diff --git a/Jenkinsfile b/Jenkinsfile
index 7b0bd17782cfa1b7207a65caa83b56b855e77680..c584d3f232d41e0893822b3315041199704d72f4 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -6,7 +6,7 @@ pipeline {
}
environment {
- BLUE_OCEAN_URL = "https://jenkins.ozg-sh.de/job/user-manager/job/${env.BRANCH_NAME}/${env.BUILD_NUMBER}/"
+ BLUE_OCEAN_URL = "https://jenkins.infra.ozg-cloud.systems/job/user-manager/job/${env.BRANCH_NAME}/${env.BUILD_NUMBER}/"
RELEASE_REGEX = /\d+.\d+.\d+/
SNAPSHOT_REGEX = /\d+.\d+.\d+-SNAPSHOT/
FAILED_STAGE = ""
@@ -200,6 +200,44 @@ pipeline {
}
}
}
+
+
+ stage('march build image') {
+ when {
+ branch 'master'
+ }
+ steps {
+ script {
+ FAILED_STAGE=env.STAGE_NAME
+
+ withCredentials([usernamePassword(credentialsId: 'jenkins-nexus-login', usernameVariable: 'USER', passwordVariable: 'PASSWORD')]) {
+ configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
+ sh './mvnw -pl user-manager-server -s $MAVEN_SETTINGS clean verify \
+ -Pnative -Dquarkus.container-image.registry=docker.ozg-sh.de \
+ -Dquarkus.container-image.username=${USER} \
+ -Dquarkus.container-image.password=${PASSWORD} \
+ -Dquarkus.container-image.push=true \
+ -Dquarkus.container-image.build=true \
+ -Dquarkus.native.remote-container-build=true \
+ -Dquarkus.native.additional-build-args=-march=compatibility \
+ -Dmaven.wagon.http.retryHandler.count=3'
+ }
+ }
+ }
+ }
+ }
+
+ stage('march push image') {
+ when {
+ branch 'master'
+ }
+ steps {
+ script {
+ FAILED_STAGE = env.STAGE_NAME
+ tagAndPushDockerImage('march-snapshot-latest')
+ }
+ }
+ }
}
post {
diff --git a/README.md b/README.md
index dcba360207c60e27781161b20b33e153a125ac2e..517e05d28109b9c11493827ce952bd327e7290bf 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# user-manager Project
+# user-manager
This project uses Quarkus, the Supersonic Subatomic Java Framework.
@@ -7,19 +7,19 @@ If you want to learn more about Quarkus, please visit its website: https://quark
## Configuring the application
This properties must be configured to run the application
-| Key | Value | Default | Mandatory | Description |
-| --- | ----- | ------- | --------- | ----------- |
-| quarkus.oidc.auth-server-url | https://sso.dev.by.ozg-cloud.de/realms/sh-kiel-dev | none | yes | Url of the keycloak server with the realm |
-| quarkus.mongodb.connection-string | mongodb://ozg-mongodb:27017 | none | yes | The connection string for the mongo db database |
-| quarkus.mongodb.database | usermanager | usermanager | no | Name of the mongo db database |
-| kop.keycloak.sync.cron | 0 15 2 * * ? | 0 15 2 * * ? | no | Cron statement when the sync is done |
-| kop.keycloak.api.user | apiUser | none | yes | The name of the keycloak admin api user |
-| kop.keycloak.api.password | **** | none | yes | The password of the keycloak admin api user |
-| kop.keycloak.api.realm | realm-name | none | yes | The name of the realm |
-| kop.keycloak.api.organisations-einheit-id-key | organisationseinheitId | organisationseinheitId | no | The key where the organisationsEinheitId of the group is saved |
-| kop.keycloak.api.ldap-id-key | LDAP_ID | LDAP_ID | no | The key to get the keycloak user id from |
-| kop.usermanager.url | http://localhost:8080 | none | yes | The external root url of the usermanager |
-| keycloak.url | https://sso.service | none | yes | The root url of the keycloak service |
+| Key | Value | Default | Mandatory | Description |
+|-----------------------------------------------|----------------------------------------------------|------------------------| --------- |----------------------------------------------------------------|
+| quarkus.oidc.auth-server-url | https://sso.dev.by.ozg-cloud.de/realms/sh-kiel-dev | none | yes | Url of the keycloak server with the realm |
+| quarkus.mongodb.connection-string | mongodb://ozg-mongodb:27017 | none | yes | The connection string for the mongo db database |
+| quarkus.mongodb.database | usermanager | usermanager | no | Name of the mongo db database |
+| kop.keycloak.sync.period | 5m | 6h | no | Period between synchronizations |
+| kop.keycloak.api.user | apiUser | none | yes | The name of the keycloak admin api user |
+| kop.keycloak.api.password | **** | none | yes | The password of the keycloak admin api user |
+| kop.keycloak.api.realm | realm-name | none | yes | The name of the realm |
+| kop.keycloak.api.organisations-einheit-id-key | organisationseinheitId | organisationseinheitId | no | The key where the organisationsEinheitId of the group is saved |
+| kop.keycloak.api.ldap-id-key | LDAP_ID | LDAP_ID | no | The key to get the keycloak user id from |
+| kop.usermanager.url | http://localhost:8080 | none | yes | The external root url of the usermanager |
+| keycloak.url | https://sso.service | none | yes | The root url of the keycloak service |
## Running the application in dev mode
@@ -30,6 +30,27 @@ You can run your application in dev mode that enables live coding using:
> **_NOTE:_** Quarkus now ships with a Dev UI, which is available in dev mode only at http://localhost:8080/q/dev/.
+> If you want to use remote Keycloak for local development, then use the profile remotekc. Be aware,
+> that it deactivates synchronization - if you need it, then you have to create your own realm and
+> set it in properties, like this:
+> ```yaml
+> keycloak:
+> realm: your-realm
+> ozgcloud:
+> usersync:
+> period: "6h"
+> ```
+
+## Running the server with custom realm
+In order to start user-manager-server connecting againts dev keycloak locally with custom realm
+use below configuration in your IDE or CLI.
+```
+-Dquarkus.profile=local,remotekc
+-Dquarkus.oidc.auth-server-url=https://sso.dev.by.ozg-cloud.de/realms/sebo-test
+-Dkop.keycloak.api.realm=sebo-test
+-Dozgcloud.usersync.period="5s"
+```
+
## Packaging and running the application
The application can be packaged using:
@@ -121,7 +142,7 @@ Usermanager als native Anwendung erstellen und lokal starten:
-Dkop.keycloak.api.password=hlc_j1I1Ji0trC0 \
-Dkop.keycloak.api.realm=by-kiel-dev \
-Dkop.keycloak.api.client=alfa \
- -Dkop.keycloak.sync.cron="* */3 * * * ?" \
+ -Dozgcloud.usersync.period="5m" \
-Xmx32m
```
diff --git a/build-native-local-docker-image.sh b/build-native-local-docker-image.sh
new file mode 100755
index 0000000000000000000000000000000000000000..e65bf55cd272e2640ca330ead957529cb9e6572c
--- /dev/null
+++ b/build-native-local-docker-image.sh
@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+export QUARKUS_CONTAINER_IMAGE_NAME=user-manager
+export QUARKUS_CONTAINER_IMAGE_TAG=build-latest
+export QUARKUS_NATIVE_CONTAINER_RUNTIME=docker
+cd user-manager-server
+./mvnw clean install -D skipTests \
+ -Pnative \
+ -Dquarkus.container-image.registry=docker.ozg-sh.de \
+ -Dquarkus.container-image.push=false \
+ -Dquarkus.container-image.build=true \
+ -Dquarkus.native.remote-container-build=false
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index a8c1a4c16b3cdc17e25c68f7267ee73427ad462a..303ed86fe1de7537845b0375f4953fe25138414c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -29,7 +29,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>de.itvsh.kop</groupId>
<artifactId>user-manager</artifactId>
- <version>1.13.0-SNAPSHOT</version>
+ <version>1.14.0-SNAPSHOT</version>
<name>User Manager Parent</name>
<packaging>pom</packaging>
diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index af8cb38b76d848478eda646f4511eb4b661d8e19..c00aeea69396b4d7f79681670f7c5b1560f7d8a6 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -98,8 +98,10 @@ spec:
value: {{ include "app.ssoServerUrl" . }}
- name: KOP_USER_MANAGER_URL
value: {{ include "app.baseUrl" . }}
- - name: KOP_KEYCLOAK_SYNC_CRON
- value: {{ .Values.kop.keycloak.sync.cron }}
+ {{- if ((.Values.ozgcloud).usersync).period }}
+ - name: OZGCLOUD_USERSYNC_PERIOD
+ value: {{ .Values.ozgcloud.usersync.period }}
+ {{- end }}
- name: QUARKUS_HTTP_CORS_ORIGINS
value: {{ (include "app.goofyAddress" .) }}
{{- with (.Values.env).customList }}
diff --git a/src/main/helm/templates/ingress.yaml b/src/main/helm/templates/ingress.yaml
index 6ae1c2e19604c96a8c2716d9e5c80fa3af98c223..68307d45dd3f0f5af11bda1f8f2d4bb05a953d60 100644
--- a/src/main/helm/templates/ingress.yaml
+++ b/src/main/helm/templates/ingress.yaml
@@ -37,8 +37,8 @@ metadata:
name: {{ include "app.name" . }}
namespace: {{ include "app.namespace" . }}
spec:
- {{- if ne (.Values).cluster_env "dataport" }}
- ingressClassName: nginx
+ {{- if and (.Values.ingress).className (ne (.Values).cluster_env "dataport") }}
+ ingressClassName: {{ .Values.ingress.className }}
{{- end }}
rules:
- http:
diff --git a/src/main/helm/values.yaml b/src/main/helm/values.yaml
index fc0f63d4bb1dffd9bab24772e002c3fa0db9a591..78a2d65144db9cc541ea178ca8fc44de0ac4be05 100644
--- a/src/main/helm/values.yaml
+++ b/src/main/helm/values.yaml
@@ -38,8 +38,6 @@ kop:
keycloak:
api:
user: userManagerApiUser
- sync:
- cron: 0 15 1 * * ?
imageCredentials:
registry: docker.ozg-sh.de
diff --git a/src/test/helm/deployment-keycloak-values-test.yaml b/src/test/helm/deployment-keycloak-values-test.yaml
index 3554cc6ee2454279c5c739d8455eafeb5a7731d9..5aabfe98e118fd878089b379c262814c35348fcf 100644
--- a/src/test/helm/deployment-keycloak-values-test.yaml
+++ b/src/test/helm/deployment-keycloak-values-test.yaml
@@ -52,11 +52,6 @@ tests:
content:
name: KOP_KEYCLOAK_API_REALM
value: sh-helm-test
- - contains:
- path: spec.template.spec.containers[0].env
- content:
- name: KOP_KEYCLOAK_SYNC_CRON
- value: 0 15 1 * * ?
- contains:
path: spec.template.spec.containers[0].env
content:
diff --git a/src/test/helm/deployment_env_test.yaml b/src/test/helm/deployment_env_test.yaml
index d179014a732fd8693d1082a9472609e836b6ffa9..34eb94b430f6cc97d4414d142d0f7dd82d9540f0 100644
--- a/src/test/helm/deployment_env_test.yaml
+++ b/src/test/helm/deployment_env_test.yaml
@@ -68,4 +68,20 @@ tests:
path: spec.template.spec.containers[0].env
content:
name: QUARKUS_MONGODB_DATABASE
- value: test-database
\ No newline at end of file
+ value: test-database
+ - it: check user sync period set
+ set:
+ ozgcloud.usersync.period: "6h"
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: OZGCLOUD_USERSYNC_PERIOD
+ value: "6h"
+ - it: check user sync period NOT set
+ asserts:
+ - notContains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: OZGCLOUD_USERSYNC_PERIOD
+ value: "6h"
\ No newline at end of file
diff --git a/src/test/helm/ingress-nginx-tests.yaml b/src/test/helm/ingress-nginx-tests.yaml
index 2e036450f470628c66ac00e9442709ed0521dde4..aaf323163e46b560d7d796028996b0356925058f 100644
--- a/src/test/helm/ingress-nginx-tests.yaml
+++ b/src/test/helm/ingress-nginx-tests.yaml
@@ -29,16 +29,23 @@ release:
templates:
- templates/ingress.yaml
tests:
- - it: should create ingress tls/ingressClass
+ - it: should create ingress tls
asserts:
- - equal:
- path: spec.ingressClassName
- value: nginx
- equal:
path: spec.tls[0].secretName
value: helm-user-manager-tls
-
- - it: should not create ingress tls/ingressClass
+ - it: should not set ingressClassName
+ asserts:
+ - isNull:
+ path: spec.ingressClassName
+ - it: should set ingressClassName
+ set:
+ ingress.className: nginx
+ asserts:
+ - equal:
+ path: spec.ingressClassName
+ value: nginx
+ - it: should not create ingress tls/ingressClassName
set:
cluster_env: dataport
asserts:
diff --git a/user-manager-interface/pom.xml b/user-manager-interface/pom.xml
index 74bb29fe530ac3d576dd65d93484cdfc2c7e66ac..a249d3ea3591c7f6494e042723556e83e3dacb27 100644
--- a/user-manager-interface/pom.xml
+++ b/user-manager-interface/pom.xml
@@ -36,7 +36,7 @@
<groupId>de.itvsh.kop.user</groupId>
<artifactId>user-manager-interface</artifactId>
- <version>1.13.0-SNAPSHOT</version>
+ <version>1.14.0-SNAPSHOT</version>
<name>UserManager Interface</name>
<description>gRPC Interface for User Manager</description>
@@ -45,6 +45,7 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<jandex-maven-plugin-version>1.2.3</jandex-maven-plugin-version>
+ <quarkus.platform.version>3.5.0</quarkus.platform.version>
</properties>
<dependencies>
diff --git a/user-manager-server/pom.xml b/user-manager-server/pom.xml
index 09b5c30128e0f46bcd72ee14e23671c71de90cd7..0f9a4f359f11b80c1be49d1d7c006212601b3e1a 100644
--- a/user-manager-server/pom.xml
+++ b/user-manager-server/pom.xml
@@ -30,13 +30,13 @@
<parent>
<groupId>de.itvsh.kop.common</groupId>
<artifactId>kop-common-dependencies</artifactId>
- <version>1.7.1</version>
+ <version>2.3.1</version>
<relativePath/>
</parent>
<groupId>de.itvsh.kop.user</groupId>
<artifactId>user-manager-server</artifactId>
- <version>1.13.0-SNAPSHOT</version>
+ <version>1.14.0-SNAPSHOT</version>
<name>User Manager</name>
<properties>
@@ -54,8 +54,12 @@
<lombok.version>1.18.24</lombok.version>
- <jakarta.interceptor.version>1.2.5</jakarta.interceptor.version>
- <jakarta.annotatioin.version>1.3.5</jakarta.annotatioin.version>
+ <jakarta.interceptor.version>2.1.0</jakarta.interceptor.version>
+ <jakarta.annotatioin.version>2.1.1</jakarta.annotatioin.version>
+
+ <keycloak-adapter.version>22.0.5</keycloak-adapter.version>
+
+ <quarkus.platform.version>3.5.0</quarkus.platform.version>
</properties>
<dependencyManagement>
@@ -92,6 +96,10 @@
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-slf4j-impl</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context</artifactId>
+ </exclusion>
</exclusions>
</dependency>
@@ -207,11 +215,27 @@
<artifactId>jakarta.interceptor-api</artifactId>
<version>${jakarta.interceptor.version}</version>
</dependency>
+ <dependency>
+ <groupId>jakarta.json</groupId>
+ <artifactId>jakarta.json-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>jakarta.validation</groupId>
+ <artifactId>jakarta.validation-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>jakarta.ws.rs</groupId>
+ <artifactId>jakarta.ws.rs-api</artifactId>
+ </dependency>
<dependency>
<groupId>jakarta.annotation</groupId>
<artifactId>jakarta.annotation-api</artifactId>
<version>${jakarta.annotatioin.version}</version>
</dependency>
+ <dependency>
+ <groupId>jakarta.inject</groupId>
+ <artifactId>jakarta.inject-api</artifactId>
+ </dependency>
<!-- Test -->
<dependency>
@@ -290,11 +314,11 @@
<compilerArgs>
<arg>-parameters</arg>
<compilerArg>
- -Amapstruct.defaultComponentModel=cdi
- </compilerArg>
+ -Amapstruct.defaultComponentModel=jakarta
+ </compilerArg>
<compilerArg>
- -Amapstruct.unmappedTargetPolicy=WARN
- </compilerArg>
+ -Amapstruct.unmappedTargetPolicy=WARN
+ </compilerArg>
</compilerArgs>
</configuration>
</plugin>
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/RoleHierarchy.java b/user-manager-server/src/main/java/de/itvsh/kop/user/RoleHierarchy.java
new file mode 100644
index 0000000000000000000000000000000000000000..73eb833741891a50fbaa94c0ed2f1a8c0b9feae4
--- /dev/null
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/RoleHierarchy.java
@@ -0,0 +1,41 @@
+package de.itvsh.kop.user;
+
+import java.util.ArrayDeque;
+import java.util.Deque;
+import java.util.List;
+import java.util.Objects;
+
+import lombok.Builder;
+import lombok.Getter;
+import lombok.Singular;
+
+@Builder
+@Getter
+class RoleHierarchy {
+
+ private final String roleName;
+
+ @Singular
+ private List<RoleHierarchy> subRoles;
+
+ public List<String> getFlattenedHierarchy(String roleName) {
+ var subRoles = new ArrayDeque<String>();
+ collectSubRoles(this, roleName, subRoles);
+ return subRoles.stream().toList();
+ }
+
+ boolean collectSubRoles(RoleHierarchy role, String roleName, Deque<String> subRoles) {
+ subRoles.addLast(role.getRoleName());
+ if (Objects.equals(role.getRoleName(), roleName)) {
+ return true;
+ }
+ for (var subRole : role.getSubRoles()) {
+ if (collectSubRoles(subRole, roleName, subRoles)) {
+ return true;
+ }
+ }
+ subRoles.removeLast();
+ return false;
+ }
+
+}
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/UserProfileResource.java b/user-manager-server/src/main/java/de/itvsh/kop/user/UserProfileResource.java
index bbc4f108ddbd0091200bcacdea2488b4032ab4c3..29b2ddb262c3cc6e1201f70f0560f6070c941fbe 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/UserProfileResource.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/UserProfileResource.java
@@ -26,13 +26,13 @@ package de.itvsh.kop.user;
import java.util.Optional;
import java.util.stream.Stream;
-import javax.inject.Inject;
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.MediaType;
+import jakarta.inject.Inject;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.QueryParam;
+import jakarta.ws.rs.core.MediaType;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.jboss.resteasy.reactive.common.util.RestMediaType;
@@ -80,7 +80,7 @@ public class UserProfileResource {
Stream<User> users;
if (deleted.isEmpty()) {
users = userService.findUsers(query);
- } else if (deleted.get()) {
+ } else if (deleted.orElse(false)) {
users = userService.findInactiveUsers(query);
} else {
users = userService.findActiveUsers(query);
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/UserProfileResourceAssembler.java b/user-manager-server/src/main/java/de/itvsh/kop/user/UserProfileResourceAssembler.java
index e4329c10bb0ff984a6afc492434c5c60ed24373e..ebfcc495e253932c32d6c05428322aa2b36b382e 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/UserProfileResourceAssembler.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/UserProfileResourceAssembler.java
@@ -25,8 +25,8 @@ package de.itvsh.kop.user;
import java.util.List;
-import javax.enterprise.context.ApplicationScoped;
-import javax.ws.rs.core.Link;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.ws.rs.core.Link;
import de.itvsh.kop.user.settings.UserSettingsResource;
import io.quarkus.hal.HalCollectionWrapper;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/UserRepository.java b/user-manager-server/src/main/java/de/itvsh/kop/user/UserRepository.java
index d0b96122b453c22113426c26127c77a09942bbae..d382098ee5f721d8f112c2e9a18f045a16726dc6 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/UserRepository.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/UserRepository.java
@@ -28,7 +28,7 @@ import static de.itvsh.kop.user.User.*;
import java.util.Optional;
import java.util.stream.Stream;
-import javax.enterprise.context.ApplicationScoped;
+import jakarta.enterprise.context.ApplicationScoped;
import org.bson.types.ObjectId;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/UserResourceMapper.java b/user-manager-server/src/main/java/de/itvsh/kop/user/UserResourceMapper.java
index af43d281a30dbb0a81dd05316d009f40028ad9bd..7a0d8d122152aa093ea6325aa69ed7d74918bd34 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/UserResourceMapper.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/UserResourceMapper.java
@@ -32,7 +32,7 @@ import java.util.Objects;
import java.util.Optional;
import java.util.Set;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.UserResource;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/UserRole.java b/user-manager-server/src/main/java/de/itvsh/kop/user/UserRole.java
index 3dc6a4871c970c0237c59ab830a13403d627f2ce..dc694061ae5053bc74b7546a4e4a7f777da815a0 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/UserRole.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/UserRole.java
@@ -23,6 +23,9 @@
*/
package de.itvsh.kop.user;
+import java.util.Collection;
+import java.util.Collections;
+
import lombok.AccessLevel;
import lombok.NoArgsConstructor;
@@ -32,4 +35,17 @@ public class UserRole {
public static final String EINHEITLICHER_ANSPRECHPARTNER = "EINHEITLICHER_ANSPRECHPARTNER";
public static final String VERWALTUNG_POSTSTELLE = "VERWALTUNG_POSTSTELLE";
public static final String VERWALTUNG_USER = "VERWALTUNG_USER";
+ public static final String VERWALTUNG_LOESCHEN = "VERWALTUNG_LOESCHEN";
+
+ private static final RoleHierarchy HIERARCHY = RoleHierarchy.builder()
+ .roleName(VERWALTUNG_LOESCHEN)
+ .subRole(RoleHierarchy.builder()
+ .roleName(VERWALTUNG_USER)
+ .build())
+ .build();
+
+ public static boolean containsWithinRoleHierarchy(Collection<String> userRoles, String roleName) {
+ return !Collections.disjoint(userRoles, HIERARCHY.getFlattenedHierarchy(roleName));
+ }
+
}
\ No newline at end of file
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/UserService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/UserService.java
index fbe228791cccda65d8d1a814c5dbaffe0de42143..700348fb23f6f1999a920c21c98f47cef9776923 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/UserService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/UserService.java
@@ -26,8 +26,8 @@ package de.itvsh.kop.user;
import java.util.Optional;
import java.util.stream.Stream;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import org.apache.commons.lang3.StringUtils;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/JwtUtil.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/JwtUtil.java
index be7bae09ba093a0616d1eec4dc89d37a7c6ca6c9..10b6fe56ec5019ab1ba88492dad6d988a3776139 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/JwtUtil.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/JwtUtil.java
@@ -28,10 +28,10 @@ import java.util.List;
import java.util.Map;
import java.util.Optional;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
-import javax.json.JsonArray;
-import javax.json.JsonString;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import jakarta.json.JsonArray;
+import jakarta.json.JsonString;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.microprofile.jwt.JsonWebToken;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/TargetTypeProvider.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/TargetTypeProvider.java
index 93a2f92e0bcc35a6c121c4c2aa5390208bbe27ba..bcdc58e497c2d71bc6ac0bec45f6443f3f9b7519 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/TargetTypeProvider.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/TargetTypeProvider.java
@@ -25,7 +25,7 @@ package de.itvsh.kop.user.common;
import java.lang.reflect.Type;
-import javax.enterprise.context.ApplicationScoped;
+import jakarta.enterprise.context.ApplicationScoped;
import org.jboss.resteasy.reactive.server.core.CurrentRequestManager;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/CallContextUser.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/CallContextUser.java
index f6426845a1a04b6fb64571f443b8d0cd348472d7..633efe7bcc4c84dd54596af48dc4b752b8c558e2 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/CallContextUser.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/CallContextUser.java
@@ -26,7 +26,6 @@ package de.itvsh.kop.user.common.callcontext;
import java.io.Serializable;
import java.security.Principal;
import java.util.Collection;
-import java.util.List;
import java.util.Optional;
import lombok.Builder;
@@ -54,7 +53,7 @@ public class CallContextUser implements Serializable, Principal {
@Builder.Default
private final transient boolean authenticated = false;
- private final transient List<String> roles;
+ private final transient Collection<String> roles;
@Override
public String getName() {
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/CurrentCallContextUserService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/CurrentCallContextUserService.java
index 225ab939e1f87965acd3ab66fda7ed8179d60d7f..98b6984de20251ff5b1c83bfc27c843ed66fb4ac 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/CurrentCallContextUserService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/CurrentCallContextUserService.java
@@ -25,7 +25,9 @@ package de.itvsh.kop.user.common.callcontext;
import java.util.Optional;
-import javax.enterprise.context.RequestScoped;
+import jakarta.enterprise.context.RequestScoped;
+
+import de.itvsh.kop.user.UserRole;
@RequestScoped
public class CurrentCallContextUserService {
@@ -41,7 +43,7 @@ public class CurrentCallContextUserService {
}
public boolean hasRole(String userRole) {
- return user.getRoles().contains(userRole);
+ return UserRole.containsWithinRoleHierarchy(user.getRoles(), userRole);
}
public void clearCallContextUser() {
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/GrpcCallContextInterceptor.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/GrpcCallContextInterceptor.java
index 5b027a415c629110c354be0e19c9de5b73b11ee4..9717a5bdbd5aa4c70f97541bab47b131fbb370f9 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/GrpcCallContextInterceptor.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/GrpcCallContextInterceptor.java
@@ -26,8 +26,8 @@ package de.itvsh.kop.user.common.callcontext;
import java.util.Optional;
import java.util.UUID;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import org.apache.logging.log4j.CloseableThreadContext;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/HttpRequestInterceptor.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/HttpRequestInterceptor.java
index 11366a4dc7c922b943317d4121d570b27870d5dc..81e3f3f9c5134e0780fd953a4fff62b5541751b3 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/HttpRequestInterceptor.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/HttpRequestInterceptor.java
@@ -25,10 +25,10 @@ package de.itvsh.kop.user.common.callcontext;
import java.io.IOException;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.ext.Provider;
-import javax.ws.rs.ext.ReaderInterceptor;
-import javax.ws.rs.ext.ReaderInterceptorContext;
+import jakarta.ws.rs.WebApplicationException;
+import jakarta.ws.rs.ext.Provider;
+import jakarta.ws.rs.ext.ReaderInterceptor;
+import jakarta.ws.rs.ext.ReaderInterceptorContext;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.CloseableThreadContext;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/HttpSecurityFilter.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/HttpSecurityFilter.java
index a84743ecc0584e161c40e755b1b80e27357599f6..aabdd9cd38551ef45659c321bbc4870d8d9a868e 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/HttpSecurityFilter.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/callcontext/HttpSecurityFilter.java
@@ -25,11 +25,11 @@ package de.itvsh.kop.user.common.callcontext;
import java.io.IOException;
-import javax.inject.Inject;
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
-import javax.ws.rs.container.PreMatching;
-import javax.ws.rs.ext.Provider;
+import jakarta.inject.Inject;
+import jakarta.ws.rs.container.ContainerRequestContext;
+import jakarta.ws.rs.container.ContainerRequestFilter;
+import jakarta.ws.rs.container.PreMatching;
+import jakarta.ws.rs.ext.Provider;
import de.itvsh.kop.user.common.JwtUtil;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/errorhandling/ApiErrorUtil.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/errorhandling/ApiErrorUtil.java
index dbd6b4cf3bcf3b0fddd03eb3f70c7e0b328d607b..c11c6eb5a14f82bc27ae200fe0bc9756d2b7666c 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/errorhandling/ApiErrorUtil.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/errorhandling/ApiErrorUtil.java
@@ -25,8 +25,8 @@ package de.itvsh.kop.user.common.errorhandling;
import java.util.UUID;
-import javax.enterprise.context.ApplicationScoped;
-import javax.ws.rs.NotFoundException;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.ws.rs.NotFoundException;
import de.itvsh.kop.common.errorhandling.ExceptionUtil;
import lombok.extern.log4j.Log4j2;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/errorhandling/ExceptionHandler.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/errorhandling/ExceptionHandler.java
index 394b30ac3f8de5903fa0a9504826587ff99012d9..9453922c7981a1ce2bf752eda49281172195b0c5 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/errorhandling/ExceptionHandler.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/errorhandling/ExceptionHandler.java
@@ -23,11 +23,11 @@
*/
package de.itvsh.kop.user.common.errorhandling;
-import javax.inject.Inject;
-import javax.ws.rs.NotFoundException;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.Response.Status;
-import javax.ws.rs.core.UriInfo;
+import jakarta.inject.Inject;
+import jakarta.ws.rs.NotFoundException;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
+import jakarta.ws.rs.core.UriInfo;
import org.jboss.resteasy.reactive.server.ServerExceptionMapper;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/lock/LockRepository.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/lock/LockRepository.java
index ea4f6fceedfb0b336356790934d4bb4d9ba3e03e..6ca0b99f57523417607e0e7af5e7cbba385c9c92 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/lock/LockRepository.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/lock/LockRepository.java
@@ -26,7 +26,7 @@ package de.itvsh.kop.user.common.lock;
import java.time.Instant;
import java.util.Optional;
-import javax.enterprise.context.ApplicationScoped;
+import jakarta.enterprise.context.ApplicationScoped;
import de.itvsh.kop.common.logging.KopLogging;
import io.quarkus.mongodb.panache.PanacheMongoRepository;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/common/lock/LockService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/common/lock/LockService.java
index a37b3e433f0b52d56c923abf0cb327f6208c2828..85de568651ff1ca2dfc3495f669473ac53acfa10 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/common/lock/LockService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/common/lock/LockService.java
@@ -26,8 +26,8 @@ package de.itvsh.kop.user.common.lock;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import de.itvsh.kop.common.logging.KopLogging;
import de.itvsh.kop.user.common.errorhandling.LockCreationException;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakApiProperties.java b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakApiProperties.java
index 5bb7e88df733c7878d78ea93aedcb3a83c62bbf4..b480c6c453e5a85e1920f086c8f27fe4ec0b4460 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakApiProperties.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakApiProperties.java
@@ -23,7 +23,7 @@
*/
package de.itvsh.kop.user.keycloak;
-import javax.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotBlank;
import io.smallrye.config.ConfigMapping;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakApiService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakApiService.java
index 3a005b22cd86714c39870f8f58824d96db0576b6..2c36eea90e954f364431b69be2f2761f0eb6e64d 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakApiService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakApiService.java
@@ -29,11 +29,12 @@ import java.util.function.Supplier;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
-import javax.ws.rs.BadRequestException;
-import javax.ws.rs.ClientErrorException;
-import javax.ws.rs.ProcessingException;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import jakarta.ws.rs.BadRequestException;
+import jakarta.ws.rs.ClientErrorException;
+import jakarta.ws.rs.NotFoundException;
+import jakarta.ws.rs.ProcessingException;
import org.apache.commons.lang3.ObjectUtils;
import org.eclipse.microprofile.config.inject.ConfigProperty;
@@ -73,7 +74,11 @@ class KeycloakApiService {
}
Optional<User> findUserById(String id) {
- return Optional.ofNullable(realmResource.users().get(id)).map(mapper::toKopUser);
+ try {
+ return Optional.of(realmResource.users().get(id)).map(mapper::toKopUser);
+ } catch (NotFoundException e) {
+ return Optional.empty();
+ }
}
private RemoteUserIterator createRealmUserIterator() {
@@ -98,13 +103,13 @@ class KeycloakApiService {
var ozgCloudUserIdInKeycloak = userRepresentation.firstAttribute(attributeName);
if (ObjectUtils.notEqual(ozgCloudUserIdInKeycloak, attributeValue)) {
userRepresentation.singleAttribute(attributeName, attributeValue);
- tryUpdateUserResource(userResource,userRepresentation, attributeName);
+ tryUpdateUserResource(userResource, userRepresentation, attributeName);
}
}
- private void tryUpdateUserResource(UserResource userResource, UserRepresentation userRepresentation, String attributeName) {
+ void tryUpdateUserResource(UserResource userResource, UserRepresentation userRepresentation, String attributeName) {
try {
- userResource.update(userRepresentation);
+ userResource.update(new OlderUserRepresentation(userRepresentation));
} catch (BadRequestException e) {
LOG.warn("Could not update user attribute {} in Keycloak.", attributeName, e);
}
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakProvider.java b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakProvider.java
index 4f5a8d84d2cbb61cfbaba1df8bc2e26aca1a634b..5c59bbf5f78be244cfacd88165972025f7db614d 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakProvider.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakProvider.java
@@ -23,8 +23,8 @@
*/
package de.itvsh.kop.user.keycloak;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.keycloak.admin.client.Keycloak;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakUserRemoteService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakUserRemoteService.java
index 9bf0a5a19c07b2e64907edc61b87c2264ac4ec4d..b6c910d2ab167f8c5cfe35b76a9b692e2bf21147 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakUserRemoteService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/KeycloakUserRemoteService.java
@@ -26,8 +26,8 @@ package de.itvsh.kop.user.keycloak;
import java.util.Optional;
import java.util.stream.Stream;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import de.itvsh.kop.common.logging.KopLogging;
import de.itvsh.kop.user.User;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/OlderUserRepresentation.java b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/OlderUserRepresentation.java
new file mode 100644
index 0000000000000000000000000000000000000000..493d84512de5fe974d366a535451079753808237
--- /dev/null
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/keycloak/OlderUserRepresentation.java
@@ -0,0 +1,48 @@
+package de.itvsh.kop.user.keycloak;
+
+import org.keycloak.representations.idm.UserProfileMetadata;
+import org.keycloak.representations.idm.UserRepresentation;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
+/**
+ * This is a user representation which works with currently used Keycloak version 20.0.3 Because of Quarkus upgrade to 3.5.0 the keycloak admin client
+ * was updated to 22.0.5. The reason for that is the new resteasy client based on Jakarata EE 10 (jakarta.ws.rs-api). Keycloak admin client 20 .0.3 is
+ * based on Jersey (javax.ws.rs-api). What we do here is simple ignoring one field added in the newer version of Keycloak in order for entity to be
+ * processable by the older version. Once Keycloak will be upgraded we can remove this class.
+ *
+ * The workaround was discussed with Quarkus team https://github.com/quarkusio/quarkus/discussions/36766
+ */
+class OlderUserRepresentation extends UserRepresentation {
+
+ @JsonIgnore
+ private UserProfileMetadata userProfileMetadata;
+
+ public OlderUserRepresentation(UserRepresentation origin) {
+ setAttributes(origin.getAttributes());
+ setClientRoles(origin.getClientRoles());
+ setEmail(origin.getEmail());
+ setId(origin.getId());
+ setCreatedTimestamp(origin.getCreatedTimestamp());
+ setFirstName(origin.getFirstName());
+ setLastName(origin.getLastName());
+ setUsername(origin.getUsername());
+ setAccess(origin.getAccess());
+ setClientConsents(origin.getClientConsents());
+ setCredentials(origin.getCredentials());
+ setDisableableCredentialTypes(origin.getDisableableCredentialTypes());
+ setEmailVerified(origin.isEmailVerified());
+ setEnabled(origin.isEnabled());
+ setFederatedIdentities(origin.getFederatedIdentities());
+ setFederationLink(origin.getFederationLink());
+ setGroups(origin.getGroups());
+ setNotBefore(origin.getNotBefore());
+ setOrigin(origin.getOrigin());
+ setRealmRoles(origin.getRealmRoles());
+ setRequiredActions(origin.getRequiredActions());
+ setSelf(origin.getSelf());
+ setServiceAccountClientId(origin.getServiceAccountClientId());
+ setSocialLinks(origin.getSocialLinks());
+ setTotp(origin.isEmailVerified());
+ }
+}
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitGrpcService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitGrpcService.java
index 791c010d89bd03ab49f032b3cf0d8313188315a1..430440ae0e900cd07cc6e0761abdb117b6659715 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitGrpcService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitGrpcService.java
@@ -25,7 +25,7 @@ package de.itvsh.kop.user.organisationseinheit;
import java.util.Collection;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import com.google.protobuf.Empty;
@@ -38,7 +38,7 @@ import io.quarkus.grpc.GrpcService;
public class OrganisationsEinheitGrpcService extends OrganisationsEinheitServiceImplBase {
@Inject
- private OrganisationsEinheitService organisationsEinheitService;
+ OrganisationsEinheitService organisationsEinheitService;
@Override
public void getSupportedOrganisationsEinheiten(Empty request, StreamObserver<GrpcGetSupportedOrganisationsEinheitenResponse> responseObserver) {
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitRepository.java b/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitRepository.java
index 8bbe58ac001eb62dce80ad351211c74eb493aea7..5f22d5f5381bd6f62a664e43710069a6c355525b 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitRepository.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitRepository.java
@@ -28,7 +28,7 @@ import static org.apache.commons.collections4.IterableUtils.*;
import java.util.Collection;
-import javax.enterprise.context.ApplicationScoped;
+import jakarta.enterprise.context.ApplicationScoped;
import com.mongodb.client.model.Filters;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitService.java
index bc701b9404b19f2efbb613aab476ea7a12e75e92..f5f77cde964fe326e2e4bf43b2e8df12625b624f 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitService.java
@@ -25,14 +25,14 @@ package de.itvsh.kop.user.organisationseinheit;
import java.util.Collection;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
@ApplicationScoped
class OrganisationsEinheitService {
@Inject
- private OrganisationsEinheitRepository repository;
+ OrganisationsEinheitRepository repository;
public Collection<String> findAllOrganisationsEinheitIds() {
return repository.findAllOrganisationsEinheitIds();
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientGrpcService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientGrpcService.java
index 585511220ac067c02248c7f0246776ef6540770a..16e7f06ea4db5165b88295dc9acd16c45f880425 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientGrpcService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientGrpcService.java
@@ -25,7 +25,7 @@ package de.itvsh.kop.user.recipient;
import java.util.Collection;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import de.itvsh.kop.user.User;
import de.itvsh.kop.user.grpc.recipient.GrpcFindRecipientRequest;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientRepository.java b/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientRepository.java
index dcebbee5daec02dca277310951821a20b29cda5d..70ea06cea9f706ea7a3aa267c6164653fd9bbb9c 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientRepository.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientRepository.java
@@ -4,7 +4,7 @@ import static de.itvsh.kop.user.User.*;
import java.util.List;
-import javax.enterprise.context.ApplicationScoped;
+import jakarta.enterprise.context.ApplicationScoped;
import de.itvsh.kop.common.logging.KopLogging;
import de.itvsh.kop.user.User;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientService.java
index 1f65e76a32008a7bf7030202633f76bce9f23545..8958d2eed1775c19d58e901e5e217fb07cd1b24d 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/recipient/RecipientService.java
@@ -25,8 +25,8 @@ package de.itvsh.kop.user.recipient;
import java.util.List;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import com.cronutils.utils.StringUtils;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsRepository.java b/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsRepository.java
index b90a0114e73a52c2972623900f4d12f71ddb4a84..d3089627adf7bc02f1c91150502e63b4ff5a7221 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsRepository.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsRepository.java
@@ -25,7 +25,7 @@ package de.itvsh.kop.user.settings;
import java.util.Optional;
-import javax.enterprise.context.ApplicationScoped;
+import jakarta.enterprise.context.ApplicationScoped;
import org.bson.types.ObjectId;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsResource.java b/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsResource.java
index 37cd684ddd72926e4e6410c84166827636243c52..2b2f7c60528e00829636d54c2e25a6b0286496c3 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsResource.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsResource.java
@@ -25,13 +25,13 @@ package de.itvsh.kop.user.settings;
import java.util.Objects;
-import javax.inject.Inject;
-import javax.ws.rs.GET;
-import javax.ws.rs.PATCH;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.MediaType;
+import jakarta.inject.Inject;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.PATCH;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.core.MediaType;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.microprofile.config.inject.ConfigProperty;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsResourceAssembler.java b/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsResourceAssembler.java
index e2ec0d3c666c57997780409312b90ac323d8a321..3f3c65285fb7e17083959fe0eaea56c0d5863c88 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsResourceAssembler.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsResourceAssembler.java
@@ -23,9 +23,9 @@
*/
package de.itvsh.kop.user.settings;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
-import javax.ws.rs.core.Link;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import jakarta.ws.rs.core.Link;
import org.apache.commons.lang3.StringUtils;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsService.java
index 986bf650740189eca48e31dbcaa0c69e13c2cb01..d05de31f1bdb193692c89958173eeb4bb64579c7 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/settings/UserSettingsService.java
@@ -26,8 +26,8 @@ package de.itvsh.kop.user.settings;
import java.util.Objects;
import java.util.Optional;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import de.itvsh.kop.user.UserService;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/sync/SyncScheduler.java b/user-manager-server/src/main/java/de/itvsh/kop/user/sync/SyncScheduler.java
index e10e7c78ba24638fcb5b137d96ca5aef27b31665..86d8def9a360dfc89dda56b7b5f0b6f72c753223 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/sync/SyncScheduler.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/sync/SyncScheduler.java
@@ -25,8 +25,8 @@ package de.itvsh.kop.user.sync;
import static io.quarkus.scheduler.Scheduled.ConcurrentExecution.*;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import de.itvsh.kop.user.common.lock.LockService;
import io.quarkus.scheduler.Scheduled;
@@ -41,7 +41,7 @@ public class SyncScheduler {
@Inject
LockService syncLockService;
- @Scheduled(cron = "{kop.keycloak.sync.cron}", concurrentExecution = SKIP)
+ @Scheduled(every = "{ozgcloud.usersync.period}", concurrentExecution = SKIP)
public void start() {
if (syncLockService.isNotLocked()) {
var lock = syncLockService.lockCollection();
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/sync/SyncService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/sync/SyncService.java
index d677c3e046cd4b4063feabec024986f78cb9079a..baed27bbf16404ce167867ea910709527ac476eb 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/sync/SyncService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/sync/SyncService.java
@@ -25,8 +25,8 @@ package de.itvsh.kop.user.sync;
import java.util.function.Predicate;
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import org.apache.commons.collections4.CollectionUtils;
diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/userprofile/UserProfileGrpcService.java b/user-manager-server/src/main/java/de/itvsh/kop/user/userprofile/UserProfileGrpcService.java
index 15f14793a27e3060c8bacd6f36f0064b10f87df8..81106fa820d7d233d79943a79491fdbfa6b19dcd 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/userprofile/UserProfileGrpcService.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/userprofile/UserProfileGrpcService.java
@@ -25,7 +25,7 @@ package de.itvsh.kop.user.userprofile;
import java.util.stream.Stream;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import com.google.protobuf.Empty;
@@ -39,10 +39,10 @@ import io.quarkus.grpc.GrpcService;
public class UserProfileGrpcService extends UserProfileServiceImplBase {
@Inject
- private UserService service;
+ UserService service;
@Inject
- private UserProfileMapper mapper;
+ UserProfileMapper mapper;
@Override
public void getById(GrpcGetUserProfileRequest request, StreamObserver<GrpcGetUserProfileResponse> responseObserver) {
diff --git a/user-manager-server/src/main/resources/application-e2e.yaml b/user-manager-server/src/main/resources/application-e2e.yaml
index 3c0d3eb7e242de49edea66d1c369a1b79bead2c1..5a5bccbd9d5b634f65988a21cf419a1c3b517efc 100644
--- a/user-manager-server/src/main/resources/application-e2e.yaml
+++ b/user-manager-server/src/main/resources/application-e2e.yaml
@@ -13,7 +13,7 @@ quarkus:
"io.quarkus.oidc.runtime.OidcProvider":
level: TRACE
min-level: TRACE
-
+
kop:
keycloak:
api:
@@ -21,8 +21,10 @@ kop:
password: S9UEMuLG9y9ev99
realm: by-e2e-local-dev
client: alfa
- sync:
- cron: disabled
keycloak:
- url: https://sso.dev.by.ozg-cloud.de
\ No newline at end of file
+ url: https://sso.dev.by.ozg-cloud.de
+
+ozgcloud:
+ usersync:
+ period: disabled
\ No newline at end of file
diff --git a/user-manager-server/src/main/resources/application-local.yaml b/user-manager-server/src/main/resources/application-local.yaml
index 7f8084ea2150b33bfc201df66869f6c43940c5af..efa12e0c637280e1085258fe481a3cdbed98f835 100644
--- a/user-manager-server/src/main/resources/application-local.yaml
+++ b/user-manager-server/src/main/resources/application-local.yaml
@@ -7,6 +7,6 @@ quarkus:
json: false
kop:
user-manager:
- url: http://localhost:9091
+ url: http://localhost:9092
keycloak:
- url: http://localhost:8088
\ No newline at end of file
+ url: http://localhost:8088
\ No newline at end of file
diff --git a/user-manager-server/src/main/resources/application-remotekc.yaml b/user-manager-server/src/main/resources/application-remotekc.yaml
index 333b8c5b35b59fbe39f7fbee52b0db54d5dc4b41..368b647bd2ba01778932ac8c7d88c887da0e444b 100644
--- a/user-manager-server/src/main/resources/application-remotekc.yaml
+++ b/user-manager-server/src/main/resources/application-remotekc.yaml
@@ -1,25 +1,28 @@
+keycloak:
+ url: https://sso.dev.by.ozg-cloud.de
+ realm: by-kiel-dev
quarkus:
mongodb:
database: usermanager
oidc:
- auth-server-url: https://sso.dev.by.ozg-cloud.de/realms/by-kiel-dev
+ auth-server-url: ${keycloak.url}/realms/${keycloak.realm}
http:
- port: 9091
+ port: 9092
cors:
~: true
origins: http://localhost:4300
kop:
user-manager:
- url: http://localhost:9091
+ url: http://localhost:9092
keycloak:
- sync:
- cron: "* */10 * * * ?"
api:
user: userManagerApiUser
password: hlc_j1I1Ji0trC0
- realm: by-kiel-dev
+ realm: ${keycloak.realm}
organisations-einheit-id-key: organisationseinheitId
client: alfa
ldap-id-key: LDAP_ID
-keycloak:
- url: https://sso.dev.by.ozg-cloud.de
\ No newline at end of file
+
+ozgcloud:
+ usersync:
+ period: disabled
\ No newline at end of file
diff --git a/user-manager-server/src/main/resources/application.yaml b/user-manager-server/src/main/resources/application.yaml
index 261320fb74bbfba6f6b5780c96a6daec2b8aa325..6efd2f1f6ad34f0e2f2493c9db44e041c37d7f91 100644
--- a/user-manager-server/src/main/resources/application.yaml
+++ b/user-manager-server/src/main/resources/application.yaml
@@ -1,46 +1,48 @@
"%prod":
- quarkus:
- grpc:
- server:
- ssl:
- certificate: /user-manager-tls-certificate/tls.crt
- key: /user-manager-tls-certificate/tls.key
+ quarkus:
+ grpc:
+ server:
+ ssl:
+ certificate: /user-manager-tls-certificate/tls.crt
+ key: /user-manager-tls-certificate/tls.key
quarkus:
- application:
- name: kopusermanager
- http:
- cors:
- ~: true
- auth:
- permission:
- bearer:
- paths: /api/userProfiles/*,/api/user/*
- policy: authenticated
- permit-migration:
- paths: /api/migration/user/*
- policy: permit
- methods: GET
- deny-api:
- paths: /api/*
- policy: deny
- scheduler:
- metrics:
- enabled: true
- log:
- level: INFO
- mongodb:
- database: usermanager
+ application:
+ name: kopusermanager
+ http:
+ cors:
+ ~: true
+ auth:
+ permission:
+ bearer:
+ paths: /api/userProfiles/*,/api/user/*
+ policy: authenticated
+ permit-migration:
+ paths: /api/migration/user/*
+ policy: permit
+ methods: GET
+ deny-api:
+ paths: /api/*
+ policy: deny
+ scheduler:
+ metrics:
+ enabled: true
+ log:
+ level: INFO
+ mongodb:
+ database: usermanager
grpc:
- server:
- enable-reflection-service: true
+ server:
+ enable-reflection-service: true
kop:
- keycloak:
- api:
- ldap-id-key: LDAP_ID
- organisations-einheit-id-key: organisationseinheitId
- user: "-"
- password: "-"
- realm: by-kiel-dev
- client: alfa
- sync:
- cron: "0 5 2 * * ?"
\ No newline at end of file
+ keycloak:
+ api:
+ ldap-id-key: LDAP_ID
+ organisations-einheit-id-key: organisationseinheitId
+ user: "-"
+ password: "-"
+ realm: by-kiel-dev
+ client: alfa
+
+ozgcloud:
+ usersync:
+ period: "6h"
\ No newline at end of file
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/RoleHierarchyTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/RoleHierarchyTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..817276ee3679e4a0c72d29f9890e18ec5f9485a7
--- /dev/null
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/RoleHierarchyTest.java
@@ -0,0 +1,91 @@
+package de.itvsh.kop.user;
+
+import static org.assertj.core.api.Assertions.*;
+import static org.mockito.Mockito.*;
+
+import java.util.ArrayDeque;
+import java.util.Deque;
+
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+import org.mockito.Spy;
+
+class RoleHierarchyTest {
+
+ private final RoleHierarchy subRole = RoleHierarchy.builder().roleName(UserRole.VERWALTUNG_USER).build();
+ @Spy
+ private final RoleHierarchy root = RoleHierarchy.builder()
+ .roleName(UserRole.VERWALTUNG_LOESCHEN)
+ .subRole(subRole)
+ .build();
+
+ @Nested
+ class TestGetFlattenedHierarchy {
+
+ @Test
+ void shouldCollectSubRoles() {
+ root.getFlattenedHierarchy(UserRole.VERWALTUNG_LOESCHEN);
+
+ verify(root).collectSubRoles(eq(root), eq(UserRole.VERWALTUNG_LOESCHEN), any(Deque.class));
+ }
+ }
+
+ @Nested
+ class TestCollectSubRoles {
+
+ private static final String UNKNOWN_ROLE = "unknown";
+
+ private final Deque<String> collectedSubRoles = new ArrayDeque<>();
+
+ @Test
+ void shouldAddLast() {
+ root.collectSubRoles(root, UserRole.VERWALTUNG_LOESCHEN, collectedSubRoles);
+
+ assertThat(collectedSubRoles).containsExactly(UserRole.VERWALTUNG_LOESCHEN);
+ }
+
+ @Test
+ void shouldReturnTrue() {
+ var result = root.collectSubRoles(root, UserRole.VERWALTUNG_LOESCHEN, collectedSubRoles);
+
+ assertThat(result).isTrue();
+ }
+
+ @Test
+ void shouldReturnFalse() {
+ var result = root.collectSubRoles(root, UNKNOWN_ROLE, collectedSubRoles);
+
+ assertThat(result).isFalse();
+ }
+
+ @Test
+ void shouldCollectSubRoles() {
+ root.collectSubRoles(root, UserRole.VERWALTUNG_USER, collectedSubRoles);
+
+ verify(root).collectSubRoles(subRole, UserRole.VERWALTUNG_USER, collectedSubRoles);
+ }
+
+ @Test
+ void shouldReturnTrueOnExistingRole() {
+ var result = root.collectSubRoles(root, UserRole.VERWALTUNG_USER, collectedSubRoles);
+
+ assertThat(result).isTrue();
+ }
+
+ @Test
+ void shouldAddLastSubRole() {
+ root.collectSubRoles(root, UserRole.VERWALTUNG_USER, collectedSubRoles);
+
+ assertThat(collectedSubRoles).containsExactly(UserRole.VERWALTUNG_LOESCHEN, UserRole.VERWALTUNG_USER);
+ }
+
+ @Test
+ void shouldRemoveLast() {
+ root.collectSubRoles(root, UserRole.VERWALTUNG_LOESCHEN, collectedSubRoles);
+
+ assertThat(collectedSubRoles).containsExactly(UserRole.VERWALTUNG_LOESCHEN);
+ }
+
+ }
+
+}
\ No newline at end of file
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/UserProfileResourceITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/UserProfileResourceITCase.java
index 681995a88aba6026d9375666177a89cce0c1a03e..449be2557563ea8477ecfd091dd3c0fc190f2a97 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/UserProfileResourceITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/UserProfileResourceITCase.java
@@ -40,15 +40,15 @@ import org.junit.jupiter.api.Test;
import de.itvsh.kop.user.common.errorhandling.ApiErrorUtil;
import de.itvsh.kop.user.common.errorhandling.ResourceNotFoundException;
import de.itvsh.kop.user.settings.UserSettingsResource;
+import io.quarkus.test.InjectMock;
import io.quarkus.test.junit.QuarkusTest;
import io.quarkus.test.junit.TestProfile;
-import io.quarkus.test.junit.mockito.InjectMock;
@QuarkusTest
@TestProfile(UserProfileResourceTestProfile.class)
class UserProfileResourceITCase {
- private static final String HTTP_LOCALHOST = "http://localhost:9092";
+ private static final String HTTP_LOCALHOST = "http://localhost:9092";
private static final String SEARCH_PATH = UserProfileResource.USERS_PATH + "/?" + UserProfileResource.PARAM_SEARCH_BY + "=";
@InjectMock
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/UserProfileResourceTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/UserProfileResourceTest.java
index 7c18326ace0ad48828b11c54df40d35f8ffe0417..487b12e80cb3be8a94a2eeff5277aae3b5a98001 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/UserProfileResourceTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/UserProfileResourceTest.java
@@ -41,8 +41,6 @@ import org.mockito.Mock;
import com.thedeanda.lorem.LoremIpsum;
-import de.itvsh.kop.user.common.reflection.SaferReflection;
-
class UserProfileResourceTest {
private static final String USER_MANAGER_URL = LoremIpsum.getInstance().getUrl();
@@ -52,16 +50,13 @@ class UserProfileResourceTest {
@Mock
private UserService userService;
+
@Mock
private UserProfileResourceAssembler resourceAssembler;
@BeforeEach
void init() {
- mockUserManagerUrl();
- }
-
- private void mockUserManagerUrl() {
- SaferReflection.setField("userManagerUrl", resource, USER_MANAGER_URL);
+ resource.userManagerUrl = USER_MANAGER_URL;
}
@Nested
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/UserRepositoryITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/UserRepositoryITCase.java
index 0b8ddba96baa53d01f8ae9e68e0d817c1e5d4960..13f17a487de01fa5311d6d2ebc96f01099641228 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/UserRepositoryITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/UserRepositoryITCase.java
@@ -30,7 +30,7 @@ import java.time.Instant;
import java.util.List;
import java.util.stream.Stream;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.bson.types.ObjectId;
import org.junit.jupiter.api.BeforeEach;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/UserResourceStub.java b/user-manager-server/src/test/java/de/itvsh/kop/user/UserResourceStub.java
index 509d8fd418af30bd70cebd4b5c265a4ed5833a84..723b607643a197e211eeba65f7223fa55fe08120 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/UserResourceStub.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/UserResourceStub.java
@@ -26,7 +26,7 @@ package de.itvsh.kop.user;
import java.util.List;
import java.util.Map;
-import javax.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response;
import org.keycloak.admin.client.resource.RoleMappingResource;
import org.keycloak.admin.client.resource.RoleScopeResource;
@@ -44,6 +44,7 @@ import lombok.NoArgsConstructor;
@NoArgsConstructor
class UserResourceStub implements UserResource {
+
private UserRepresentation userRepresentation = UserRepresentationTestFactory.create();
private List<GroupRepresentation> groups = List.of(GroupRepresentationTestFactory.createGroup(UserResourceMapperTest.GROUP_1_PATH));
@@ -60,6 +61,11 @@ class UserResourceStub implements UserResource {
return userRepresentation;
}
+ @Override
+ public UserRepresentation toRepresentation(boolean userProfileMetadata) {
+ return userRepresentation;
+ }
+
@Override
public void update(UserRepresentation userRepresentation) {
// not implemented
@@ -95,6 +101,11 @@ class UserResourceStub implements UserResource {
return groups();
}
+ @Override
+ public List<GroupRepresentation> groups(String search, boolean briefRepresentation) {
+ return groups();
+ }
+
@Override
public List<GroupRepresentation> groups(String search, Integer firstResult, Integer maxResults, boolean briefRepresentation) {
return groups();
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/UserRoleTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/UserRoleTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..b38a8a5bdafeb3e276388dad606785edcf193891
--- /dev/null
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/UserRoleTest.java
@@ -0,0 +1,38 @@
+package de.itvsh.kop.user;
+
+import static org.assertj.core.api.Assertions.*;
+
+import java.util.List;
+
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+
+class UserRoleTest {
+
+ @Nested
+ class TestContainsWithinRoleHierarchy {
+
+ @Test
+ void shouldReturnTrue() {
+ var containsRole = UserRole.containsWithinRoleHierarchy(List.of(UserRole.VERWALTUNG_LOESCHEN), UserRole.VERWALTUNG_USER);
+
+ assertThat(containsRole).isTrue();
+ }
+
+ @Test
+ void shouldReturnFalse() {
+ var containsRole = UserRole.containsWithinRoleHierarchy(List.of(UserRole.VERWALTUNG_USER), UserRole.VERWALTUNG_LOESCHEN);
+
+ assertThat(containsRole).isFalse();
+ }
+
+ @Test
+ void shouldReturnTrueOnSame() {
+ var containsRole = UserRole.containsWithinRoleHierarchy(List.of(UserRole.VERWALTUNG_USER), UserRole.VERWALTUNG_USER);
+
+ assertThat(containsRole).isTrue();
+ }
+
+ }
+
+}
\ No newline at end of file
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/UserServiceITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/UserServiceITCase.java
index d7514fd1e43d5c786d06838472c706daa297809c..7375478b17e8921a6fbca7aae4a93e56f1c062ed 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/UserServiceITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/UserServiceITCase.java
@@ -25,7 +25,7 @@ package de.itvsh.kop.user;
import static org.assertj.core.api.Assertions.*;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/JwtUtilTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/JwtUtilTest.java
index 11675400942724533a39ecbaff68de0a78bc6df7..db2c00701d8915ab340e3d13871e20bf8055729d 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/JwtUtilTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/common/JwtUtilTest.java
@@ -30,8 +30,8 @@ import static org.mockito.Mockito.*;
import java.util.List;
import java.util.Map;
-import javax.json.Json;
-import javax.json.JsonArray;
+import jakarta.json.Json;
+import jakarta.json.JsonArray;
import org.eclipse.microprofile.jwt.JsonWebToken;
import org.junit.jupiter.api.BeforeEach;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/CallContextUserTestFactory.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/CallContextUserTestFactory.java
index f3e93702e91c56153f2c0de7501757a5b775d014..35314f684edff44f61630cc9943172f10f8a7acc 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/CallContextUserTestFactory.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/CallContextUserTestFactory.java
@@ -29,9 +29,6 @@ import com.thedeanda.lorem.LoremIpsum;
public class CallContextUserTestFactory {
- static final String NAME = CallContextMetadataTestFactory.NAME;
- static final String ID = CallContextMetadataTestFactory.ID;
-
private static final String EMAIL = LoremIpsum.getInstance().getEmail();
public static CallContextUser create() {
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/CurrentCallContextUserServiceTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/CurrentCallContextUserServiceTest.java
index e4e9149858abdb8d3a817ff7ff0d1685327fc222..2ac6b2bea3a300647af748462a1a3a382b89a8c6 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/CurrentCallContextUserServiceTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/CurrentCallContextUserServiceTest.java
@@ -24,13 +24,17 @@
package de.itvsh.kop.user.common.callcontext;
import static org.assertj.core.api.Assertions.*;
+import static org.mockito.Mockito.*;
+
+import java.util.List;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import org.mockito.Spy;
-import org.springframework.util.ReflectionUtils;
+
+import de.itvsh.kop.user.UserRole;
class CurrentCallContextUserServiceTest {
@@ -43,14 +47,6 @@ class CurrentCallContextUserServiceTest {
@Nested
class TestClearCallContextUser {
- @BeforeEach
- void init() {
- var userField = ReflectionUtils.findField(CurrentCallContextUserService.class, "user");
- userField.setAccessible(true);
- ReflectionUtils.setField(userField, userService, callContextUser);
- assertThat(userService.getCurrentCallContextUser()).isPresent();
- }
-
@Test
void shouldSetUserToNull() {
userService.clearCallContextUser();
@@ -60,7 +56,7 @@ class CurrentCallContextUserServiceTest {
}
@Nested
- class TestService {
+ class TestGetCurrentCallContextUser {
@BeforeEach
void init() {
@@ -72,4 +68,43 @@ class CurrentCallContextUserServiceTest {
assertThat(userService.getCurrentCallContextUser()).isPresent().get().isEqualTo(callContextUser);
}
}
+
+ @Nested
+ class TestHasRole {
+
+ private final CallContextUser callContextUser = CallContextUserTestFactory.createBuilder()
+ .roles(List.of(UserRole.VERWALTUNG_LOESCHEN))
+ .build();
+
+ @BeforeEach
+ void init() {
+ userService.setCallContextUser(callContextUser);
+ }
+
+ @Test
+ void shouldCheckRoleWithinHierarchy() {
+ try (var mock = mockStatic(UserRole.class)) {
+ mock.when(() -> UserRole.containsWithinRoleHierarchy(callContextUser.getRoles(), UserRole.VERWALTUNG_USER)).thenReturn(true);
+
+ userService.hasRole(UserRole.VERWALTUNG_USER);
+
+ mock.verify(() -> UserRole.containsWithinRoleHierarchy(callContextUser.getRoles(), UserRole.VERWALTUNG_USER));
+ }
+ }
+
+ @Test
+ void shouldReturnTrue() {
+ var hasRole = userService.hasRole(UserRole.VERWALTUNG_USER);
+
+ assertThat(hasRole).isTrue();
+ }
+
+ @Test
+ void shouldReturnFalse() {
+ var hasRole = userService.hasRole("unknown");
+
+ assertThat(hasRole).isFalse();
+ }
+
+ }
}
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/GrpcCallContextInterceptorTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/GrpcCallContextInterceptorTest.java
index b0123cb82a9ba22e84c18f4c422869e88cf6bb38..10c7379cc6d20f8133677cab57ecf7a81dec5c1f 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/GrpcCallContextInterceptorTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/GrpcCallContextInterceptorTest.java
@@ -28,8 +28,6 @@ import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
-import java.util.Optional;
-
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
@@ -37,11 +35,10 @@ import org.junit.jupiter.api.Test;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Spy;
-import org.springframework.util.ReflectionUtils;
import de.itvsh.kop.user.User;
import de.itvsh.kop.user.UserTestFactory;
-import de.itvsh.kop.user.common.callcontext.GrpcCallContextInterceptor.LogContextSettingListener;
+import de.itvsh.kop.user.common.callcontext.GrpcCallContextInterceptor.*;
import de.itvsh.kop.user.common.errorhandling.ResourceNotFoundException;
import io.grpc.Metadata;
import io.grpc.ServerCall;
@@ -289,11 +286,6 @@ class GrpcCallContextInterceptorTest {
@Nested
class TestWithExistingClientName {
- @BeforeEach
- void initListener() {
- setClientName(Optional.of("ClientNameDummy"));
- }
-
@Test
void shouldCallDoSurroundOn() {
listener.onReady();
@@ -306,9 +298,13 @@ class GrpcCallContextInterceptorTest {
@Nested
class TestWithMissingClientName {
+ private LogContextSettingListener<?, ?, ?> listener;
+ private Metadata headers = CallContextMetadataTestFactory.createMetadata();
+
@BeforeEach
void initListener() {
- setClientName(Optional.empty());
+ headers.discardAll(GrpcUtil.createKeyOf(GrpcCallContextInterceptor.KEY_CLIENT_NAME));
+ listener = spy(interceptor.new LogContextSettingListener<>(delegate, originCall, headers));
}
@Test
@@ -326,12 +322,6 @@ class GrpcCallContextInterceptorTest {
verify(listener, never()).doSurroundOn(any());
}
}
-
- private void setClientName(Optional<String> clientName) {
- var field = ReflectionUtils.findField(LogContextSettingListener.class, "clientName");
- field.setAccessible(true);
- ReflectionUtils.setField(field, listener, clientName);
- }
}
}
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/HttpRequestInterceptorTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/HttpRequestInterceptorTest.java
index c81a265dfcdd4cd7a0d4f2a723b31bb3127a41b6..c52e0e9039d7540e3cc3eb46dd0bff692fa0ad9d 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/HttpRequestInterceptorTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/HttpRequestInterceptorTest.java
@@ -29,8 +29,8 @@ import static org.mockito.Mockito.*;
import java.util.List;
import java.util.UUID;
-import javax.ws.rs.core.MultivaluedHashMap;
-import javax.ws.rs.ext.ReaderInterceptorContext;
+import jakarta.ws.rs.core.MultivaluedHashMap;
+import jakarta.ws.rs.ext.ReaderInterceptorContext;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/HttpSecurityFilterTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/HttpSecurityFilterTest.java
index afb1df56af11dccca2924c09cc839f1cbb5c2ae1..3c6898e71c94d7db8b4e0915bbc6e96e595f5856 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/HttpSecurityFilterTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/common/callcontext/HttpSecurityFilterTest.java
@@ -29,7 +29,7 @@ import static org.mockito.Mockito.*;
import java.io.IOException;
-import javax.ws.rs.container.ContainerRequestContext;
+import jakarta.ws.rs.container.ContainerRequestContext;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/errorhandling/ApiErrorUtilTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/errorhandling/ApiErrorUtilTest.java
index 1fdb9bd1e0b85059d3d25caedd03d14ad58b5de9..5d6ecf256749a33e64da5f993a3b3737190fc550 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/errorhandling/ApiErrorUtilTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/common/errorhandling/ApiErrorUtilTest.java
@@ -28,7 +28,7 @@ import static org.mockito.Mockito.*;
import java.util.UUID;
-import javax.ws.rs.NotFoundException;
+import jakarta.ws.rs.NotFoundException;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/errorhandling/ExceptionHandlerTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/errorhandling/ExceptionHandlerTest.java
index 3740e5fadbe4dcf3bc756adb8574cee7fa4b9928..87f36bfb19d040df215d86d5ce1dea82367ff439 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/errorhandling/ExceptionHandlerTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/common/errorhandling/ExceptionHandlerTest.java
@@ -27,8 +27,8 @@ import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
-import javax.ws.rs.NotFoundException;
-import javax.ws.rs.core.UriInfo;
+import jakarta.ws.rs.NotFoundException;
+import jakarta.ws.rs.core.UriInfo;
import org.apache.commons.lang3.StringUtils;
import org.junit.jupiter.api.BeforeEach;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/lock/LockRepositoryITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/lock/LockRepositoryITCase.java
index e7beac94930765c072fc5c9a036df1a234d387d7..37acb819bcfd930d301f49fe1e2a1527ac9e954c 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/lock/LockRepositoryITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/common/lock/LockRepositoryITCase.java
@@ -28,7 +28,7 @@ import static org.assertj.core.api.Assertions.*;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/common/reflection/SaferReflection.java b/user-manager-server/src/test/java/de/itvsh/kop/user/common/reflection/SaferReflection.java
deleted file mode 100644
index f9fb8aeb06c459e191e8c3409a25fcf11d856190..0000000000000000000000000000000000000000
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/common/reflection/SaferReflection.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package de.itvsh.kop.user.common.reflection;
-
-import static java.lang.String.*;
-import static org.junit.jupiter.api.Assertions.*;
-
-import org.springframework.util.ReflectionUtils;
-
-/**
- * Safer in this case means "with error handling".
- */
-public class SaferReflection {
-
- private SaferReflection() {
- // noop
- }
-
- public static <T, V> void setField(String fieldName, T target, V value) {
- var field = ReflectionUtils.findField(target.getClass(), fieldName);
- if (field == null) {
- fail(format(
- "Can't mock because of reflection error. Unknown field: %s. Check in code if the field name in class fits to the string passed"
- + " to reflection call.",
- fieldName));
- }
- field.setAccessible(true);
- ReflectionUtils.setField(field, target, value);
- }
-}
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakApiServiceITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakApiServiceITCase.java
index e6d76f21ab88e617f83fc0c9f655fa5f45922e14..5514fea735b0e72673ad9f89c974903309fee5b5 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakApiServiceITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakApiServiceITCase.java
@@ -25,7 +25,7 @@ package de.itvsh.kop.user.keycloak;
import static org.assertj.core.api.Assertions.*;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.junit.jupiter.api.Test;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakApiServiceTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakApiServiceTest.java
index deb55ce6f6f4e247cd6478b70dce82cd3bba61a1..ffade1d3dfd22e111858ba54929a0e91b679526d 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakApiServiceTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakApiServiceTest.java
@@ -31,9 +31,10 @@ import static org.mockito.Mockito.*;
import java.util.function.Supplier;
import java.util.stream.Stream;
-import javax.ws.rs.BadRequestException;
-import javax.ws.rs.ClientErrorException;
-import javax.ws.rs.ProcessingException;
+import jakarta.ws.rs.BadRequestException;
+import jakarta.ws.rs.ClientErrorException;
+import jakarta.ws.rs.NotFoundException;
+import jakarta.ws.rs.ProcessingException;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
@@ -43,6 +44,8 @@ import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.representations.idm.UserRepresentation;
+import org.mockito.ArgumentCaptor;
+import org.mockito.Captor;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Spy;
@@ -123,6 +126,8 @@ class KeycloakApiServiceTest {
@Test
void shouldCallUsersResource() {
+ when(usersResource.get(anyString())).thenReturn(userResource);
+
service.findUserById(EXTERNAL_ID);
verify(usersResource).get(EXTERNAL_ID);
@@ -140,10 +145,21 @@ class KeycloakApiServiceTest {
@Test
@DisplayName("should not call mapper when user not found")
void shouldNotCallMapper() {
+ when(usersResource.get(anyString())).thenThrow(new NotFoundException());
+
service.findUserById("unknown_user");
verify(userResourceMapper, never()).toKopUser(any());
}
+
+ @Test
+ void shoulReturnEmpty() {
+ when(usersResource.get(USER_ID)).thenThrow(new NotFoundException());
+
+ var user = service.findUserById(USER_ID);
+
+ assertThat(user).isEmpty();
+ }
}
@DisplayName("handling keycloak exception")
@@ -228,7 +244,7 @@ class KeycloakApiServiceTest {
service.updateAttribute(KEYCLOAK_USER_ID, ATTRIBUTE_NAME_USER_ID, ATTRIBUTE_VALUE_USER_ID);
verify(userRepresentation).singleAttribute(ATTRIBUTE_NAME_USER_ID, ATTRIBUTE_VALUE_USER_ID);
- verify(userResource).update(userRepresentation);
+ verify(service).tryUpdateUserResource(userResource, userRepresentation, ATTRIBUTE_NAME_USER_ID);
}
@Test
@@ -238,7 +254,7 @@ class KeycloakApiServiceTest {
service.updateAttribute(KEYCLOAK_USER_ID, ATTRIBUTE_NAME_USER_ID, ATTRIBUTE_VALUE_USER_ID);
verify(userRepresentation).singleAttribute(ATTRIBUTE_NAME_USER_ID, ATTRIBUTE_VALUE_USER_ID);
- verify(userResource).update(userRepresentation);
+ verify(service).tryUpdateUserResource(userResource, userRepresentation, ATTRIBUTE_NAME_USER_ID);
}
@Test
@@ -246,7 +262,7 @@ class KeycloakApiServiceTest {
service.updateAttribute(KEYCLOAK_USER_ID, ATTRIBUTE_NAME_USER_ID, NEW_USER_ID);
verify(userRepresentation).singleAttribute(ATTRIBUTE_NAME_USER_ID, NEW_USER_ID);
- verify(userResource).update(userRepresentation);
+ verify(service).tryUpdateUserResource(userResource, userRepresentation, ATTRIBUTE_NAME_USER_ID);
}
@Test
@@ -254,15 +270,44 @@ class KeycloakApiServiceTest {
service.updateAttribute(KEYCLOAK_USER_ID, ATTRIBUTE_NAME_USER_ID, ATTRIBUTE_VALUE_USER_ID);
verify(userRepresentation, never()).singleAttribute(ATTRIBUTE_NAME_USER_ID, ATTRIBUTE_VALUE_USER_ID);
+ verify(service, never()).tryUpdateUserResource(userResource, userRepresentation, ATTRIBUTE_NAME_USER_ID);
}
@Test
void shouldCatchBadRequestException() {
when(userRepresentation.firstAttribute(ATTRIBUTE_NAME_USER_ID)).thenReturn(NEW_USER_ID);
- doThrow(new BadRequestException("error message")).when(userResource).update(userRepresentation);
+ doThrow(new BadRequestException("error message")).when(userResource).update(any(OlderUserRepresentation.class));
assertThatCode(
() -> service.updateAttribute(KEYCLOAK_USER_ID, ATTRIBUTE_NAME_USER_ID, ATTRIBUTE_VALUE_USER_ID)).doesNotThrowAnyException();
}
}
+
+ @Nested
+ class TestTryUpdateUserResource {
+
+ private static final String ATTRIBUTE_NAME_USER_ID = "userId";
+
+ @Captor
+ private ArgumentCaptor<UserRepresentation> userRepresentationArgumentCaptor;
+
+ @Mock
+ private UserRepresentation userRepresentation;
+
+ @Test
+ void shouldUpdateUserResource() {
+ service.tryUpdateUserResource(userResource, userRepresentation, ATTRIBUTE_NAME_USER_ID);
+
+ verify(userResource).update(any(OlderUserRepresentation.class));
+ }
+
+ @Test
+ void shouldCreateOlderUserRepresentation() {
+ service.tryUpdateUserResource(userResource, UserRepresentationTestFactory.create(), ATTRIBUTE_NAME_USER_ID);
+
+ verify(userResource).update(userRepresentationArgumentCaptor.capture());
+ assertThat(userRepresentationArgumentCaptor.getValue()).usingRecursiveComparison().isEqualTo(UserRepresentationTestFactory.create());
+ }
+
+ }
}
\ No newline at end of file
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakProviderITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakProviderITCase.java
index 19b26b81ea0b7c438b43a240ff57b191e5bc6246..02c286d771c81149cc20dfdb98488f3812b0e171 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakProviderITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakProviderITCase.java
@@ -25,7 +25,7 @@ package de.itvsh.kop.user.keycloak;
import static org.assertj.core.api.Assertions.*;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.junit.jupiter.api.Test;
import org.keycloak.admin.client.resource.RealmResource;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakProviderTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakProviderTest.java
index b12dcbdd5d082eb95c702715ca159fd6f7565a44..38ccbb5913a656b23d9d48f57efb832670967818 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakProviderTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakProviderTest.java
@@ -38,6 +38,7 @@ import org.mockito.Mock;
import lombok.SneakyThrows;
class KeycloakProviderTest {
+
@InjectMocks
KeycloakProvider keycloakProvider;
@Mock
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakUserRemoteServiceITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakUserRemoteServiceITCase.java
index 272a07ef904bb710f3af10f0d5e678c0752fda30..e98d518f0045f95f1865975aa14b3d7ee445943d 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakUserRemoteServiceITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/keycloak/KeycloakUserRemoteServiceITCase.java
@@ -27,8 +27,8 @@ import static org.mockito.Mockito.*;
import org.junit.jupiter.api.Test;
+import io.quarkus.test.InjectMock;
import io.quarkus.test.junit.QuarkusTest;
-import io.quarkus.test.junit.mockito.InjectMock;
import io.quarkus.test.junit.mockito.InjectSpy;
@QuarkusTest
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitRepositoryITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitRepositoryITCase.java
index 4327c216e3645dd8213c9fe9a4a29ccab16322d0..1f1082a1749ce748a8787ad7406b30a6752c22fd 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitRepositoryITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/organisationseinheit/OrganisationsEinheitRepositoryITCase.java
@@ -2,7 +2,7 @@ package de.itvsh.kop.user.organisationseinheit;
import static org.assertj.core.api.Assertions.*;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
@@ -22,10 +22,10 @@ import io.quarkus.test.junit.TestProfile;
class OrganisationsEinheitRepositoryITCase {
@Inject
- private OrganisationsEinheitRepository repository;
+ OrganisationsEinheitRepository repository;
@Inject
- private MongoClient mongoClient;
+ MongoClient mongoClient;
@Nested
@DisplayName("Test finding all Organisationseinheiten IDs")
@@ -53,8 +53,9 @@ class OrganisationsEinheitRepositoryITCase {
var result = repository.findAllOrganisationsEinheitIds();
- assertThat(result).hasSize(1);
- assertThat(result).containsExactlyInAnyOrder(UserTestFactory.ORGANISTATIONSEINHEITEN_ID);
+ assertThat(result)
+ .hasSize(1)
+ .containsExactlyInAnyOrder(UserTestFactory.ORGANISTATIONSEINHEITEN_ID);
}
}
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/recipient/RecipientRepositoryITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/recipient/RecipientRepositoryITCase.java
index 34f8f13b572b828b4de160898f6d9757d72785b8..368f71a48ea68705ae361202e29325a21fe245b4 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/recipient/RecipientRepositoryITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/recipient/RecipientRepositoryITCase.java
@@ -3,7 +3,7 @@ package de.itvsh.kop.user.recipient;
import static de.itvsh.kop.user.settings.NotificationsSendFor.*;
import static org.assertj.core.api.Assertions.*;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsRepositoryITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsRepositoryITCase.java
index 98ba6e05eae2b41b8916532f998e7f8b3a2c56a8..5b7e3a403d2ff4304926ab4089b0a47f4dc32458 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsRepositoryITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsRepositoryITCase.java
@@ -2,7 +2,7 @@ package de.itvsh.kop.user.settings;
import static org.assertj.core.api.Assertions.*;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.bson.types.ObjectId;
import org.junit.jupiter.api.BeforeEach;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsResourceITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsResourceITCase.java
index d0ec6596f715158fd7cd24f413ff6c0723131bf4..43d947736894688be42a0b457b32ef92ea6fb3d2 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsResourceITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsResourceITCase.java
@@ -28,8 +28,8 @@ import static de.itvsh.kop.user.settings.UserSettingsResource.*;
import static io.restassured.RestAssured.*;
import static org.hamcrest.CoreMatchers.*;
-import javax.inject.Inject;
-import javax.ws.rs.core.MediaType;
+import jakarta.inject.Inject;
+import jakarta.ws.rs.core.MediaType;
import org.apache.http.HttpStatus;
import org.eclipse.microprofile.jwt.JsonWebToken;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsResourceTest.java b/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsResourceTest.java
index 7e4cc5d13c96a7b6738346fe85e8ee1423ec87f3..5b9c8c29d5d5e7fb59cbfeef93c0357956e6d636 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsResourceTest.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsResourceTest.java
@@ -30,7 +30,7 @@ import static org.mockito.Mockito.*;
import java.util.Optional;
import java.util.UUID;
-import javax.ws.rs.core.UriInfo;
+import jakarta.ws.rs.core.UriInfo;
import org.bson.types.ObjectId;
import org.eclipse.microprofile.jwt.JsonWebToken;
@@ -41,7 +41,6 @@ import org.junit.jupiter.api.Test;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Spy;
-import org.springframework.util.ReflectionUtils;
import com.thedeanda.lorem.LoremIpsum;
@@ -76,6 +75,11 @@ class UserSettingsResourceTest {
private final String USER_MANAGER_URL = LoremIpsum.getInstance().getUrl();
private final String USER_ID = UUID.randomUUID().toString();
+ @BeforeEach
+ void setUp() {
+ resource.userManagerUrl = USER_MANAGER_URL;
+ }
+
@DisplayName("Get Usersettings")
@Nested
class TestGetUserSettings {
@@ -86,8 +90,6 @@ class UserSettingsResourceTest {
void mockAccess() {
doNothing().when(resource).checkUserAccess(anyString());
when(userSettingsService.getByUserId(anyString())).thenReturn(userSettings);
-
- mockUserManagerUrl();
}
@Test
@@ -167,8 +169,6 @@ class UserSettingsResourceTest {
void mockAccess() {
doNothing().when(resource).checkUserAccess(anyString());
when(userSettingsService.updateByUserId(any(UserSettings.class), anyString())).thenReturn(Optional.of(updatedUserSettings));
-
- mockUserManagerUrl();
}
@Test
@@ -198,12 +198,6 @@ class UserSettingsResourceTest {
}
}
- private void mockUserManagerUrl() {
- var field = ReflectionUtils.findField(UserSettingsResource.class, "userManagerUrl");
- field.setAccessible(true);
- ReflectionUtils.setField(field, resource, USER_MANAGER_URL);
- }
-
@DisplayName("Check User access")
@Nested
class TestCheckUserAccess {
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsServiceITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsServiceITCase.java
index 47114b6455a1ee15b92be7076e9587983c8f1b3a..525c4af5b3259187eaf062a99c205062b0260a68 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsServiceITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/settings/UserSettingsServiceITCase.java
@@ -25,7 +25,7 @@ package de.itvsh.kop.user.settings;
import static org.assertj.core.api.Assertions.*;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/sync/SyncSchedulerITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/sync/SyncSchedulerITCase.java
index 953d9120f03fc5636b02cb84344f62a6f24ce27b..969600a23fc6b42f6453402e710afbae26ff4948 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/sync/SyncSchedulerITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/sync/SyncSchedulerITCase.java
@@ -10,7 +10,7 @@ import java.util.Arrays;
import java.util.Map;
import java.util.stream.Stream;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.bson.Document;
import org.junit.jupiter.api.BeforeEach;
@@ -28,9 +28,9 @@ import de.itvsh.kop.user.UserTestFactory;
import de.itvsh.kop.user.common.MongoDbTestProfile;
import de.itvsh.kop.user.common.lock.Lock;
import de.itvsh.kop.user.keycloak.KeycloakUserRemoteService;
+import io.quarkus.test.InjectMock;
import io.quarkus.test.junit.QuarkusTest;
import io.quarkus.test.junit.TestProfile;
-import io.quarkus.test.junit.mockito.InjectMock;
import io.quarkus.test.junit.mockito.InjectSpy;
@QuarkusTest
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/sync/SyncServiceITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/sync/SyncServiceITCase.java
index 909b45f550134ac338635afa61a0537b1ce66c5a..e1685bd2497fa8b3dbad7890e8a2d0df15fbacee 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/sync/SyncServiceITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/sync/SyncServiceITCase.java
@@ -32,7 +32,7 @@ import java.util.Arrays;
import java.util.List;
import java.util.stream.Stream;
-import javax.inject.Inject;
+import jakarta.inject.Inject;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -46,9 +46,9 @@ import de.itvsh.kop.user.UserService;
import de.itvsh.kop.user.UserTestFactory;
import de.itvsh.kop.user.common.MongoDbTestProfile;
import de.itvsh.kop.user.keycloak.KeycloakUserRemoteService;
+import io.quarkus.test.InjectMock;
import io.quarkus.test.junit.QuarkusTest;
import io.quarkus.test.junit.TestProfile;
-import io.quarkus.test.junit.mockito.InjectMock;
import io.quarkus.test.junit.mockito.InjectSpy;
@QuarkusTest
diff --git a/user-manager-server/src/test/java/de/itvsh/kop/user/userprofile/UserProfileGrpcServiceITCase.java b/user-manager-server/src/test/java/de/itvsh/kop/user/userprofile/UserProfileGrpcServiceITCase.java
index b511232c016fbcaccea195f75bcf2bbbb6fbdefe..972f94a7e80eb3dfa5d0de80ab148012a7cfc368 100644
--- a/user-manager-server/src/test/java/de/itvsh/kop/user/userprofile/UserProfileGrpcServiceITCase.java
+++ b/user-manager-server/src/test/java/de/itvsh/kop/user/userprofile/UserProfileGrpcServiceITCase.java
@@ -16,8 +16,8 @@ import de.itvsh.kop.user.common.callcontext.CallContextInterceptorTestFactory;
import de.itvsh.kop.user.grpc.userprofile.UserProfileServiceGrpc.UserProfileServiceBlockingStub;
import io.grpc.StatusRuntimeException;
import io.quarkus.grpc.GrpcClient;
+import io.quarkus.test.InjectMock;
import io.quarkus.test.junit.QuarkusTest;
-import io.quarkus.test.junit.mockito.InjectMock;
@QuarkusTest
class UserProfileGrpcServiceITCase {
diff --git a/user-manager-server/src/test/resources/application.yml b/user-manager-server/src/test/resources/application.yml
index 59023b08da38b4572c5940bc17759d4f00fc831f..f79dce9046b519b1c9c06b7b847ef069763818da 100644
--- a/user-manager-server/src/test/resources/application.yml
+++ b/user-manager-server/src/test/resources/application.yml
@@ -1,33 +1,35 @@
quarkus:
- keycloak:
- devservices:
- enabled: false
- application:
- name: kopusermanager
- mongodb:
- devservices:
- enabled: false
- database: usermanager
- scheduler:
- metrics:
- enabled: true
- log:
- level: INFO
- oidc:
- auth-server-url: https://sso.dev.ozg-sh.de/realms/sh-kiel-dev
+ keycloak:
+ devservices:
+ enabled: false
+ application:
+ name: kopusermanager
+ mongodb:
+ devservices:
+ enabled: false
+ database: usermanager
+ scheduler:
+ metrics:
+ enabled: true
+ log:
+ level: INFO
+ oidc:
+ auth-server-url: https://sso.dev.by.ozg-cloud.de/realms/by-kiel-dev
kop:
- keycloak:
- sync:
- cron: "0 15 13 * * ?"
- api:
- user: "-"
- password: "-"
- realm: sh-kiel-dev
- organisations-einheit-id-key: organisationseinheitId
- ldap-id-key: LDAP_ID
- client: sh-kiel-dev-goofy
- user-manager:
- url: http://localhost:9092
+ keycloak:
+ api:
+ user: "-"
+ password: "-"
+ realm: by-kiel-dev
+ organisations-einheit-id-key: organisationseinheitId
+ ldap-id-key: LDAP_ID
+ client: sh-kiel-dev-goofy
+ user-manager:
+ url: http://localhost:9092
keycloak:
- url: http://localhost:8088
\ No newline at end of file
+ url: http://localhost:8088
+
+ozgcloud:
+ usersync:
+ period: disabled
\ No newline at end of file