Skip to content

Commit 6eaf11d

Browse files
bukajsytlosBrutus5000
bukajsytlos
authored and
Brutus5000
committed
"Fix" permissions' issues
1 parent 478997e commit 6eaf11d

File tree

2 files changed

+11
-4
lines changed

2 files changed

+11
-4
lines changed

src/inttest/java/com/faforever/api/data/UserGroupTest.java

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@
88
import org.springframework.test.context.jdbc.Sql;
99
import org.springframework.test.context.jdbc.Sql.ExecutionPhase;
1010

11+
import java.util.Set;
12+
1113
import static com.faforever.api.data.JsonApiMediaType.JSON_API_MEDIA_TYPE;
1214
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
1315
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
@@ -128,7 +130,10 @@ public void cannotCreateUserGroupWithoutRole() throws Exception {
128130
@Test
129131
public void canCreateUserGroupWithScopeAndRole() throws Exception {
130132
mockMvc.perform(post("/data/userGroup")
131-
.with(getOAuthTokenWithActiveUser(OAuthScope._ADMINISTRATIVE_ACTION, GroupPermission.ROLE_WRITE_USER_GROUP))
133+
.with(getOAuthTokenWithActiveUser(
134+
Set.of(OAuthScope._ADMINISTRATIVE_ACTION, OAuthScope._READ_SENSIBLE_USERDATA),
135+
Set.of(GroupPermission.ROLE_WRITE_USER_GROUP, GroupPermission.ROLE_READ_USER_GROUP)
136+
))
132137
.header(HttpHeaders.CONTENT_TYPE, JSON_API_MEDIA_TYPE)
133138
.content(testPost))
134139
.andExpect(status().isCreated());
@@ -155,7 +160,10 @@ public void cannotUpdateUserGroupWithoutRole() throws Exception {
155160
@Test
156161
public void canUpdateUserGroupWithScopeAndRole() throws Exception {
157162
mockMvc.perform(patch("/data/userGroup/3")
158-
.with(getOAuthTokenWithActiveUser(OAuthScope._ADMINISTRATIVE_ACTION, GroupPermission.ROLE_WRITE_USER_GROUP))
163+
.with(getOAuthTokenWithActiveUser(
164+
Set.of(OAuthScope._ADMINISTRATIVE_ACTION, OAuthScope._READ_SENSIBLE_USERDATA),
165+
Set.of(GroupPermission.ROLE_WRITE_USER_GROUP, GroupPermission.ROLE_READ_USER_GROUP)
166+
))
159167
.header(HttpHeaders.CONTENT_TYPE, JSON_API_MEDIA_TYPE)
160168
.content(testPatch))
161169
.andExpect(status().isNoContent());

src/main/java/com/faforever/api/data/domain/UserGroup.java

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -30,8 +30,7 @@
3030
@CreatePermission(expression = WriteUserGroupCheck.EXPRESSION)
3131
@ReadPermission(expression = UserGroupPublicCheck.EXPRESSION + " or " + ReadUserGroupCheck.EXPRESSION)
3232
@Setter
33-
public class
34-
UserGroup extends AbstractEntity<UserGroup> {
33+
public class UserGroup extends AbstractEntity<UserGroup> {
3534

3635
private String technicalName;
3736
private String nameKey;

0 commit comments

Comments
 (0)