrganizationAccessControl(id = TEST_ADMIN_USER_ID, role = ROLE_VIEWER)) - - runAsPlatformAdmin() - - assertNotNull( - organizationApiService.updateOrganizationAccessControl( - organizationRegistered.id!!, - TEST_ADMIN_USER_ID, - OrganizationRole(role = ROLE_EDITOR))) + @Test + fun `updateOrganizationDefaultSecurity as not resource admin`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + val defaultRoleCreated = organizationRegistered.security?.default + runAsPlatformAdmin() + assertNotNull( + organizationApiService.updateOrganizationDefaultSecurity( + organizationRegistered.id!!, OrganizationRole(ROLE_ADMIN))) + val defaultRoleUpdated = + organizationApiService.getOrganizationSecurity(organizationRegistered.id!!).default + assertNotEquals(defaultRoleCreated, defaultRoleUpdated) + } + } - val userACLRetrieved = - organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, TEST_ADMIN_USER_ID) - assertEquals(ROLE_EDITOR, userACLRetrieved.role) - } + @Test + fun `updateOrganizationDefaultSecurity as not resource admin and no WRITE_SECURITY_PERMISSION`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_NONE)) + val defaultRoleCreated = organizationRegistered.security?.default + runAsPlatformAdmin() + assertNotNull( + organizationApiService.updateOrganizationDefaultSecurity( + organizationRegistered.id!!, OrganizationRole(ROLE_ADMIN))) + val defaultRoleUpdated = + organizationApiService.getOrganizationSecurity(organizationRegistered.id!!).default + assertNotEquals(defaultRoleCreated, defaultRoleUpdated) } + } - @Test - fun `updateOrganizationAccessControl as not resource admin, no WRITE_SECURITY permission, ROLE_NONE`() { - assertThrows { - val name = "o-connector-test-1" - runAsDifferentOrganizationUser() - val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + @Test + fun `getOrganizationAccessControl as not resource admin and current user`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + val organizationRole = + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, defaultName) + assertNotNull(organizationRole) + assertEquals(ROLE_ADMIN, organizationRole.role) + assertEquals(defaultName, organizationRole.id) + } + } - organizationApiService.addOrganizationAccessControl( - organizationRegistered.id!!, - OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_VIEWER)) + @Test + fun `getOrganizationAccessControl as resource admin and non-existing user`() { + assertThrows { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + organizationApiService.getOrganizationAccessControl(organizationRegistered.id!!, "UNKOWN") + } + } - runAsPlatformAdmin() + @Test + fun `getOrganizationAccessControl as not resource admin, READ_SECURITY permission and existing user`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) + runAsPlatformAdmin() + val organizationRole = + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, TEST_USER_ID) + assertNotNull(organizationRole) + assertEquals(ROLE_VIEWER, organizationRole.role) + assertEquals(TEST_USER_ID, organizationRole.id) + } + } - organizationApiService.updateOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID, OrganizationRole(role = ROLE_NONE)) - } + @Test + fun `getOrganizationAccessControl as not resource admin, READ_SECURITY permission and non existing user`() { + assertThrows { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) + runAsPlatformAdmin() + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, UNKNOWN_IDENTIFIER) } + } - @Test - fun `removeOrganizationAccessControl as resource admin`() { + @Test + fun `getOrganizationAccessControl as not resource admin, no READ_SECURITY permission, non-existing user`() { + assertThrows { val name = "o-connector-test-1" + runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_NONE)) + runAsPlatformAdmin() + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, UNKNOWN_IDENTIFIER) + } + } - val otherUserACL = OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_VIEWER) - organizationApiService.addOrganizationAccessControl(organizationRegistered.id!!, otherUserACL) + @Test + fun `getOrganizationAccessControl as not resource admin, no READ_SECURITY permission, existing user`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) + runAsPlatformAdmin() + val organizationAccessControl = + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, TEST_USER_ID) + assertNotNull(organizationAccessControl) + assertEquals(TEST_USER_ID, organizationAccessControl.id) + assertEquals(ROLE_NONE, organizationAccessControl.role) + } + } - organizationApiService.removeOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID) + @Test + fun `createOrganizationAccessControl as resource admin`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) assertThrows { organizationApiService.getOrganizationAccessControl( organizationRegistered.id!!, OTHER_TEST_USER_ID) } + val otherUserACL = OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_VIEWER) + assertNotNull( + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL)) + + val otherUserACLRetrieved = + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID) + assertEquals( + OrganizationAccessControl(OTHER_TEST_USER_ID, ROLE_VIEWER), otherUserACLRetrieved) } + } - @Test - fun `removeOrganizationAccessControl as not resource admin, WRITE_SECURITY permission`() { + @Test + fun `createOrganizationAccessControl as resource admin (ROLE_NONE)`() { + assertThrows { val name = "o-connector-test-1" - runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) - val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_ADMIN) - organizationApiService.addOrganizationAccessControl(organizationRegistered.id!!, otherUserACL) + val otherUserACL = OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_NONE) + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL) + } + } + @Test + fun `createOrganizationAccessControl as not resource admin and PERMISSION_WRITE_SECURITY`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_ADMIN_USER_ID, ROLE_NONE, ROLE_ADMIN)) runAsPlatformAdmin() - organizationApiService.removeOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID) assertThrows { organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID) + organizationRegistered.id!!, TEST_USER_ID) } + val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_VIEWER) + assertNotNull( + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL)) + + val otherUserACLRetrieved = + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, TEST_USER_ID) + assertEquals(otherUserACL, otherUserACLRetrieved) } + } - @Test - fun `removeOrganizationAccessControl as not resource admin, no WRITE_SECURITY permission`() { + @Test + fun `createOrganizationAccessControl as not resource admin and no PERMISSION_WRITE_SECURITY`() { + assertDoesNotThrow { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - - val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_ADMIN) - organizationApiService.addOrganizationAccessControl(organizationRegistered.id!!, otherUserACL) - + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, defaultName, ROLE_NONE, ROLE_NONE)) runAsPlatformAdmin() - organizationApiService.removeOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID) assertThrows { organizationApiService.getOrganizationAccessControl( - organizationRegistered.id!!, OTHER_TEST_USER_ID) + organizationRegistered.id!!, TEST_USER_ID) } + val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_VIEWER) + assertNotNull( + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL)) + + val otherUserACLRetrieved = + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, TEST_USER_ID) + assertEquals(otherUserACL, otherUserACLRetrieved) } + } - @Test - fun `getOrganizationSecurityUsers as resource admin`() { + @Test + fun `updateOrganizationAccessControl as resource admin cannot update last admin`() { + assertThrows { val name = "o-connector-test-1" val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + organizationApiService.updateOrganizationAccessControl( + organizationRegistered.id!!, defaultName, OrganizationRole(role = ROLE_VIEWER)) + } + } - val orgaUsers = - organizationApiService.getOrganizationSecurityUsers(organizationRegistered.id!!) - assertEquals(listOf(TEST_ADMIN_USER_ID), orgaUsers) + @Test + fun `updateOrganizationAccessControl as resource admin can update user (!= ROLE_NONE)`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, + OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_VIEWER)) + + assertNotNull( + organizationApiService.updateOrganizationAccessControl( + organizationRegistered.id!!, + OTHER_TEST_USER_ID, + OrganizationRole(role = ROLE_EDITOR))) + + val userACLRetrieved = + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID) + assertNotEquals(ROLE_VIEWER, userACLRetrieved.role) + assertEquals(ROLE_EDITOR, userACLRetrieved.role) } + } - @Test - fun `getOrganizationSecurityUsers as not resource admin, READ_SECURITY permission`() { + @Test + fun `updateOrganizationAccessControl as resource admin cannot update user (= ROLE_NONE)`() { + assertThrows { val name = "o-connector-test-1" - runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) - runAsPlatformAdmin() - val orgaUsers = - organizationApiService.getOrganizationSecurityUsers(organizationRegistered.id!!) - assertEquals(listOf(TEST_USER_ID, OTHER_TEST_USER_ID), orgaUsers) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + organizationApiService.updateOrganizationAccessControl( + organizationRegistered.id!!, TEST_USER_ID, OrganizationRole(role = ROLE_NONE)) } + } - @Test - fun `getOrganizationSecurityUsers as not resource admin, no READ_SECURITY permission`() { + @Test + fun `updateOrganizationAccessControl as resource admin and unknown ACL user`() { + assertThrows { val name = "o-connector-test-1" - runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) - runAsPlatformAdmin() - val orgaUsers = - organizationApiService.getOrganizationSecurityUsers(organizationRegistered.id!!) - assertEquals(listOf(TEST_USER_ID, OTHER_TEST_USER_ID), orgaUsers) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + organizationApiService.updateOrganizationAccessControl( + organizationRegistered.id!!, UNKNOWN_IDENTIFIER, OrganizationRole(role = ROLE_EDITOR)) } + } - @Test - fun `access control list shouldn't contain more than one time each user on creation`() { - val brokenOrganization = - Organization( - name = "organization", - security = - OrganizationSecurity( - default = ROLE_NONE, - accessControlList = - mutableListOf( - OrganizationAccessControl(TEST_USER_ID, ROLE_ADMIN), - OrganizationAccessControl(TEST_USER_ID, ROLE_EDITOR)))) - assertThrows { - organizationApiService.registerOrganization(brokenOrganization) - } + @Test + fun `updateOrganizationAccessControl as resource admin and wrong role`() { + assertThrows { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + organizationApiService.updateOrganizationAccessControl( + organizationRegistered.id!!, TEST_USER_ID, OrganizationRole(role = UNKNOWN_IDENTIFIER)) } + } - @Test - fun `access control list shouldn't contain more than one time each user on ACL addition`() { - val workingOrganization = - Organization( - name = "organization", - security = - OrganizationSecurity( - default = ROLE_NONE, - accessControlList = - mutableListOf(OrganizationAccessControl(TEST_USER_ID, ROLE_ADMIN)))) - val organizationSaved = organizationApiService.registerOrganization(workingOrganization) + @Test + fun `updateOrganizationAccessControl as not resource admin, WRITE_SECURITY permission, can update user (!= ROLE_NONE)`() { + assertDoesNotThrow { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) - assertThrows { - organizationApiService.addOrganizationAccessControl( - organizationSaved.id!!, OrganizationAccessControl(TEST_USER_ID, ROLE_EDITOR)) - } + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, + OrganizationAccessControl(id = TEST_ADMIN_USER_ID, role = ROLE_ADMIN)) + + runAsPlatformAdmin() + + assertNotNull( + organizationApiService.updateOrganizationAccessControl( + organizationRegistered.id!!, + OTHER_TEST_USER_ID, + OrganizationRole(role = ROLE_EDITOR))) + + val userACLRetrieved = + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID) + assertEquals(ROLE_EDITOR, userACLRetrieved.role) } + } - @Test - fun `testVerifyPermissionsAndReturnOrganization`() { + @Test + fun `updateOrganizationAccessControl as not resource admin, no WRITE_SECURITY permission`() { + assertDoesNotThrow { val name = "o-connector-test-1" + runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization(createTestOrganization(name)) - assertDoesNotThrow { - val organizationVerified = - organizationApiService.getVerifiedOrganization(organizationRegistered.id!!) - assertEquals(organizationRegistered, organizationVerified) - } + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, + OrganizationAccessControl(id = TEST_ADMIN_USER_ID, role = ROLE_VIEWER)) + + runAsPlatformAdmin() + + assertNotNull( + organizationApiService.updateOrganizationAccessControl( + organizationRegistered.id!!, + TEST_ADMIN_USER_ID, + OrganizationRole(role = ROLE_EDITOR))) + + val userACLRetrieved = + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, TEST_ADMIN_USER_ID) + assertEquals(ROLE_EDITOR, userACLRetrieved.role) } + } - @Test - fun `testVerifyPermissionsAndReturnOrganization with organization with restricted permission`() { + @Test + fun `updateOrganizationAccessControl as not resource admin, no WRITE_SECURITY permission, ROLE_NONE`() { + assertThrows { val name = "o-connector-test-1" runAsDifferentOrganizationUser() val organizationRegistered = - organizationApiService.registerOrganization( - createTestOrganizationWithSimpleSecurity(name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, + OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_VIEWER)) + runAsPlatformAdmin() - assertDoesNotThrow { - val organizationVerified = - organizationApiService.getVerifiedOrganization(organizationRegistered.id!!) - assertEquals(organizationRegistered, organizationVerified) - } + + organizationApiService.updateOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID, OrganizationRole(role = ROLE_NONE)) } + } - @Test - fun `testVerifyPermissionsAndReturnOrganization with unknown organization id`() { - assertThrows { - organizationApiService.getVerifiedOrganization("wrong_orga_id") - } + @Test + fun `deleteOrganizationAccessControl as resource admin`() { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + val otherUserACL = OrganizationAccessControl(id = OTHER_TEST_USER_ID, role = ROLE_VIEWER) + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL) + + organizationApiService.deleteOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID) + assertThrows { + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID) + } + } + + @Test + fun `deleteOrganizationAccessControl as not resource admin, WRITE_SECURITY permission`() { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_ADMIN) + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL) + + runAsPlatformAdmin() + organizationApiService.deleteOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID) + assertThrows { + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID) + } + } + + @Test + fun `deleteOrganizationAccessControl as not resource admin, no WRITE_SECURITY permission`() { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + val otherUserACL = OrganizationAccessControl(id = TEST_USER_ID, role = ROLE_ADMIN) + organizationApiService.createOrganizationAccessControl( + organizationRegistered.id!!, otherUserACL) + + runAsPlatformAdmin() + organizationApiService.deleteOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID) + assertThrows { + organizationApiService.getOrganizationAccessControl( + organizationRegistered.id!!, OTHER_TEST_USER_ID) + } + } + + @Test + fun `listOrganizationSecurityUsers as resource admin`() { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + + val orgaUsers = + organizationApiService.listOrganizationSecurityUsers(organizationRegistered.id!!) + assertEquals(listOf(defaultName), orgaUsers) + } + + @Test + fun `listOrganizationSecurityUsers as not resource admin, READ_SECURITY permission`() { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_VIEWER)) + runAsPlatformAdmin() + val orgaUsers = + organizationApiService.listOrganizationSecurityUsers(organizationRegistered.id!!) + assertEquals(listOf(TEST_USER_ID, OTHER_TEST_USER_ID), orgaUsers) + } + + @Test + fun `listOrganizationSecurityUsers as not resource admin, no READ_SECURITY permission`() { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) + runAsPlatformAdmin() + val orgaUsers = + organizationApiService.listOrganizationSecurityUsers(organizationRegistered.id!!) + assertEquals(listOf(TEST_USER_ID, OTHER_TEST_USER_ID), orgaUsers) + } + + @Test + fun `access control list shouldn't contain more than one time each user on creation`() { + val brokenOrganization = + OrganizationCreateRequest( + name = "organization", + security = + OrganizationSecurity( + default = ROLE_NONE, + accessControlList = + mutableListOf( + OrganizationAccessControl(TEST_USER_ID, ROLE_ADMIN), + OrganizationAccessControl(TEST_USER_ID, ROLE_EDITOR)))) + assertThrows { + organizationApiService.createOrganization(brokenOrganization) + } + } + + @Test + fun `access control list shouldn't contain more than one time each user on ACL addition`() { + val workingOrganization = + OrganizationCreateRequest( + name = "organization", + security = + OrganizationSecurity( + default = ROLE_NONE, + accessControlList = + mutableListOf(OrganizationAccessControl(defaultName, ROLE_ADMIN)))) + val organizationSaved = organizationApiService.createOrganization(workingOrganization) + + assertThrows { + organizationApiService.createOrganizationAccessControl( + organizationSaved.id!!, OrganizationAccessControl(defaultName, ROLE_EDITOR)) + } + } + + @Test + fun `testVerifyPermissionsAndReturnOrganization`() { + val name = "o-connector-test-1" + val organizationRegistered = + organizationApiService.createOrganization(makeSimpleOrganizationCreateRequest(name)) + assertDoesNotThrow { + val organizationVerified = + organizationApiService.getVerifiedOrganization(organizationRegistered.id!!) + assertEquals(organizationRegistered, organizationVerified) + } + } + + @Test + fun `testVerifyPermissionsAndReturnOrganization with organization with restricted permission`() { + val name = "o-connector-test-1" + runAsDifferentOrganizationUser() + val organizationRegistered = + organizationApiService.createOrganization( + makeOrganizationCreateRequestWithSimpleSecurity( + name, TEST_USER_ID, ROLE_NONE, ROLE_NONE)) + runAsPlatformAdmin() + assertDoesNotThrow { + val organizationVerified = + organizationApiService.getVerifiedOrganization(organizationRegistered.id!!) + assertEquals(organizationRegistered, organizationVerified) + } + } + + @Test + fun `testVerifyPermissionsAndReturnOrganization with unknown organization id`() { + assertThrows { + organizationApiService.getVerifiedOrganization("wrong_orga_id") } } @@ -2146,48 +2105,47 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { ) { val defaultPageSize = csmPlatformProperties.twincache.organization.defaultPageSize - testFindAllOrganizations(null, null, numberOfOrganizationReachableByTestUser) - testFindAllOrganizations(0, null, defaultPageSize) - testFindAllOrganizations( - 0, numberOfOrganizationCreated, numberOfOrganizationReachableByTestUser) - testFindAllOrganizations(1, 200, 0) - testFindAllOrganizations(1, 15, 15) + testlistOrganizations(null, null, numberOfOrganizationReachableByTestUser) + testlistOrganizations(0, null, defaultPageSize) + testlistOrganizations(0, numberOfOrganizationCreated, numberOfOrganizationReachableByTestUser) + testlistOrganizations(1, 200, 0) + testlistOrganizations(1, 15, 15) } - private fun testFindAllOrganizationsWithWrongValues() { + private fun testlistOrganizationsWithWrongValues() { logger.info("Should throw IllegalArgumentException when page and size are zeros") - assertThrows { organizationApiService.findAllOrganizations(0, 0) } + assertThrows { organizationApiService.listOrganizations(0, 0) } logger.info("Should throw IllegalArgumentException when page is negative") - assertThrows { organizationApiService.findAllOrganizations(-1, 10) } + assertThrows { organizationApiService.listOrganizations(-1, 10) } logger.info("Should throw IllegalArgumentException when size is negative") - assertThrows { organizationApiService.findAllOrganizations(0, -1) } + assertThrows { organizationApiService.listOrganizations(0, -1) } } - private fun testFindOrganizationByIdAsNotOwner( + private fun testgetOrganizationAsNotOwner( hasUserSecurity: Boolean, userId: String?, defaultRole: String?, userRole: String?, throwException: Boolean, - runFindOrganizationByIdAs: () -> Unit + rungetOrganizationAs: () -> Unit ) { runAsDifferentOrganizationUser() val organizationId = "o-connector-test-1" val organization = if (hasUserSecurity) { - createTestOrganizationWithSimpleSecurity( + makeOrganizationCreateRequestWithSimpleSecurity( organizationId, userId!!, defaultRole!!, userRole!!) } else { - createTestOrganization(organizationId) + makeSimpleOrganizationCreateRequest(organizationId) } - val organizationRegistered = organizationApiService.registerOrganization(organization) + val organizationRegistered = organizationApiService.createOrganization(organization) - runFindOrganizationByIdAs() + rungetOrganizationAs() if (throwException) { assertThrows { - (organizationApiService.findOrganizationById(organizationRegistered.id!!)) + (organizationApiService.getOrganization(organizationRegistered.id!!)) } } else { assertNotNull(organizationRegistered) @@ -2223,8 +2181,8 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { internal fun batchOrganizationCreation(numberOfOrganizationToCreate: Int) { logger.info("Creating $numberOfOrganizationToCreate connectors...") IntRange(1, numberOfOrganizationToCreate).forEach { - val newOrganization = createTestOrganization("o-connector-test-$it") - organizationApiService.registerOrganization(newOrganization) + val newOrganization = makeSimpleOrganizationCreateRequest("o-connector-test-$it") + organizationApiService.createOrganization(newOrganization) } } @@ -2243,12 +2201,12 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { roleList.forEach { defaultSecurity -> roleList.forEach { securityRole -> val organization = - createTestOrganizationWithSimpleSecurity( + makeOrganizationCreateRequestWithSimpleSecurity( "Organization with $defaultSecurity as default and $userId as $securityRole", userId, defaultSecurity, securityRole) - organizationApiService.registerOrganization(organization) + organizationApiService.createOrganization(organization) numberOfOrganizationCreated++ } } @@ -2256,35 +2214,33 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { } /** Create default test Connector */ - internal fun createTestOrganization(name: String): Organization { - return Organization(name = name) + internal fun makeSimpleOrganizationCreateRequest(name: String): OrganizationCreateRequest { + return OrganizationCreateRequest(name = name) } /** Create default test Connector */ - internal fun createTestOrganizationWithSimpleSecurity( + internal fun makeOrganizationCreateRequestWithSimpleSecurity( name: String, userName: String, defaultSecurity: String, role: String, - ): Organization { - return Organization( - id = "organization_id", + ): OrganizationCreateRequest { + return OrganizationCreateRequest( name = name, security = OrganizationSecurity( default = defaultSecurity, - accessControlList = mutableListOf(OrganizationAccessControl(userName, role)))) + accessControlList = + mutableListOf(OrganizationAccessControl(id = userName, role = role)))) } - fun makeOrganization( + fun makeOrganizationCreateRequest( id: String = "organization_id", userName: String = TEST_USER_ID, role: String = ROLE_ADMIN - ): Organization { - return Organization( - id = id, + ): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization Name", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, @@ -2294,8 +2250,8 @@ class OrganizationServiceIntegrationTest : CsmRedisTestBase() { OrganizationAccessControl(id = userName, role = role)))) } - internal fun testFindAllOrganizations(page: Int?, size: Int?, expectedResultSize: Int) { - val organizationList = organizationApiService.findAllOrganizations(page, size) + internal fun testlistOrganizations(page: Int?, size: Int?, expectedResultSize: Int) { + val organizationList = organizationApiService.listOrganizations(page, size) logger.info("Organization list retrieved contains : ${organizationList.size} elements") assertEquals(expectedResultSize, organizationList.size) } diff --git a/organization/src/integrationTest/kotlin/com/cosmotech/organization/service/OrganizationServiceRBACTest.kt b/organization/src/integrationTest/kotlin/com/cosmotech/organization/service/OrganizationServiceRBACTest.kt index a9a748c51..9139fa06a 100644 --- a/organization/src/integrationTest/kotlin/com/cosmotech/organization/service/OrganizationServiceRBACTest.kt +++ b/organization/src/integrationTest/kotlin/com/cosmotech/organization/service/OrganizationServiceRBACTest.kt @@ -22,13 +22,14 @@ import com.cosmotech.api.utils.getCurrentAuthenticatedUserName import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationRole import com.cosmotech.organization.domain.OrganizationSecurity +import com.cosmotech.organization.domain.OrganizationUpdateRequest import com.redis.om.spring.RediSearchIndexer import io.mockk.every import io.mockk.junit5.MockKExtension import io.mockk.mockkStatic -import java.util.* import kotlin.test.assertEquals import org.junit.jupiter.api.BeforeAll import org.junit.jupiter.api.BeforeEach @@ -85,16 +86,16 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { ) .map { (role, shouldThrow) -> DynamicTest.dynamicTest("Test RBAC findAllOrganizations : $role") { - organizationApiService.registerOrganization( - mockOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) - val organizations = organizationApiService.findAllOrganizations(null, null) + val organizations = organizationApiService.listOrganizations(null, null) assertEquals(shouldThrow, organizations.size) } } @TestFactory - fun `test RBAC findOrganizationById`() = + fun `test RBAC getOrganization`() = mapOf( ROLE_VIEWER to false, ROLE_EDITOR to false, @@ -104,30 +105,28 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { ROLE_ADMIN to false, ) .map { (role, shouldThrow) -> - DynamicTest.dynamicTest("Test RBAC findOrganizationById : $role") { + DynamicTest.dynamicTest("Test RBAC getOrganization : $role") { every { getCurrentAccountIdentifier(any()) } returns TEST_USER_MAIL val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = assertThrows { - organizationApiService.findOrganizationById(organization.id!!) + organizationApiService.getOrganization(organization.id!!) } assertEquals( "RBAC ${organization.id!!} - User does not have permission $PERMISSION_READ", exception.message) } else { - assertDoesNotThrow { - organizationApiService.findOrganizationById(organization.id!!) - } + assertDoesNotThrow { organizationApiService.getOrganization(organization.id!!) } } } } @TestFactory - fun `test RBAC unregisterOrganization`() = + fun `test RBAC deleteOrganization`() = mapOf( ROLE_VIEWER to true, ROLE_EDITOR to true, @@ -137,23 +136,21 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { ROLE_ADMIN to false, ) .map { (role, shouldThrow) -> - DynamicTest.dynamicTest("Test RBAC unregisterOrganization : $role") { + DynamicTest.dynamicTest("Test RBAC deleteOrganization : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = assertThrows { - organizationApiService.unregisterOrganization(organization.id!!) + organizationApiService.deleteOrganization(organization.id!!) } assertEquals( "RBAC ${organization.id!!} - User does not have permission $PERMISSION_DELETE", exception.message) } else { - assertDoesNotThrow { - organizationApiService.unregisterOrganization(organization.id!!) - } + assertDoesNotThrow { organizationApiService.deleteOrganization(organization.id!!) } } } } @@ -171,15 +168,14 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { .map { (role, shouldThrow) -> DynamicTest.dynamicTest("Test RBAC updateOrganization : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) if (shouldThrow) { val exception = assertThrows { organizationApiService.updateOrganization( - organization.id!!, - mockOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organization.id!!, OrganizationUpdateRequest("name")) } assertEquals( "RBAC ${organization.id!!} - User does not have permission $PERMISSION_WRITE", @@ -187,7 +183,7 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { } else { assertDoesNotThrow { organizationApiService.updateOrganization( - organization.id!!, mockOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organization.id!!, OrganizationUpdateRequest("name")) } } } @@ -206,8 +202,8 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { .map { (role, shouldThrow) -> DynamicTest.dynamicTest("Test RBAC getOrganizationPermissions : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = @@ -237,8 +233,8 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { .map { (role, shouldThrow) -> DynamicTest.dynamicTest("Test RBAC getOrganizationSecurity : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = @@ -257,7 +253,7 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { } @TestFactory - fun `test RBAC setOrganizationDefaultSecurity`() = + fun `test RBAC updateOrganizationDefaultSecurity`() = mapOf( ROLE_VIEWER to true, ROLE_EDITOR to true, @@ -267,15 +263,15 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { ROLE_ADMIN to false, ) .map { (role, shouldThrow) -> - DynamicTest.dynamicTest("Test RBAC setOrganizationDefaultSecurity : $role") { + DynamicTest.dynamicTest("Test RBAC updateOrganizationDefaultSecurity : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = assertThrows { - organizationApiService.setOrganizationDefaultSecurity( + organizationApiService.updateOrganizationDefaultSecurity( organization.id!!, OrganizationRole(role)) } assertEquals( @@ -283,7 +279,7 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { exception.message) } else { assertDoesNotThrow { - organizationApiService.setOrganizationDefaultSecurity( + organizationApiService.updateOrganizationDefaultSecurity( organization.id!!, OrganizationRole(role)) } } @@ -291,7 +287,7 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { } @TestFactory - fun `test RBAC addOrganizationAccessControl`() = + fun `test RBAC createOrganizationAccessControl`() = mapOf( ROLE_VIEWER to true, ROLE_EDITOR to true, @@ -301,15 +297,15 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { ROLE_ADMIN to false, ) .map { (role, shouldThrow) -> - DynamicTest.dynamicTest("Test RBAC addOrganizationAccessControl : $role") { + DynamicTest.dynamicTest("Test RBAC createOrganizationAccessControl : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = assertThrows { - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organization.id!!, OrganizationAccessControl("id", role)) } assertEquals( @@ -317,7 +313,7 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { exception.message) } else { assertDoesNotThrow { - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( organization.id!!, OrganizationAccessControl("id", role)) } } @@ -337,8 +333,8 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { .map { (role, shouldThrow) -> DynamicTest.dynamicTest("Test RBAC getOrganizationAccessControl : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = @@ -359,7 +355,7 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { } @TestFactory - fun `test RBAC removeOrganizationAccessControl`() = + fun `test RBAC deleteOrganizationAccessControl`() = mapOf( ROLE_VIEWER to true, ROLE_EDITOR to true, @@ -369,15 +365,15 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { ROLE_ADMIN to false, ) .map { (role, shouldThrow) -> - DynamicTest.dynamicTest("Test RBAC removeOrganizationAccessControl : $role") { + DynamicTest.dynamicTest("Test RBAC deleteOrganizationAccessControl : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = assertThrows { - organizationApiService.removeOrganizationAccessControl( + organizationApiService.deleteOrganizationAccessControl( organization.id!!, TEST_USER_MAIL) } assertEquals( @@ -385,7 +381,7 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { exception.message) } else { assertDoesNotThrow { - organizationApiService.removeOrganizationAccessControl( + organizationApiService.deleteOrganizationAccessControl( organization.id!!, TEST_USER_MAIL) } } @@ -405,8 +401,8 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { .map { (role, shouldThrow) -> DynamicTest.dynamicTest("Test RBAC updateOrganizationAccessControl : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = @@ -427,7 +423,7 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { } @TestFactory - fun `test RBAC getOrganizationSecurityUsers`() = + fun `test RBAC listOrganizationSecurityUsers`() = mapOf( ROLE_VIEWER to true, ROLE_EDITOR to false, @@ -437,32 +433,30 @@ class OrganizationServiceRBACTest : CsmRedisTestBase() { ROLE_ADMIN to false, ) .map { (role, shouldThrow) -> - DynamicTest.dynamicTest("Test RBAC getOrganizationSecurityUsers : $role") { + DynamicTest.dynamicTest("Test RBAC listOrganizationSecurityUsers : $role") { val organization = - organizationApiService.registerOrganization( - mockOrganizationWithRole(TEST_USER_MAIL, role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(TEST_USER_MAIL, role)) if (shouldThrow) { val exception = assertThrows { - organizationApiService.getOrganizationSecurityUsers(organization.id!!) + organizationApiService.listOrganizationSecurityUsers(organization.id!!) } assertEquals( "RBAC ${organization.id!!} - User does not have permission $PERMISSION_READ_SECURITY", exception.message) } else { assertDoesNotThrow { - organizationApiService.getOrganizationSecurityUsers(organization.id!!) + organizationApiService.listOrganizationSecurityUsers(organization.id!!) } } } } - fun mockOrganizationWithRole(id: String, role: String): Organization { - return Organization( - id = UUID.randomUUID().toString(), + fun makeOrganizationCreateRequest(id: String, role: String): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization Name", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/organization/src/main/kotlin/com/cosmotech/organization/service/OrganizationServiceImpl.kt b/organization/src/main/kotlin/com/cosmotech/organization/service/OrganizationServiceImpl.kt index 9d84e3b7d..ab8ec78f4 100644 --- a/organization/src/main/kotlin/com/cosmotech/organization/service/OrganizationServiceImpl.kt +++ b/organization/src/main/kotlin/com/cosmotech/organization/service/OrganizationServiceImpl.kt @@ -17,7 +17,6 @@ import com.cosmotech.api.rbac.getAllRolesDefinition import com.cosmotech.api.rbac.getCommonRolesDefinition import com.cosmotech.api.rbac.model.RbacAccessControl import com.cosmotech.api.rbac.model.RbacSecurity -import com.cosmotech.api.utils.changed import com.cosmotech.api.utils.constructPageRequest import com.cosmotech.api.utils.findAllPaginated import com.cosmotech.api.utils.getCurrentAccountIdentifier @@ -26,8 +25,10 @@ import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.ComponentRolePermissions import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationRole import com.cosmotech.organization.domain.OrganizationSecurity +import com.cosmotech.organization.domain.OrganizationUpdateRequest import com.cosmotech.organization.repository.OrganizationRepository import org.springframework.data.repository.findByIdOrNull import org.springframework.stereotype.Service @@ -40,7 +41,7 @@ class OrganizationServiceImpl( private val organizationRepository: OrganizationRepository ) : CsmPhoenixService(), OrganizationApiServiceInterface { - override fun findAllOrganizations(page: Int?, size: Int?): List { + override fun listOrganizations(page: Int?, size: Int?): List { val defaultPageSize = csmPlatformProperties.twincache.organization.defaultPageSize val pageable = constructPageRequest(page, size, defaultPageSize) val isAdmin = csmAdmin.verifyCurrentRolesAdmin() @@ -71,27 +72,31 @@ class OrganizationServiceImpl( return result } - override fun findOrganizationById(organizationId: String): Organization { + override fun getOrganization(organizationId: String): Organization { return updateSecurityVisibility(getVerifiedOrganization(organizationId, PERMISSION_READ)) } - override fun registerOrganization(organization: Organization): Organization { - logger.trace("Registering organization: {}", organization) + override fun createOrganization( + organizationCreateRequest: OrganizationCreateRequest + ): Organization { + logger.trace("Registering organization: {}", organizationCreateRequest) - if (organization.name.isNullOrBlank()) { + if (organizationCreateRequest.name.isBlank()) { throw IllegalArgumentException("Organization name must not be null or blank") } val createdOrganization = - organization.copy( + Organization( id = idGenerator.generate("organization"), - ownerId = getCurrentAuthenticatedUserName(csmPlatformProperties)) - createdOrganization.setRbac(csmRbac.initSecurity(organization.getRbac())) + name = organizationCreateRequest.name, + ownerId = getCurrentAuthenticatedUserName(csmPlatformProperties), + security = organizationCreateRequest.security) + createdOrganization.setRbac(csmRbac.initSecurity(createdOrganization.getRbac())) return organizationRepository.save(createdOrganization) } - override fun unregisterOrganization(organizationId: String) { + override fun deleteOrganization(organizationId: String) { val organization = getVerifiedOrganization(organizationId, PERMISSION_DELETE) organizationRepository.delete(organization) this.eventPublisher.publishEvent(OrganizationUnregistered(this, organizationId)) @@ -99,22 +104,17 @@ class OrganizationServiceImpl( override fun updateOrganization( organizationId: String, - organization: Organization + organizationUpdateRequest: OrganizationUpdateRequest ): Organization { val existingOrganization = getVerifiedOrganization(organizationId, PERMISSION_WRITE) var hasChanged = false - if (organization.name != null && organization.changed(existingOrganization) { name }) { - existingOrganization.name = organization.name + if (organizationUpdateRequest.name != null && + organizationUpdateRequest.name != existingOrganization.name) { + existingOrganization.name = organizationUpdateRequest.name!! hasChanged = true } - if (organization.security != existingOrganization.security) { - logger.warn( - "Security modification has not been applied to organization $organizationId," + - " please refer to the appropriate security endpoints to perform this maneuver") - } - return if (hasChanged) { organizationRepository.save(existingOrganization) } else { @@ -122,7 +122,7 @@ class OrganizationServiceImpl( } } - override fun getAllPermissions(): List { + override fun listPermissions(): List { return getAllRolesDefinition().mapNotNull { ComponentRolePermissions(it.key, it.value) } } @@ -133,11 +133,13 @@ class OrganizationServiceImpl( override fun getOrganizationSecurity(organizationId: String): OrganizationSecurity { val organization = getVerifiedOrganization(organizationId, PERMISSION_READ_SECURITY) - return organization.security - ?: throw CsmResourceNotFoundException("RBAC not defined for ${organization.id}") + val security = + organization.security + ?: throw CsmResourceNotFoundException("RBAC not defined for ${organization.id}") + return security } - override fun setOrganizationDefaultSecurity( + override fun updateOrganizationDefaultSecurity( organizationId: String, organizationRole: OrganizationRole ): OrganizationSecurity { @@ -145,7 +147,7 @@ class OrganizationServiceImpl( val rbacSecurity = csmRbac.setDefault(organization.getRbac(), organizationRole.role) organization.setRbac(rbacSecurity) organizationRepository.save(organization) - return organization.security as OrganizationSecurity + return organization.security!! } override fun getOrganizationAccessControl( @@ -154,16 +156,16 @@ class OrganizationServiceImpl( ): OrganizationAccessControl { val organization = getVerifiedOrganization(organizationId, PERMISSION_READ_SECURITY) val rbacAccessControl = csmRbac.getAccessControl(organization.getRbac(), identityId) - return OrganizationAccessControl(rbacAccessControl.id, rbacAccessControl.role) + return OrganizationAccessControl(id = rbacAccessControl.id, role = rbacAccessControl.role) } - override fun addOrganizationAccessControl( + override fun createOrganizationAccessControl( organizationId: String, organizationAccessControl: OrganizationAccessControl ): OrganizationAccessControl { val organization = getVerifiedOrganization(organizationId, PERMISSION_WRITE_SECURITY) - val users = getOrganizationSecurityUsers(organizationId) + val users = listOrganizationSecurityUsers(organizationId) if (users.contains(organizationAccessControl.id)) { throw IllegalArgumentException("User is already in this Organization security") } @@ -175,7 +177,7 @@ class OrganizationServiceImpl( organizationRepository.save(organization) val rbacAccessControl = csmRbac.getAccessControl(organization.getRbac(), organizationAccessControl.id) - return OrganizationAccessControl(rbacAccessControl.id, rbacAccessControl.role) + return OrganizationAccessControl(id = rbacAccessControl.id, role = rbacAccessControl.role) } override fun updateOrganizationAccessControl( @@ -193,17 +195,17 @@ class OrganizationServiceImpl( organization.setRbac(rbacSecurity) organizationRepository.save(organization) val rbacAccessControl = csmRbac.getAccessControl(organization.getRbac(), identityId) - return OrganizationAccessControl(rbacAccessControl.id, rbacAccessControl.role) + return OrganizationAccessControl(id = rbacAccessControl.id, role = rbacAccessControl.role) } - override fun removeOrganizationAccessControl(organizationId: String, identityId: String) { + override fun deleteOrganizationAccessControl(organizationId: String, identityId: String) { val organization = getVerifiedOrganization(organizationId, PERMISSION_WRITE_SECURITY) val rbacSecurity = csmRbac.removeUser(organization.getRbac(), identityId) organization.setRbac(rbacSecurity) organizationRepository.save(organization) } - override fun getOrganizationSecurityUsers(organizationId: String): List { + override fun listOrganizationSecurityUsers(organizationId: String): List { val organization = getVerifiedOrganization(organizationId, PERMISSION_READ_SECURITY) return csmRbac.getUsers(organization.getRbac()) } @@ -231,7 +233,8 @@ class OrganizationServiceImpl( fun updateSecurityVisibility(organization: Organization): Organization { if (csmRbac.check(organization.getRbac(), PERMISSION_READ_SECURITY).not()) { val username = getCurrentAccountIdentifier(csmPlatformProperties) - val retrievedAC = organization.security!!.accessControlList.firstOrNull { it.id == username } + val retrievedAC = + organization.security!!.accessControlList!!.firstOrNull { it.id == username } return if (retrievedAC != null) { organization.copy( security = diff --git a/organization/src/main/openapi/organization.yaml b/organization/src/main/openapi/organization.yaml index c312e008d..9ebd5f5d4 100644 --- a/organization/src/main/openapi/organization.yaml +++ b/organization/src/main/openapi/organization.yaml @@ -14,17 +14,17 @@ tags: paths: /organizations: post: - operationId: registerOrganization + operationId: createOrganization tags: - organization - summary: Register a new organization + summary: Create a new organization requestBody: - description: the Organization to register + description: the Organization to create required: true content: application/json: schema: - $ref: '#/components/schemas/Organization' + $ref: '#/components/schemas/OrganizationCreateRequest' examples: NewOrganizationIn: $ref: '#/components/examples/NewOrganizationIn' @@ -48,7 +48,7 @@ paths: "400": description: Bad request get: - operationId: findAllOrganizations + operationId: listOrganizations parameters: - name: page in: query @@ -87,7 +87,7 @@ paths: schema: type: string get: - operationId: findOrganizationById + operationId: getOrganization tags: - organization summary: Get the details of an Organization @@ -114,7 +114,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Organization' + $ref: '#/components/schemas/OrganizationUpdateRequest' examples: ChangeName: summary: Change Name of Organization @@ -146,10 +146,10 @@ paths: "404": description: the Organization specified is unknown or you don't have access to it delete: - operationId: unregisterOrganization + operationId: deleteOrganization tags: - organization - summary: Unregister an organization + summary: Delete an organization responses: "204": description: Request succeeded @@ -158,7 +158,7 @@ paths: /organizations/permissions: get: - operationId: getAllPermissions + operationId: listPermissions tags: - organization summary: Get all permissions per components @@ -175,7 +175,6 @@ paths: permissions: $ref: '#/components/examples/Permissions' - /organizations/{organization_id}/permissions/{role}: parameters: - name: organization_id @@ -244,10 +243,10 @@ paths: schema: type: string post: - operationId: setOrganizationDefaultSecurity + operationId: updateOrganizationDefaultSecurity tags: - organization - summary: Set the Organization default security + summary: Update the Organization default security requestBody: description: This change the organization default security. The default security is the role assigned to any person not on the Access Control List. @@ -289,7 +288,7 @@ paths: schema: type: string post: - operationId: addOrganizationAccessControl + operationId: createOrganizationAccessControl tags: - organization summary: Add a control access to the Organization @@ -382,7 +381,7 @@ paths: "404": description: The Organization specified is unknown or you don't have access to it delete: - operationId: removeOrganizationAccessControl + operationId: deleteOrganizationAccessControl tags: - organization summary: Remove the specified access from the given Organization @@ -401,7 +400,7 @@ paths: schema: type: string get: - operationId: getOrganizationSecurityUsers + operationId: listOrganizationSecurityUsers tags: - organization summary: Get the Organization security users list @@ -431,6 +430,7 @@ components: tokenUrl: "https://example.com/token" scopes: {} schemas: + # Base Organization object that includes all information Organization: type: object x-class-extra-annotation: "@com.redis.om.spring.annotations.Document" @@ -454,10 +454,37 @@ components: allOf: - $ref: '#/components/schemas/OrganizationSecurity' # required: +# - id # - name +# - ownerId +# - security + + # CRUD Operation Schemas + OrganizationCreateRequest: + type: object + description: Request object for creating a new organization + properties: + name: + type: string + x-field-extra-annotation: "@com.redis.om.spring.annotations.Searchable" + description: the Organization name + security: + $ref: '#/components/schemas/OrganizationSecurity' + required: + - name + + OrganizationUpdateRequest: + type: object + description: Request object for updating an organization + properties: + name: + type: string + description: the Organization name + + # Security Operation Schemas OrganizationSecurity: type: object - description: the Organization security information + description: Response object for organization security information properties: default: type: string @@ -474,7 +501,7 @@ components: - accessControlList OrganizationAccessControl: type: object - description: a Organization access control item + description: Response object for organization access control properties: id: type: string @@ -508,6 +535,7 @@ components: type: array items: type: string + examples: NewOrganizationIn: summary: Create a new organization @@ -544,14 +572,14 @@ components: - id: "bob@mycosmocompany.com" role: "editor" BreweryOrganizationAccessControl: - summary: Set an access control. - description: Set an access control for a user to an organization. + summary: Update an access control. + description: Update an access control for a user to an organization. value: id: "bob@mycompany.com" role: "editor" BreweryOrganizationRole: - summary: Set an Organization Role. - description: Set an role for a user to an organization. + summary: Update an Organization Role. + description: Update an role for a user to an organization. value: role: "editor" CosmoThreeUsers: @@ -668,4 +696,3 @@ components: - validate - write_security - delete - diff --git a/organization/src/test/kotlin/com/cosmotech/organization/service/OrganizationServiceImplTests.kt b/organization/src/test/kotlin/com/cosmotech/organization/service/OrganizationServiceImplTests.kt index 1da3b9921..01eee22b7 100644 --- a/organization/src/test/kotlin/com/cosmotech/organization/service/OrganizationServiceImplTests.kt +++ b/organization/src/test/kotlin/com/cosmotech/organization/service/OrganizationServiceImplTests.kt @@ -24,6 +24,7 @@ import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl import com.cosmotech.organization.domain.OrganizationRole import com.cosmotech.organization.domain.OrganizationSecurity +import com.cosmotech.organization.domain.OrganizationUpdateRequest import com.cosmotech.organization.repository.OrganizationRepository import io.mockk.MockKAnnotations import io.mockk.every @@ -80,7 +81,7 @@ class OrganizationServiceImplTests { val rbacSecurity = RbacSecurity( organization.id, - organization.security!!.default, + organization.security!!.default!!, mutableListOf(RbacAccessControl("ID", ROLE_VIEWER))) val rbacAccessControl = RbacAccessControl(USER_ID, ROLE_ADMIN) every { organizationRepository.findByIdOrNull(any()) } returns organization @@ -168,7 +169,7 @@ class OrganizationServiceImplTests { .map { (role, shouldThrow) -> rbacTest("Test RBAC read: $role", role, shouldThrow) { every { organizationRepository.findByIdOrNull(any()) } returns it - organizationApiService.findOrganizationById(it.id!!) + organizationApiService.getOrganization(it.id!!) } } @@ -185,7 +186,7 @@ class OrganizationServiceImplTests { rbacTest("Test RBAC unregister : $role", role, shouldThrow) { every { organizationRepository.findByIdOrNull(any()) } returns it every { organizationRepository.delete(any()) } returns Unit - organizationApiService.unregisterOrganization(it.id!!) + organizationApiService.deleteOrganization(it.id!!) } } @@ -202,8 +203,7 @@ class OrganizationServiceImplTests { rbacTest("Test RBAC update : $role", role, shouldThrow) { every { organizationRepository.findByIdOrNull(any()) } returns it every { organizationRepository.save(any()) } returns it - organizationApiService.updateOrganization( - it.id!!, makeOrganizationWithRole(it.id!!, "modifiedOrganization", role)) + organizationApiService.updateOrganization(it.id!!, OrganizationUpdateRequest("toto")) } } @@ -236,7 +236,8 @@ class OrganizationServiceImplTests { rbacTest("Test RBAC setOrganizationDefaultSecurity : $role", role, shouldThrow) { every { organizationRepository.findByIdOrNull(any()) } returns it every { organizationRepository.save(any()) } returns it - organizationApiService.setOrganizationDefaultSecurity(it.id!!, OrganizationRole(role)) + organizationApiService.updateOrganizationDefaultSecurity( + it.id!!, OrganizationRole(role)) } } @@ -269,7 +270,7 @@ class OrganizationServiceImplTests { rbacTest("Test RBAC addOrganizationAccessControl : $role", role, shouldThrow) { every { organizationRepository.findByIdOrNull(any()) } returns it every { organizationRepository.save(any()) } returns it - organizationApiService.addOrganizationAccessControl( + organizationApiService.createOrganizationAccessControl( it.id!!, OrganizationAccessControl("id", "viewer")) } } @@ -305,7 +306,7 @@ class OrganizationServiceImplTests { rbacTest("Test RBAC removeOrganizationAccessControl : $role", role, shouldThrow) { every { organizationRepository.findByIdOrNull(any()) } returns it every { organizationRepository.save(any()) } returns it - organizationApiService.removeOrganizationAccessControl(it.id!!, "2$USER_ID") + organizationApiService.deleteOrganizationAccessControl(it.id!!, "2$USER_ID") } } @@ -321,7 +322,7 @@ class OrganizationServiceImplTests { .map { (role, shouldThrow) -> rbacTest("Test RBAC get users with role : $role", role, shouldThrow) { every { organizationRepository.findByIdOrNull(any()) } returns it - organizationApiService.getOrganizationSecurityUsers(it.id!!) + organizationApiService.listOrganizationSecurityUsers(it.id!!) } } @@ -331,7 +332,7 @@ class OrganizationServiceImplTests { shouldThrow: Boolean, testLambda: (organization: Organization) -> Unit ): DynamicTest? { - val organization = makeOrganizationWithRole("id", USER_ID, role) + val organization = makeOrganizationRequestWithRole(USER_ID, role) return DynamicTest.dynamicTest(name) { if (shouldThrow) { assertThrows { testLambda(organization) } @@ -341,27 +342,27 @@ class OrganizationServiceImplTests { } } - fun makeOrganizationWithRole(id: String, name: String, role: String): Organization { + fun makeOrganizationRequestWithRole(name: String, role: String): Organization { return Organization( - id = id, - name = name, - ownerId = name, + id = "o-123456789", + name = "test-orga", + ownerId = USER_ID, security = OrganizationSecurity( default = "none", accessControlList = mutableListOf( OrganizationAccessControl(name, role), - OrganizationAccessControl("2$name", "viewer")))) + OrganizationAccessControl("2$name", "viewer"), + OrganizationAccessControl("admin", ROLE_ADMIN)))) } fun getMockOrganization(): Organization { - val organization = Organization() - organization.id = ORGANIZATION_ID - val organizationSecurity = + val security = OrganizationSecurity( ROLE_VIEWER, mutableListOf(OrganizationAccessControl("ID", ROLE_VIEWER))) - organization.security = organizationSecurity + val organization = + Organization(id = ORGANIZATION_ID, name = "name", ownerId = "ownerId", security = security) return organization } } diff --git a/run/src/integrationTest/kotlin/com/cosmotech/run/service/RunServiceIntegrationTest.kt b/run/src/integrationTest/kotlin/com/cosmotech/run/service/RunServiceIntegrationTest.kt index 8bf921b16..2ce46732b 100644 --- a/run/src/integrationTest/kotlin/com/cosmotech/run/service/RunServiceIntegrationTest.kt +++ b/run/src/integrationTest/kotlin/com/cosmotech/run/service/RunServiceIntegrationTest.kt @@ -20,6 +20,7 @@ import com.cosmotech.dataset.domain.IngestionStatusEnum import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationSecurity import com.cosmotech.run.RunApiServiceInterface import com.cosmotech.run.RunContainerFactory @@ -110,7 +111,7 @@ class RunServiceIntegrationTest : CsmRunTestBase() { lateinit var connector: Connector lateinit var dataset: Dataset lateinit var solution: Solution - lateinit var organization: Organization + lateinit var organization: OrganizationCreateRequest lateinit var workspace: Workspace lateinit var connectorSaved: Connector @@ -140,8 +141,8 @@ class RunServiceIntegrationTest : CsmRunTestBase() { connector = mockConnector("Connector") connectorSaved = connectorApiService.registerConnector(connector) - organization = mockOrganization("Organization") - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest("Organization") + organizationSaved = organizationApiService.createOrganization(organization) dataset = mockDataset(organizationSaved.id!!, "Dataset", connectorSaved) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -222,11 +223,9 @@ class RunServiceIntegrationTest : CsmRunTestBase() { SolutionAccessControl(id = CONNECTED_READER_USER, role = ROLE_ADMIN)))) } - fun mockOrganization(id: String = "organizationId"): Organization { - return Organization( - id = id, + fun makeOrganizationCreateRequest(id: String = "organizationId"): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization Name", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/run/src/main/kotlin/com/cosmotech/run/RunContainerFactory.kt b/run/src/main/kotlin/com/cosmotech/run/RunContainerFactory.kt index cb99acc08..56c85487f 100644 --- a/run/src/main/kotlin/com/cosmotech/run/RunContainerFactory.kt +++ b/run/src/main/kotlin/com/cosmotech/run/RunContainerFactory.kt @@ -103,7 +103,7 @@ class RunContainerFactory( workflowType: String, runId: String ): StartInfo { - val organization = organizationService.findOrganizationById(organizationId) + val organization = organizationService.getOrganization(organizationId) val workspace = workspaceService.findWorkspaceById(organizationId, workspaceId) if (workspace.solution.solutionId == null) throw CsmClientException( diff --git a/run/src/test/kotlin/com/cosmotech/run/ContainerFactoryTests.kt b/run/src/test/kotlin/com/cosmotech/run/ContainerFactoryTests.kt index 709060771..70214882e 100644 --- a/run/src/test/kotlin/com/cosmotech/run/ContainerFactoryTests.kt +++ b/run/src/test/kotlin/com/cosmotech/run/ContainerFactoryTests.kt @@ -4,8 +4,11 @@ package com.cosmotech.run import com.cosmotech.api.config.CsmPlatformProperties import com.cosmotech.api.containerregistry.ContainerRegistryService +import com.cosmotech.api.rbac.ROLE_ADMIN import com.cosmotech.organization.api.OrganizationApiService import com.cosmotech.organization.domain.Organization +import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationSecurity import com.cosmotech.run.domain.ContainerResourceSizeInfo import com.cosmotech.run.domain.ContainerResourceSizing import com.cosmotech.run.domain.RunContainer @@ -270,6 +273,9 @@ class ContainerFactoryTests { return Organization( id = "Organizationid", name = "Organization Test", - ) + ownerId = "ownerId", + security = + OrganizationSecurity( + ROLE_ADMIN, mutableListOf(OrganizationAccessControl("user", ROLE_ADMIN)))) } } diff --git a/runner/src/integrationTest/kotlin/com/cosmotech/runner/service/RunnerServiceIntegrationTest.kt b/runner/src/integrationTest/kotlin/com/cosmotech/runner/service/RunnerServiceIntegrationTest.kt index 89ddb5fe1..3ec611c35 100644 --- a/runner/src/integrationTest/kotlin/com/cosmotech/runner/service/RunnerServiceIntegrationTest.kt +++ b/runner/src/integrationTest/kotlin/com/cosmotech/runner/service/RunnerServiceIntegrationTest.kt @@ -35,6 +35,7 @@ import com.cosmotech.dataset.repository.DatasetRepository import com.cosmotech.organization.api.OrganizationApiService import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationSecurity import com.cosmotech.runner.RunnerApiServiceInterface import com.cosmotech.runner.domain.* @@ -106,7 +107,7 @@ class RunnerServiceIntegrationTest : CsmRedisTestBase() { lateinit var connector: Connector lateinit var dataset: Dataset lateinit var solution: Solution - lateinit var organization: Organization + lateinit var organization: OrganizationCreateRequest lateinit var workspace: Workspace lateinit var runner: Runner lateinit var parentRunner: Runner @@ -158,8 +159,8 @@ class RunnerServiceIntegrationTest : CsmRedisTestBase() { connector = makeConnector("Connector") connectorSaved = connectorApiService.registerConnector(connector) - organization = makeOrganization("Organization") - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest() + organizationSaved = organizationApiService.createOrganization(organization) dataset = makeDataset(organizationSaved.id!!, "Dataset", connectorSaved) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -792,7 +793,7 @@ class RunnerServiceIntegrationTest : CsmRedisTestBase() { @Test fun `access control list shouldn't contain more than one time each user on creation`() { organizationSaved = - organizationApiService.registerOrganization(makeOrganization("organization")) + organizationApiService.createOrganization(makeOrganizationCreateRequest("organization")) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, makeSolution()) workspaceSaved = workspaceApiService.createWorkspace(organizationSaved.id!!, makeWorkspace()) val brokenRunner = @@ -813,7 +814,7 @@ class RunnerServiceIntegrationTest : CsmRedisTestBase() { @Test fun `access control list can't add an existing user`() { organizationSaved = - organizationApiService.registerOrganization(makeOrganization("organization")) + organizationApiService.createOrganization(makeOrganizationCreateRequest("organization")) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, makeSolution()) workspaceSaved = workspaceApiService.createWorkspace(organizationSaved.id!!, makeWorkspace()) val workingRunner = makeRunner() @@ -843,7 +844,7 @@ class RunnerServiceIntegrationTest : CsmRedisTestBase() { @Test fun `access control list can't update a non-existing user`() { organizationSaved = - organizationApiService.registerOrganization(makeOrganization("organization")) + organizationApiService.createOrganization(makeOrganizationCreateRequest("organization")) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, makeSolution()) workspaceSaved = workspaceApiService.createWorkspace(organizationSaved.id!!, makeWorkspace()) val workingRunner = makeRunner() @@ -1044,7 +1045,7 @@ class RunnerServiceIntegrationTest : CsmRedisTestBase() { @Test fun `As a viewer, I can only see my information in security property for listRunners`() { every { getCurrentAccountIdentifier(any()) } returns defaultName - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) materializeTwingraph() solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1132,15 +1133,12 @@ class RunnerServiceIntegrationTest : CsmRedisTestBase() { SolutionAccessControl(id = defaultName, role = ROLE_USER)))) } - fun makeOrganization( - id: String = "id", + fun makeOrganizationCreateRequest( userName: String = defaultName, role: String = ROLE_ADMIN - ): Organization { - return Organization( - id = id, + ): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization Name", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/runner/src/integrationTest/kotlin/com/cosmotech/runner/service/RunnerServiceRBACTest.kt b/runner/src/integrationTest/kotlin/com/cosmotech/runner/service/RunnerServiceRBACTest.kt index 9a2783f30..5cad97d6c 100644 --- a/runner/src/integrationTest/kotlin/com/cosmotech/runner/service/RunnerServiceRBACTest.kt +++ b/runner/src/integrationTest/kotlin/com/cosmotech/runner/service/RunnerServiceRBACTest.kt @@ -35,6 +35,7 @@ import com.cosmotech.dataset.repository.DatasetRepository import com.cosmotech.organization.api.OrganizationApiService import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationSecurity import com.cosmotech.runner.api.RunnerApiService import com.cosmotech.runner.domain.Runner @@ -138,8 +139,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -202,8 +203,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -263,8 +265,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -327,8 +330,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -391,8 +395,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -453,8 +457,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -521,8 +526,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -583,8 +589,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -648,8 +655,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -712,8 +719,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -776,8 +784,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -840,8 +849,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -900,8 +910,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -964,8 +975,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1030,8 +1041,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1096,8 +1108,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1162,8 +1175,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1226,8 +1239,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1298,8 +1312,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1380,8 +1394,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1462,8 +1477,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1544,8 +1560,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1622,8 +1639,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1710,8 +1728,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1775,8 +1793,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1840,8 +1859,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1905,8 +1925,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -1966,8 +1987,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2037,8 +2059,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2101,8 +2123,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2165,8 +2188,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2229,8 +2253,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2289,8 +2314,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2359,8 +2385,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2430,8 +2456,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2501,8 +2528,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2572,8 +2600,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2638,8 +2667,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2714,8 +2744,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2786,8 +2816,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) val organization = - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = @@ -2860,8 +2890,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset( organizationSaved.id!!, connectorSaved, id = "unknown_user@test.com", role = ROLE_NONE) @@ -2922,8 +2952,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -2993,8 +3024,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3060,8 +3092,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3137,8 +3170,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3204,8 +3237,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3271,8 +3305,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3338,8 +3373,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3401,8 +3437,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3474,8 +3511,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3542,8 +3579,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3616,8 +3654,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3684,8 +3723,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3748,8 +3788,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3822,8 +3863,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3900,8 +3941,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -3978,8 +4020,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -4056,8 +4099,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -4130,8 +4174,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -4214,8 +4259,8 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -4279,8 +4324,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, role) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -4344,8 +4390,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -4409,8 +4456,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -4470,8 +4518,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val connector = makeConnector() val connectorSaved = connectorApiService.registerConnector(connector) - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - val organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + val organizationSaved = organizationApiService.createOrganization(organization) val dataset = makeDataset(organizationSaved.id!!, connectorSaved, TEST_USER_MAIL, ROLE_ADMIN) var datasetSaved = datasetApiService.createDataset(organizationSaved.id!!, dataset) @@ -4582,11 +4631,9 @@ class RunnerServiceRBACTest : CsmRedisTestBase() { SolutionAccessControl(id = id, role = role)))) } - fun makeOrganizationWithRole(id: String, role: String): Organization { - return Organization( - id = UUID.randomUUID().toString(), + fun makeOrganizationCreateRequest(id: String, role: String): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization Name", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/runner/src/main/kotlin/com/cosmotech/runner/service/RunnerService.kt b/runner/src/main/kotlin/com/cosmotech/runner/service/RunnerService.kt index de8480b36..fc2aec71c 100644 --- a/runner/src/main/kotlin/com/cosmotech/runner/service/RunnerService.kt +++ b/runner/src/main/kotlin/com/cosmotech/runner/service/RunnerService.kt @@ -79,7 +79,7 @@ class RunnerService( } fun inOrganization(organizationId: String): RunnerService = apply { - this.organization = organizationApiService.findOrganizationById(organizationId) + this.organization = organizationApiService.getOrganization(organizationId) } fun inWorkspace(workspaceId: String): RunnerService = apply { diff --git a/solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceIntegrationTest.kt b/solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceIntegrationTest.kt index 48c85ab1f..4d57aa799 100644 --- a/solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceIntegrationTest.kt +++ b/solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceIntegrationTest.kt @@ -17,6 +17,7 @@ import com.cosmotech.api.utils.getCurrentAuthenticatedUserName import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationSecurity import com.cosmotech.solution.SolutionApiServiceInterface import com.cosmotech.solution.domain.RunTemplate @@ -63,7 +64,7 @@ class SolutionServiceIntegrationTest : CsmRedisTestBase() { @Autowired lateinit var solutionApiService: SolutionApiServiceInterface @Autowired lateinit var csmPlatformProperties: CsmPlatformProperties - lateinit var organization: Organization + lateinit var organization: OrganizationCreateRequest lateinit var solution: Solution lateinit var organizationSaved: Organization @@ -79,8 +80,8 @@ class SolutionServiceIntegrationTest : CsmRedisTestBase() { rediSearchIndexer.createIndexFor(Organization::class.java) rediSearchIndexer.createIndexFor(Solution::class.java) - organization = makeOrganization("Organization test") - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest("Organization test") + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolution(organizationSaved.id!!) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -489,7 +490,7 @@ class SolutionServiceIntegrationTest : CsmRedisTestBase() { @Test fun `access control list shouldn't contain more than one time each user on creation`() { organizationSaved = - organizationApiService.registerOrganization(makeOrganization("organization")) + organizationApiService.createOrganization(makeOrganizationCreateRequest("organization")) val brokenSolution = Solution( name = "solution", @@ -508,7 +509,7 @@ class SolutionServiceIntegrationTest : CsmRedisTestBase() { @Test fun `access control list shouldn't contain more than one time each user on ACL addition`() { organizationSaved = - organizationApiService.registerOrganization(makeOrganization("organization")) + organizationApiService.createOrganization(makeOrganizationCreateRequest("organization")) val workingSolution = makeSolution() solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, workingSolution) @@ -550,11 +551,9 @@ class SolutionServiceIntegrationTest : CsmRedisTestBase() { } } - fun makeOrganization(id: String = "organization_id"): Organization { - return Organization( - id = id, + fun makeOrganizationCreateRequest(id: String = "organization_id"): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization Name", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceRBACTest.kt b/solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceRBACTest.kt index f2521fc42..38f188469 100644 --- a/solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceRBACTest.kt +++ b/solution/src/integrationTest/kotlin/com/cosmotech/solution/service/SolutionServiceRBACTest.kt @@ -23,6 +23,7 @@ import com.cosmotech.api.utils.getCurrentAuthenticatedUserName import com.cosmotech.organization.api.OrganizationApiService import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationSecurity import com.cosmotech.solution.api.SolutionApiService import com.cosmotech.solution.domain.RunTemplate @@ -71,7 +72,7 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { @Autowired lateinit var csmPlatformProperties: CsmPlatformProperties - lateinit var organization: Organization + lateinit var organization: OrganizationCreateRequest lateinit var solution: Solution lateinit var organizationSaved: Organization @@ -105,8 +106,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC findSolutionById : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -142,8 +143,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC findSolutionById : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -179,9 +181,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test RBAC findAllSolutions : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole( - organizationId = "id", id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) solutionApiService.createSolution( organizationSaved.id!!, makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) @@ -216,8 +217,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test RBAC createSolution : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) every { getCurrentAccountIdentifier(any()) } returns TEST_USER_MAIL @@ -252,8 +253,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC deleteSolution : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -288,8 +289,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC deleteSolution : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -325,8 +327,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC updateSolution : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -365,8 +367,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC updateSolution : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -406,8 +408,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC addSolutionAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -448,8 +450,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC addSolutionAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -491,8 +493,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getSolutionAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -529,8 +531,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC getSolutionAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -568,8 +570,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getSolutionSecurityUsers : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -606,8 +608,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC getSolutionSecurityUsers : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -645,8 +647,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC removeSolutionAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -683,8 +685,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC removeSolutionAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -722,8 +724,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC updateSolutionAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -766,8 +768,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC updateSolutionAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -810,8 +812,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC addOrReplaceParameters : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -850,8 +852,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC addOrReplaceParameters : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -891,8 +894,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC removeAllSolutionParameters : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -929,8 +932,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC removeAllSolutionParameters : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -968,8 +972,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC addOrReplaceParameterGroups : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1010,8 +1014,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC addOrReplaceParameterGroups : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1054,8 +1059,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { "Test Organization RBAC removeAllSolutionParameterGroups : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1093,8 +1098,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC removeAllSolutionParameterGroups : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1131,8 +1137,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC addOrReplaceRunTemplates : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1171,8 +1177,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC addOrReplaceRunTemplates : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1212,8 +1219,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC addOrReplaceRunTemplates : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1250,8 +1257,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC addOrReplaceRunTemplates : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1289,8 +1297,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC deleteSolutionRunTemplate : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1327,8 +1335,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC deleteSolutionRunTemplate : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1365,8 +1374,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC updateSolutionRunTemplate : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1405,8 +1414,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC updateSolutionRunTemplate : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(id = TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1445,8 +1455,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getSolutionSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(organizationSaved.id!!, TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1483,8 +1493,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC getSolutionSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(organizationSaved.id!!, TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1522,8 +1533,8 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC setSolutionDefaultSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = role) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(organizationSaved.id!!, TEST_USER_MAIL, role = ROLE_ADMIN) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1561,8 +1572,9 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Solution RBAC setSolutionDefaultSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER - val organization = makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN) - organizationSaved = organizationApiService.registerOrganization(organization) + val organization = + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN) + organizationSaved = organizationApiService.createOrganization(organization) val solution = makeSolutionWithRole(organizationSaved.id!!, TEST_USER_MAIL, role = role) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -1588,15 +1600,12 @@ class SolutionServiceRBACTest : CsmRedisTestBase() { } } - fun makeOrganizationWithRole( - organizationId: String = "organization_id", - id: String, - role: String - ): Organization { - return Organization( - id = organizationId, + fun makeOrganizationCreateRequest( + id: String = TEST_USER_MAIL, + role: String = ROLE_ADMIN + ): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization Name", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/workspace/src/integrationTest/kotlin/com/cosmotech/workspace/service/WorkspaceServiceIntegrationTest.kt b/workspace/src/integrationTest/kotlin/com/cosmotech/workspace/service/WorkspaceServiceIntegrationTest.kt index cbf26c8d0..e1de7005f 100644 --- a/workspace/src/integrationTest/kotlin/com/cosmotech/workspace/service/WorkspaceServiceIntegrationTest.kt +++ b/workspace/src/integrationTest/kotlin/com/cosmotech/workspace/service/WorkspaceServiceIntegrationTest.kt @@ -25,6 +25,7 @@ import com.cosmotech.dataset.domain.DatasetSecurity import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationSecurity import com.cosmotech.solution.api.SolutionApiService import com.cosmotech.solution.domain.Solution @@ -76,7 +77,7 @@ class WorkspaceServiceIntegrationTest : CsmRedisTestBase() { @Autowired lateinit var datasetApiService: DatasetApiService @Autowired lateinit var csmPlatformProperties: CsmPlatformProperties - lateinit var organization: Organization + lateinit var organization: OrganizationCreateRequest lateinit var solution: Solution lateinit var workspace: Workspace lateinit var connector: Connector @@ -101,8 +102,8 @@ class WorkspaceServiceIntegrationTest : CsmRedisTestBase() { rediSearchIndexer.createIndexFor(Connector::class.java) rediSearchIndexer.createIndexFor(Dataset::class.java) - organization = makeOrganization("Organization test") - organizationSaved = organizationApiService.registerOrganization(organization) + organization = makeOrganizationCreateRequest("Organization test") + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolution(organizationSaved.id!!) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) @@ -332,7 +333,7 @@ class WorkspaceServiceIntegrationTest : CsmRedisTestBase() { @Test fun `access control list shouldn't contain more than one time each user on creation`() { organizationSaved = - organizationApiService.registerOrganization(makeOrganization("organization")) + organizationApiService.createOrganization(makeOrganizationCreateRequest("organization")) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, makeSolution()) val brokenWorkspace = Workspace( @@ -354,7 +355,7 @@ class WorkspaceServiceIntegrationTest : CsmRedisTestBase() { @Test fun `access control list shouldn't contain more than one time each user on ACL addition`() { organizationSaved = - organizationApiService.registerOrganization(makeOrganization("organization")) + organizationApiService.createOrganization(makeOrganizationCreateRequest("organization")) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, makeSolution()) val workingWorkspace = makeWorkspace() workspaceSaved = workspaceApiService.createWorkspace(organizationSaved.id!!, workingWorkspace) @@ -442,9 +443,9 @@ class WorkspaceServiceIntegrationTest : CsmRedisTestBase() { fun `As a viewer, I can only see my information in security property for findWorkspaceById`() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_DEFAULT_USER organization = - makeOrganization( + makeOrganizationCreateRequest( id = "Organization test", userName = CONNECTED_DEFAULT_USER, role = ROLE_VIEWER) - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolution(userName = CONNECTED_DEFAULT_USER, role = ROLE_VIEWER) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) dataset = makeDataset() @@ -466,9 +467,9 @@ class WorkspaceServiceIntegrationTest : CsmRedisTestBase() { fun `As a viewer, I can only see my information in security property for findAllWorkspaces`() { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_DEFAULT_USER organization = - makeOrganization( + makeOrganizationCreateRequest( id = "Organization test", userName = CONNECTED_DEFAULT_USER, role = ROLE_VIEWER) - organizationSaved = organizationApiService.registerOrganization(organization) + organizationSaved = organizationApiService.createOrganization(organization) solution = makeSolution(userName = CONNECTED_DEFAULT_USER, role = ROLE_VIEWER) solutionSaved = solutionApiService.createSolution(organizationSaved.id!!, solution) dataset = makeDataset() @@ -487,15 +488,13 @@ class WorkspaceServiceIntegrationTest : CsmRedisTestBase() { } } - fun makeOrganization( + fun makeOrganizationCreateRequest( id: String, userName: String = CONNECTED_ADMIN_USER, role: String = ROLE_ADMIN - ): Organization { - return Organization( - id = UUID.randomUUID().toString(), + ): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization Name", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/workspace/src/integrationTest/kotlin/com/cosmotech/workspace/service/WorkspaceServiceRBACTest.kt b/workspace/src/integrationTest/kotlin/com/cosmotech/workspace/service/WorkspaceServiceRBACTest.kt index 5344a8272..e3bb95a59 100644 --- a/workspace/src/integrationTest/kotlin/com/cosmotech/workspace/service/WorkspaceServiceRBACTest.kt +++ b/workspace/src/integrationTest/kotlin/com/cosmotech/workspace/service/WorkspaceServiceRBACTest.kt @@ -23,6 +23,7 @@ import com.cosmotech.api.utils.getCurrentAuthenticatedUserName import com.cosmotech.organization.OrganizationApiServiceInterface import com.cosmotech.organization.domain.Organization import com.cosmotech.organization.domain.OrganizationAccessControl +import com.cosmotech.organization.domain.OrganizationCreateRequest import com.cosmotech.organization.domain.OrganizationSecurity import com.cosmotech.solution.api.SolutionApiService import com.cosmotech.solution.domain.Solution @@ -113,8 +114,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test RBAC findAllWorkspaces : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -156,8 +157,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test RBAC createWorkspace : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -217,8 +218,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC findWorkspaceById : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -268,8 +269,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC findWorkspaceById : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -313,8 +314,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC deleteWorkspace : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -358,8 +359,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC deleteWorkspace : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -403,8 +404,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC updateWorkspace : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -461,8 +462,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC updateWorkspace : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -519,8 +520,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC findAllWorkspaceFiles : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -565,8 +566,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC findAllWorkspaceFiles : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -611,8 +612,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC uploadWorkspaceFile : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -659,8 +660,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC uploadWorkspaceFile : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -707,8 +708,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC deleteAllWorkspaceFiles : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -753,8 +754,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC deleteAllWorkspaceFiles : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -799,8 +800,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC downloadWorkspaceFile : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -853,8 +854,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC downloadWorkspaceFile : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -907,8 +908,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC deleteWorkspaceFile : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -953,8 +954,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC deleteWorkspaceFile : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -999,8 +1000,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getWorkspacePermissions : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1045,8 +1046,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC getWorkspacePermissions : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1091,8 +1092,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getWorkspaceSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1137,8 +1138,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC getWorkspaceSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1183,8 +1184,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC setWorkspaceDefaultSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1229,8 +1230,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC setWorkspaceDefaultSecurity : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1275,8 +1276,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC addWorkspaceAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1325,8 +1326,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC addWorkspaceAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1375,8 +1376,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getWorkspaceAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1421,8 +1422,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC getWorkspaceAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1467,8 +1468,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC removeWorkspaceAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1513,8 +1514,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC removeWorkspaceAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1559,8 +1560,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC updateWorkspaceAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1611,8 +1612,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC updateWorkspaceAccessControl : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1663,8 +1664,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Organization RBAC getWorkspaceSecurityUsers : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = role)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = role)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1709,8 +1710,8 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { DynamicTest.dynamicTest("Test Workspace RBAC getWorkspaceSecurityUsers : $role") { every { getCurrentAccountIdentifier(any()) } returns CONNECTED_ADMIN_USER val organizationSaved = - organizationApiService.registerOrganization( - makeOrganizationWithRole(id = TEST_USER_MAIL, role = ROLE_ADMIN)) + organizationApiService.createOrganization( + makeOrganizationCreateRequest(id = TEST_USER_MAIL, role = ROLE_ADMIN)) val solutionSaved = solutionApiService.createSolution( organizationSaved.id!!, makeSolution(organizationSaved.id!!)) @@ -1742,11 +1743,9 @@ class WorkspaceServiceRBACTest : CsmRedisTestBase() { } } - fun makeOrganizationWithRole(id: String, role: String): Organization { - return Organization( - id = UUID.randomUUID().toString(), + fun makeOrganizationCreateRequest(id: String, role: String): OrganizationCreateRequest { + return OrganizationCreateRequest( name = "Organization", - ownerId = "my.account-tester@cosmotech.com", security = OrganizationSecurity( default = ROLE_NONE, diff --git a/workspace/src/test/kotlin/com/cosmotech/workspace/service/WorkspaceServiceImplTests.kt b/workspace/src/test/kotlin/com/cosmotech/workspace/service/WorkspaceServiceImplTests.kt index baf78e76c..9fe5972fd 100644 --- a/workspace/src/test/kotlin/com/cosmotech/workspace/service/WorkspaceServiceImplTests.kt +++ b/workspace/src/test/kotlin/com/cosmotech/workspace/service/WorkspaceServiceImplTests.kt @@ -262,10 +262,8 @@ class WorkspaceServiceImplTests { @Test fun `should reject creation request if solution ID is not valid`() { - - val organization = mockOrganization(ORGANIZATION_ID) - organization.security = OrganizationSecurity(ROLE_ADMIN, mutableListOf()) - every { organizationService.findOrganizationById(ORGANIZATION_ID) } returns organization + val organization = mockOrganization() + every { organizationService.getOrganization(ORGANIZATION_ID) } returns organization val workspace = Workspace( key = "my-workspace-key", @@ -597,7 +595,7 @@ class WorkspaceServiceImplTests { shouldThrow: Boolean, testLambda: (ctx: WorkspaceTestContext) -> Unit ): DynamicTest? { - val organization = mockOrganization("o-org-id", CONNECTED_DEFAULT_USER, role) + val organization = mockOrganization(username = CONNECTED_DEFAULT_USER, role = role) val solution = mockSolution(organization.id!!) val workspace = mockWorkspace(organization.id!!, solution.id!!, "Workspace", CONNECTED_DEFAULT_USER, role) @@ -619,21 +617,20 @@ class WorkspaceServiceImplTests { ) fun mockOrganization( - id: String, - roleName: String = CONNECTED_ADMIN_USER, + username: String = CONNECTED_DEFAULT_USER, role: String = ROLE_ADMIN ): Organization { return Organization( - id = id, + id = "organizationId", name = "Organization Name", - ownerId = "my.account-tester@cosmotech.com", + ownerId = "ownerId", security = OrganizationSecurity( default = ROLE_NONE, accessControlList = mutableListOf( - OrganizationAccessControl(id = roleName, role = role), - OrganizationAccessControl("userLambda", "viewer")))) + OrganizationAccessControl(id = username, role = role), + OrganizationAccessControl(CONNECTED_ADMIN_USER, ROLE_ADMIN)))) } fun mockSolution(organizationId: String): Solution {