test(infrastructure-services): Add missing authorization tests

oheger-bosch · oheger-bosch · commit 3bc17b17797a · 2025-11-07T10:54:30.000+01:00
852d41b added support for infrastructure services on product level, but no tests were added to check whether the new endpoints require appropriate permissions. Add such tests now. Signed-off-by: Oliver Heger <oliver.heger@bosch.com>
diff --git a/components/infrastructure-services/backend/src/test/kotlin/routes/InfrastructureServicesAuthorizationTest.kt b/components/infrastructure-services/backend/src/test/kotlin/routes/InfrastructureServicesAuthorizationTest.kt
@@ -27,6 +27,7 @@ import io.ktor.client.request.setBody
 import io.ktor.http.HttpStatusCode
 
 import org.eclipse.apoapsis.ortserver.components.authorization.rights.OrganizationRole
+import org.eclipse.apoapsis.ortserver.components.authorization.rights.ProductRole
 import org.eclipse.apoapsis.ortserver.components.authorization.rights.RepositoryRole
 import org.eclipse.apoapsis.ortserver.components.infrastructureservices.InfrastructureServiceService
 import org.eclipse.apoapsis.ortserver.components.infrastructureservices.PatchInfrastructureService
@@ -44,18 +45,25 @@ import org.eclipse.apoapsis.ortserver.shared.ktorutils.AbstractAuthorizationTest
 
 class InfrastructureServicesAuthorizationTest : AbstractAuthorizationTest({
     var orgId = 0L
+    var prodId = 0L
     var repoId = 0L
     lateinit var orgHierarchyId: CompoundHierarchyId
+    lateinit var prodHierarchyId: CompoundHierarchyId
     lateinit var repoHierarchyId: CompoundHierarchyId
     lateinit var infrastructureServiceService: InfrastructureServiceService
 
     beforeEach {
         orgId = dbExtension.fixtures.organization.id
+        prodId = dbExtension.fixtures.product.id
         repoId = dbExtension.fixtures.repository.id
         orgHierarchyId = CompoundHierarchyId.forOrganization(OrganizationId(orgId))
+        prodHierarchyId = CompoundHierarchyId.forProduct(
+            OrganizationId(orgId),
+            ProductId(prodId)
+        )
         repoHierarchyId = CompoundHierarchyId.forRepository(
             OrganizationId(orgId),
-            ProductId(dbExtension.fixtures.product.id),
+            ProductId(prodId),
             RepositoryId(repoId)
         )
 
@@ -150,6 +158,87 @@ class InfrastructureServicesAuthorizationTest : AbstractAuthorizationTest({
         }
     }
 
+    "DeleteProductInfrastructureService" should {
+        "require ProductPermission.WRITE" {
+            requestShouldRequireRole(
+                routes = { infrastructureServicesRoutes(infrastructureServiceService) },
+                role = ProductRole.WRITER,
+                successStatus = HttpStatusCode.NotFound,
+                hierarchyId = prodHierarchyId
+            ) {
+                delete("/products/$prodId/infrastructure-services/name")
+            }
+        }
+    }
+
+    "GetProductInfrastructureService" should {
+        "require ProductPermission.READ" {
+            requestShouldRequireRole(
+                routes = { infrastructureServicesRoutes(infrastructureServiceService) },
+                role = ProductRole.READER,
+                successStatus = HttpStatusCode.NotFound,
+                hierarchyId = prodHierarchyId
+            ) {
+                get("/products/$prodId/infrastructure-services/not-found")
+            }
+        }
+    }
+
+    "GetProductInfrastructureServices" should {
+        "require ProductPermission.READ" {
+            requestShouldRequireRole(
+                routes = { infrastructureServicesRoutes(infrastructureServiceService) },
+                role = ProductRole.READER,
+                hierarchyId = prodHierarchyId
+            ) {
+                get("/products/$prodId/infrastructure-services")
+            }
+        }
+    }
+
+    "PatchProductInfrastructureService" should {
+        "require ProductPermission.WRITE" {
+            requestShouldRequireRole(
+                routes = { infrastructureServicesRoutes(infrastructureServiceService) },
+                role = ProductRole.WRITER,
+                successStatus = HttpStatusCode.NotFound,
+                hierarchyId = prodHierarchyId
+            ) {
+                patch("/products/$prodId/infrastructure-services/name") {
+                    setBody(
+                        PatchInfrastructureService(
+                            description = null.asPresent(),
+                            url = "https://repo2.example.org/test2".asPresent()
+                        )
+                    )
+                }
+            }
+        }
+    }
+
+    "PostProductInfrastructureService" should {
+        "require ProductPermission.WRITE" {
+            requestShouldRequireRole(
+                routes = { infrastructureServicesRoutes(infrastructureServiceService) },
+                role = ProductRole.WRITER,
+                successStatus = HttpStatusCode.InternalServerError,
+                hierarchyId = prodHierarchyId
+            ) {
+                post("/products/$prodId/infrastructure-services") {
+                    setBody(
+                        PostInfrastructureService(
+                            "testRepository",
+                            "https://repo.example.org/test",
+                            "test description",
+                            "userSecret",
+                            "passSecret"
+                        )
+                    )
+                }
+            }
+        }
+    }
+
     "DeleteRepositoryInfrastructureService" should {
         "require RepositoryPermission.WRITE" {
             requestShouldRequireRole(
