From 61de37f0968179f1dfb94f1ce1f3210d9a213c5f Mon Sep 17 00:00:00 2001 From: Chad Elliott Date: Thu, 1 Aug 2024 14:39:17 -0500 Subject: [PATCH 1/4] Added CAN_ADMINISTER_KUDOS and CAN_CREATE_KUDOS permissions and require them for calls in the KudosController. --- .../services/kudos/KudosController.java | 7 ++++-- .../services/permissions/Permission.java | 2 ++ .../resources/db/dev/R__Load_testing_data.sql | 25 +++++++++++++++++++ .../services/fixture/PermissionFixture.java | 10 +++++--- 4 files changed, 39 insertions(+), 5 deletions(-) diff --git a/server/src/main/java/com/objectcomputing/checkins/services/kudos/KudosController.java b/server/src/main/java/com/objectcomputing/checkins/services/kudos/KudosController.java index 23f0632c6..98f32e5c1 100644 --- a/server/src/main/java/com/objectcomputing/checkins/services/kudos/KudosController.java +++ b/server/src/main/java/com/objectcomputing/checkins/services/kudos/KudosController.java @@ -1,5 +1,7 @@ package com.objectcomputing.checkins.services.kudos; +import com.objectcomputing.checkins.services.permissions.Permission; +import com.objectcomputing.checkins.services.permissions.RequiredPermission; import com.objectcomputing.checkins.services.role.RoleType; import io.micronaut.core.annotation.Nullable; import io.micronaut.http.HttpStatus; @@ -35,12 +37,13 @@ public KudosController(KudosServices kudosServices) { @Post @Status(HttpStatus.CREATED) + @RequiredPermission(Permission.CAN_CREATE_KUDOS) public Kudos create(@Body @Valid KudosCreateDTO kudos) { return kudosServices.save(kudos); } @Put - @Secured(RoleType.Constants.ADMIN_ROLE) + @RequiredPermission(Permission.CAN_ADMINISTER_KUDOS) public Kudos approve(@Body @Valid Kudos kudos) { return kudosServices.approve(kudos); } @@ -62,7 +65,7 @@ public List get(@Nullable UUID recipientId, @Nullable UUID sen @Delete("/{id}") @Status(HttpStatus.NO_CONTENT) - @Secured(RoleType.Constants.ADMIN_ROLE) + @RequiredPermission(Permission.CAN_ADMINISTER_KUDOS) public void delete(@NotNull UUID id) { kudosServices.delete(id); } diff --git a/server/src/main/java/com/objectcomputing/checkins/services/permissions/Permission.java b/server/src/main/java/com/objectcomputing/checkins/services/permissions/Permission.java index 38431aaf9..c375d96b9 100644 --- a/server/src/main/java/com/objectcomputing/checkins/services/permissions/Permission.java +++ b/server/src/main/java/com/objectcomputing/checkins/services/permissions/Permission.java @@ -10,6 +10,8 @@ public enum Permission { CAN_VIEW_FEEDBACK_REQUEST("View feedback requests", "Feedback"), CAN_CREATE_FEEDBACK_REQUEST("Create feedback requests", "Feedback"), CAN_DELETE_FEEDBACK_REQUEST("Delete feedback requests", "Feedback"), + CAN_CREATE_KUDOS("Create kudos", "Feedback"), + CAN_ADMINISTER_KUDOS("Administer kudos", "Feedback"), CAN_VIEW_FEEDBACK_ANSWER("View feedback answers", "Feedback"), CAN_DELETE_ORGANIZATION_MEMBERS("Delete organization members", "User Management"), CAN_CREATE_ORGANIZATION_MEMBERS("Create organization members", "User Management"), diff --git a/server/src/main/resources/db/dev/R__Load_testing_data.sql b/server/src/main/resources/db/dev/R__Load_testing_data.sql index b91658e3b..02939b5a0 100644 --- a/server/src/main/resources/db/dev/R__Load_testing_data.sql +++ b/server/src/main/resources/db/dev/R__Load_testing_data.sql @@ -146,6 +146,11 @@ INSERT INTO member_profile -- Tim Yates VALUES ('1c813446-c65a-4f49-b980-0193f7bfff8c', PGP_SYM_ENCRYPT('Tim','${aeskey}'), PGP_SYM_ENCRYPT('Yates','${aeskey}'), PGP_SYM_ENCRYPT('Senior Developer','${aeskey}'), '6207b3fd-042d-49aa-9e28-dcc04f537c2d', PGP_SYM_ENCRYPT('Manchester','${aeskey}'), PGP_SYM_ENCRYPT('yatest@objectcomputing.com','${aeskey}'), 'tim-12345678', '2024-05-08', PGP_SYM_ENCRYPT('Java developer for ages','${aeskey}'), '72655c4f-1fb8-4514-b31e-7f7e19fa9bd7', '1999-12-31', '2024-03-29'); +INSERT INTO member_profile -- Chad Elliott + (id, firstName, lastName, title, pdlid, location, workEmail, employeeid, startdate, biotext, supervisorid, birthDate, last_seen) +VALUES + ('5c863416-c65a-4f49-b980-0193f7b11827', PGP_SYM_ENCRYPT('Chad','${aeskey}'), PGP_SYM_ENCRYPT('Elliott','${aeskey}'), PGP_SYM_ENCRYPT('Principal Software Engineer','${aeskey}'), '6207b3fd-042d-49aa-9e28-dcc04f537c2d', PGP_SYM_ENCRYPT('St. Louis','${aeskey}'), PGP_SYM_ENCRYPT('elliottc@objectcomputing.com','${aeskey}'), '11', '1996-08-01', PGP_SYM_ENCRYPT('Developing code since 1988','${aeskey}'), '72655c4f-1fb8-4514-b31e-7f7e19fa9bd7', '1973-08-24', '2024-08-01'); + -- Roles INSERT INTO role @@ -954,6 +959,16 @@ insert into role_permissions values ('e8a4fff8-e984-4e59-be84-a713c9fa8d23', 'CAN_ADMINISTER_VOLUNTEERING_EVENTS'); +insert into role_permissions + (roleid, permission) +values + ('e8a4fff8-e984-4e59-be84-a713c9fa8d23', 'CAN_ADMINISTER_KUDOS'); + +insert into role_permissions + (roleid, permission) +values + ('e8a4fff8-e984-4e59-be84-a713c9fa8d23', 'CAN_CREATE_KUDOS'); + -- PDL Permissions insert into role_permissions (roleid, permission) @@ -1030,6 +1045,11 @@ insert into role_permissions values ('d03f5f0b-e29c-4cf4-9ea4-6baa09405c56', 'CAN_VIEW_REVIEW_PERIOD'); +insert into role_permissions + (roleid, permission) +values + ('d03f5f0b-e29c-4cf4-9ea4-6baa09405c56', 'CAN_CREATE_KUDOS'); + -- Member permissions insert into role_permissions (roleid, permission) @@ -1076,6 +1096,11 @@ insert into role_permissions values ('8bda2ae9-58c1-4843-a0d5-d0952621f9df', 'CAN_VIEW_REVIEW_PERIOD'); +insert into role_permissions + (roleid, permission) +values + ('8bda2ae9-58c1-4843-a0d5-d0952621f9df', 'CAN_CREATE_KUDOS'); + -- Feedback Templates ---- Quarter 1 Feedback Template diff --git a/server/src/test/java/com/objectcomputing/checkins/services/fixture/PermissionFixture.java b/server/src/test/java/com/objectcomputing/checkins/services/fixture/PermissionFixture.java index 5cfdd7cb7..b9da13fb8 100644 --- a/server/src/test/java/com/objectcomputing/checkins/services/fixture/PermissionFixture.java +++ b/server/src/test/java/com/objectcomputing/checkins/services/fixture/PermissionFixture.java @@ -19,7 +19,8 @@ public interface PermissionFixture extends RolePermissionFixture { Permission.CAN_UPDATE_CHECKINS, Permission.CAN_ADMINISTER_SETTINGS, Permission.CAN_VIEW_SETTINGS, - Permission.CAN_VIEW_REVIEW_PERIOD + Permission.CAN_VIEW_REVIEW_PERIOD, + Permission.CAN_CREATE_KUDOS ); // Add PDL Permissions here @@ -40,7 +41,8 @@ public interface PermissionFixture extends RolePermissionFixture { Permission.CAN_UPDATE_CHECKIN_DOCUMENT, Permission.CAN_ADMINISTER_SETTINGS, Permission.CAN_VIEW_SETTINGS, - Permission.CAN_VIEW_REVIEW_PERIOD + Permission.CAN_VIEW_REVIEW_PERIOD, + Permission.CAN_CREATE_KUDOS ); // Add ADMIN Permissions here @@ -91,7 +93,9 @@ public interface PermissionFixture extends RolePermissionFixture { Permission.CAN_ADMINISTER_VOLUNTEERING_ORGANIZATIONS, Permission.CAN_ADMINISTER_VOLUNTEERING_RELATIONSHIPS, Permission.CAN_ADMINISTER_VOLUNTEERING_EVENTS, - Permission.CAN_ADMINISTER_DOCUMENTATION + Permission.CAN_ADMINISTER_DOCUMENTATION, + Permission.CAN_ADMINISTER_KUDOS, + Permission.CAN_CREATE_KUDOS ); default void setPermissionsForAdmin(UUID roleID) { From 7b7a35d0735459963b3dbd088c5183e7d9d9bc49 Mon Sep 17 00:00:00 2001 From: Chad Elliott Date: Fri, 2 Aug 2024 10:40:55 -0500 Subject: [PATCH 2/4] Reworked the tests to use permissions, instead of roles. --- .../services/kudos/KudosControllerTest.java | 87 +++++++++---------- 1 file changed, 43 insertions(+), 44 deletions(-) diff --git a/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java b/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java index 313374f46..a9c18c73c 100644 --- a/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java +++ b/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java @@ -71,17 +71,23 @@ class KudosControllerTest extends TestContainersSuite implements KudosFixture, T @BeforeEach void setUp() { + createAndAssignRoles(); client = httpClient.toBlocking(); + sender = createADefaultMemberProfile(); - MemberProfile recipient = createASecondDefaultMemberProfile(); - admin = createAThirdDefaultMemberProfile(); - createAndAssignAdminRole(admin); - Team team = createDefaultTeam(); - message = "Kudos!"; senderId = sender.getId(); senderWorkEmail = sender.getWorkEmail(); + + MemberProfile recipient = createASecondDefaultMemberProfile(); recipientMembers = List.of(recipient); + + admin = createAThirdDefaultMemberProfile(); + assignAdminRole(admin); + + Team team = createDefaultTeam(); teamId = team.getId(); + + message = "Kudos!"; emailSender.reset(); } @@ -101,7 +107,7 @@ void testCreateKudos(boolean supplyTeam, boolean publiclyVisible) { recipientMembers ); - HttpRequest request = HttpRequest.POST("/", kudosCreateDTO).basicAuth("", ADMIN_ROLE); + HttpRequest request = HttpRequest.POST("/", kudosCreateDTO).basicAuth(senderWorkEmail, MEMBER_ROLE); HttpResponse httpResponse = client.exchange(request, Kudos.class); Kudos kudos = httpResponse.body(); @@ -121,10 +127,10 @@ void testCreateKudos(boolean supplyTeam, boolean publiclyVisible) { assertEquals(List.of( "SEND_EMAIL", sender.getFirstName() + " " + sender.getLastName(), - sender.getWorkEmail(), + senderWorkEmail, KudosServicesImpl.KUDOS_EMAIL_SUBJECT, KudosServicesImpl.getAdminEmailContent(checkInsConfiguration), - admin.getWorkEmail() + "," + admin.getWorkEmail() ), emailSender.events.getFirst() ); @@ -133,7 +139,7 @@ void testCreateKudos(boolean supplyTeam, boolean publiclyVisible) { assertEquals(List.of( "SEND_EMAIL", sender.getFirstName() + " " + sender.getLastName(), - sender.getWorkEmail(), + senderWorkEmail, KudosRecipientServicesImpl.KUDOS_EMAIL_SUBJECT, message, recipientMembers.getFirst().getWorkEmail() @@ -143,24 +149,14 @@ void testCreateKudos(boolean supplyTeam, boolean publiclyVisible) { } } - @Test - void testCreateKudosWithoutAdminRole() { - KudosCreateDTO kudosCreateDTO = new KudosCreateDTO(message, senderId, null, true, recipientMembers); - - HttpRequest request = HttpRequest.POST("", kudosCreateDTO).basicAuth("", MEMBER_ROLE); - HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, Kudos.class)); - - assertEquals(HttpStatus.FORBIDDEN, responseException.getStatus()); - assertEquals(NOT_AUTHORIZED_MSG, responseException.getMessage()); - assertEquals(0, emailSender.events.size()); - } - @Test void testCreateKudosWithNonExistentSenderId() { UUID nonExistentSenderId = UUID.randomUUID(); KudosCreateDTO kudosCreateDTO = new KudosCreateDTO(message, nonExistentSenderId, null, true, recipientMembers); - HttpRequest request = HttpRequest.POST("", kudosCreateDTO).basicAuth("", ADMIN_ROLE); + // The sender does not exist, so they do not have an email address to + // provide in basicAuth(). + HttpRequest request = HttpRequest.POST("", kudosCreateDTO).basicAuth("", MEMBER_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, Kudos.class)); assertEquals(HttpStatus.BAD_REQUEST, responseException.getStatus()); @@ -174,7 +170,7 @@ void testCreateKudosWithNonExistentTeamId() { UUID nonExistentTeamId = UUID.randomUUID(); KudosCreateDTO kudosCreateDTO = new KudosCreateDTO(message, senderId, nonExistentTeamId, true, recipientMembers); - HttpRequest request = HttpRequest.POST("", kudosCreateDTO).basicAuth("", ADMIN_ROLE); + HttpRequest request = HttpRequest.POST("", kudosCreateDTO).basicAuth(senderWorkEmail, MEMBER_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, Kudos.class)); assertEquals(HttpStatus.BAD_REQUEST, responseException.getStatus()); @@ -187,7 +183,7 @@ void testCreateKudosWithNonExistentTeamId() { void testCreateKudosWithBlankMessage() { KudosCreateDTO kudosCreateDTO = new KudosCreateDTO("", senderId, null, true, recipientMembers); - HttpRequest request = HttpRequest.POST("", kudosCreateDTO).basicAuth("", ADMIN_ROLE); + HttpRequest request = HttpRequest.POST("", kudosCreateDTO).basicAuth(senderWorkEmail, MEMBER_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, Kudos.class)); assertEquals(HttpStatus.BAD_REQUEST, responseException.getStatus()); @@ -201,7 +197,7 @@ void testCreateKudosWithBlankMessage() { void testCreateKudosWithEmptyRecipientMembers() { KudosCreateDTO kudosCreateDTO = new KudosCreateDTO(message, senderId, null, true, Collections.emptyList()); - HttpRequest request = HttpRequest.POST("", kudosCreateDTO).basicAuth("", ADMIN_ROLE); + HttpRequest request = HttpRequest.POST("", kudosCreateDTO).basicAuth(senderWorkEmail, MEMBER_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, Kudos.class)); assertEquals(HttpStatus.BAD_REQUEST, responseException.getStatus()); @@ -215,7 +211,7 @@ void testApproveKudos() { assertNull(kudos.getDateApproved()); KudosRecipient recipient = createKudosRecipient(kudos.getId(), recipientMembers.getFirst().getId()); - final HttpRequest request = HttpRequest.PUT("", kudos).basicAuth("", ADMIN_ROLE); + final HttpRequest request = HttpRequest.PUT("", kudos).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); final HttpResponse response = client.exchange(request, Kudos.class); assertEquals(HttpStatus.OK, response.getStatus()); @@ -224,7 +220,7 @@ void testApproveKudos() { assertEquals(List.of( "SEND_EMAIL", sender.getFirstName() + " " + sender.getLastName(), - sender.getWorkEmail(), + senderWorkEmail, KudosServicesImpl.KUDOS_EMAIL_SUBJECT, KudosServicesImpl.getApprovalEmailContent(checkInsConfiguration), recipientMembers.getFirst().getWorkEmail() @@ -239,7 +235,7 @@ void testApproveNonExistentKudos() { UUID nonExistentKudosId = UUID.randomUUID(); kudos.setId(nonExistentKudosId); - final HttpRequest request = HttpRequest.PUT("", kudos).basicAuth("", ADMIN_ROLE); + final HttpRequest request = HttpRequest.PUT("", kudos).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, Kudos.class)); assertEquals(HttpStatus.BAD_REQUEST, responseException.getStatus()); @@ -251,7 +247,7 @@ void testApproveNonExistentKudos() { void testApproveAlreadyApprovedKudos() { Kudos kudos = createApprovedKudos(senderId); - final HttpRequest request = HttpRequest.PUT("", kudos).basicAuth("", ADMIN_ROLE); + final HttpRequest request = HttpRequest.PUT("", kudos).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, Kudos.class)); assertEquals(HttpStatus.BAD_REQUEST, responseException.getStatus()); @@ -260,10 +256,10 @@ void testApproveAlreadyApprovedKudos() { } @Test - void testApproveKudosWithoutAdminRole() { + void testApproveKudosWithoutApprovePermission() { Kudos kudos = createADefaultKudos(senderId); - final HttpRequest request = HttpRequest.PUT("", kudos).basicAuth("", MEMBER_ROLE); + final HttpRequest request = HttpRequest.PUT("", kudos).basicAuth(senderWorkEmail, MEMBER_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, Kudos.class)); assertEquals(HttpStatus.FORBIDDEN, responseException.getStatus()); @@ -276,7 +272,7 @@ void testGetKudosById() { Kudos kudos = createADefaultKudos(senderId); createKudosRecipient(kudos.getId(), recipientMembers.getFirst().getId()); - final HttpRequest request = HttpRequest.GET(String.format("/%s", kudos.getId())).basicAuth("", ADMIN_ROLE); + final HttpRequest request = HttpRequest.GET(String.format("/%s", kudos.getId())).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); HttpResponse response = client.exchange(request, KudosResponseDTO.class); assertEquals(OK, response.getStatus()); @@ -293,7 +289,7 @@ void testGetKudosById() { void testGetKudosByIdWithNoRecipients() { Kudos kudos = createADefaultKudos(senderId); - final HttpRequest request = HttpRequest.GET(String.format("/%s", kudos.getId())).basicAuth("", ADMIN_ROLE); + final HttpRequest request = HttpRequest.GET(String.format("/%s", kudos.getId())).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, KudosResponseDTO.class)); assertEquals(HttpStatus.NOT_FOUND, responseException.getStatus()); @@ -304,7 +300,7 @@ void testGetKudosByIdWithNoRecipients() { void testGetKudosByNonExistentId() { UUID nonExistentId = UUID.randomUUID(); final HttpRequest request = HttpRequest.GET(String.format("/%s", nonExistentId)) - .basicAuth("", ADMIN_ROLE); + .basicAuth(admin.getWorkEmail(), ADMIN_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> { client.exchange(request, KudosResponseDTO.class); }); @@ -318,6 +314,8 @@ void testGetKudosByIdWithoutAdminRole() { Kudos kudos = createADefaultKudos(senderId); createKudosRecipient(kudos.getId(), recipientMembers.getFirst().getId()); + // This should fail because the user making this request is not an + // admin, the sender or recipient. final HttpRequest request = HttpRequest.GET(String.format("/%s", kudos.getId())) .basicAuth("", MEMBER_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> { @@ -347,7 +345,8 @@ void testGetKudosByIdWithoutAdminRoleBySender() { void testGetApprovedKudosByIdWithoutAdminRole() { Kudos kudos = createApprovedKudos(senderId); createKudosRecipient(kudos.getId(), recipientMembers.getFirst().getId()); - + // This should fail because the user making this request is not an + // admin, the sender or recipient. final HttpRequest request = HttpRequest.GET("/%s".formatted(kudos.getId())).basicAuth("", MEMBER_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request, KudosResponseDTO.class)); @@ -356,7 +355,7 @@ void testGetApprovedKudosByIdWithoutAdminRole() { } @Test - void testGetApprovedKudosByIdWithoutAdminRoleByRecipient() { + void testGetApprovedKudosByIdWithoutApprovePermissionByRecipient() { Kudos kudos = createApprovedKudos(senderId); createKudosRecipient(kudos.getId(), recipientMembers.getFirst().getId()); @@ -380,7 +379,7 @@ void testGetKudosWithRecipientId() { UUID recipientId = recipientMembers.getFirst().getId(); createKudosRecipient(kudos.getId(), recipientId); - MutableHttpRequest request = HttpRequest.GET(String.format("/?recipientId=%s", recipientId)).basicAuth("", ADMIN_ROLE); + MutableHttpRequest request = HttpRequest.GET(String.format("/?recipientId=%s", recipientId)).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); final HttpResponse> response = client.exchange(request, Argument.listOf(KudosResponseDTO.class)); assertEquals(OK, response.getStatus()); @@ -401,7 +400,7 @@ void testGetKudosWithUnknownRecipientId() { UUID recipientId = recipientMembers.getFirst().getId(); createKudosRecipient(kudos.getId(), recipientId); - MutableHttpRequest request = HttpRequest.GET(String.format("/?recipientId=%s", UUID.randomUUID())).basicAuth("", ADMIN_ROLE); + MutableHttpRequest request = HttpRequest.GET(String.format("/?recipientId=%s", UUID.randomUUID())).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); final HttpResponse> response = client.exchange(request, Argument.listOf(KudosResponseDTO.class)); assertEquals(OK, response.getStatus()); @@ -420,7 +419,7 @@ void testGetMultipleKudos() { createKudosRecipient(kudos2.getId(), recipientId); createKudosRecipient(kudos3.getId(), someOtherRecipientId); - MutableHttpRequest request = HttpRequest.GET(String.format("/?recipientId=%s", recipientId)).basicAuth("", ADMIN_ROLE); + MutableHttpRequest request = HttpRequest.GET(String.format("/?recipientId=%s", recipientId)).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); final HttpResponse> response = client.exchange(request, Argument.listOf(KudosResponseDTO.class)); assertEquals(OK, response.getStatus()); @@ -434,7 +433,7 @@ void testGetKudosWithSenderId() { Kudos kudos = createApprovedKudos(senderId); createKudosRecipient(kudos.getId(), recipientMembers.getFirst().getId()); - MutableHttpRequest request = HttpRequest.GET(String.format("/?senderId=%s", senderId)).basicAuth("", ADMIN_ROLE); + MutableHttpRequest request = HttpRequest.GET(String.format("/?senderId=%s", senderId)).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); final HttpResponse> response = client.exchange(request, Argument.listOf(KudosResponseDTO.class)); assertEquals(OK, response.getStatus()); @@ -458,7 +457,7 @@ void testGetKudosWithIsPending(boolean isPending) { createKudosRecipient(unapprovedKudos.getId(), recipientMembers.getFirst().getId()); createKudosRecipient(approvedKudos.getId(), recipientMembers.getFirst().getId()); - MutableHttpRequest request = HttpRequest.GET(String.format("/?isPending=%s", isPending)).basicAuth("", ADMIN_ROLE); + MutableHttpRequest request = HttpRequest.GET(String.format("/?isPending=%s", isPending)).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); final HttpResponse> response = client.exchange(request, Argument.listOf(KudosResponseDTO.class)); var expected = isPending ? unapprovedKudos : approvedKudos; @@ -479,7 +478,7 @@ void testGetKudosWithIsPending(boolean isPending) { void testDeleteKudos() { Kudos kudos = createADefaultKudos(senderId); - final HttpRequest request = HttpRequest.DELETE("/%s".formatted(kudos.getId())).basicAuth("", ADMIN_ROLE); + final HttpRequest request = HttpRequest.DELETE("/%s".formatted(kudos.getId())).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); final HttpResponse response = client.exchange(request); assertEquals(NO_CONTENT, response.getStatus()); @@ -489,7 +488,7 @@ void testDeleteKudos() { void testDeleteKudosWithNonExistentKudosId() { UUID nonExistentKudosId = UUID.randomUUID(); - final HttpRequest request = HttpRequest.DELETE("/%s".formatted(nonExistentKudosId)).basicAuth("", ADMIN_ROLE); + final HttpRequest request = HttpRequest.DELETE("/%s".formatted(nonExistentKudosId)).basicAuth(admin.getWorkEmail(), ADMIN_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request)); assertEquals(HttpStatus.NOT_FOUND, responseException.getStatus()); @@ -500,7 +499,7 @@ void testDeleteKudosWithNonExistentKudosId() { void testDeleteKudosWithoutAdminRole() { Kudos kudos = createADefaultKudos(senderId); - HttpRequest request = HttpRequest.DELETE(String.format("/%s", kudos.getId())).basicAuth("", MEMBER_ROLE); + HttpRequest request = HttpRequest.DELETE(String.format("/%s", kudos.getId())).basicAuth(senderWorkEmail, MEMBER_ROLE); HttpClientResponseException responseException = assertThrows(HttpClientResponseException.class, () -> client.exchange(request)); assertEquals(HttpStatus.FORBIDDEN, responseException.getStatus()); From 8e19859f8e0b45bb2c16f838096a581e703685cb Mon Sep 17 00:00:00 2001 From: Chad Elliott Date: Fri, 2 Aug 2024 10:56:19 -0500 Subject: [PATCH 3/4] Reverted the name change. It is Admin related, not Approve Permission related. --- .../checkins/services/kudos/KudosControllerTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java b/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java index a9c18c73c..c1644344b 100644 --- a/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java +++ b/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java @@ -355,7 +355,7 @@ void testGetApprovedKudosByIdWithoutAdminRole() { } @Test - void testGetApprovedKudosByIdWithoutApprovePermissionByRecipient() { + void testGetApprovedKudosByIdWithoutAdminRoleByRecipient() { Kudos kudos = createApprovedKudos(senderId); createKudosRecipient(kudos.getId(), recipientMembers.getFirst().getId()); From 90d9114f243db8f78ffa53f33f3197c03f709e8f Mon Sep 17 00:00:00 2001 From: Chad Elliott Date: Fri, 2 Aug 2024 11:13:18 -0500 Subject: [PATCH 4/4] Correct test names using AdministerPermission, instead of AdminRole. --- .../checkins/services/kudos/KudosControllerTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java b/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java index c1644344b..92975598a 100644 --- a/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java +++ b/server/src/test/java/com/objectcomputing/checkins/services/kudos/KudosControllerTest.java @@ -256,7 +256,7 @@ void testApproveAlreadyApprovedKudos() { } @Test - void testApproveKudosWithoutApprovePermission() { + void testApproveKudosWithoutAdministerPermission() { Kudos kudos = createADefaultKudos(senderId); final HttpRequest request = HttpRequest.PUT("", kudos).basicAuth(senderWorkEmail, MEMBER_ROLE); @@ -496,7 +496,7 @@ void testDeleteKudosWithNonExistentKudosId() { } @Test - void testDeleteKudosWithoutAdminRole() { + void testDeleteKudosWithoutAdministerPermission() { Kudos kudos = createADefaultKudos(senderId); HttpRequest request = HttpRequest.DELETE(String.format("/%s", kudos.getId())).basicAuth(senderWorkEmail, MEMBER_ROLE);