feat: Initial implementation of permission manager SDK - Add core permission management functionality with @RequiresPermission annotation - Implement permission checking aspect with Spring Security integration - Add comprehensive model classes for permissions, roles, and domains - Create integration builder for permission structure setup - Add configuration support for permission manager client - Implement exception handling for access control - Add extensive test coverage with integration tests - Configure Maven build with Spring Boot/Cloud dependencies

2025-01-08 02:32:57 +01:00
parent f039652d4b
commit 6d4a3e2ea5
48 changed files with 2816 additions and 52 deletions
--- a/src/test/java/de/mummeit/pmg/api/PermissionManagerClientIntegrationTest.java
+++ b/src/test/java/de/mummeit/pmg/api/PermissionManagerClientIntegrationTest.java
@ -0,0 +1,254 @@
+package de.mummeit.pmg.api;
+
+import de.mummeit.pmg.api.model.access.request.CheckAccessRequest;
+import de.mummeit.pmg.api.model.access.request.Permit;
+import de.mummeit.pmg.api.model.access.request.PermitRequest;
+import de.mummeit.pmg.api.model.access.request.RevokeScopeAccessRequest;
+import de.mummeit.pmg.api.model.access.request.RevokeUserAccessRequest;
+import de.mummeit.pmg.api.model.access.request.SearchPermitRequest;
+import de.mummeit.pmg.api.model.access.response.PermittedResponse;
+import de.mummeit.pmg.api.model.integration.DomainIntegration;
+import de.mummeit.pmg.api.model.integration.Integration;
+import de.mummeit.pmg.api.model.integration.PermissionIntegration;
+import de.mummeit.pmg.api.model.integration.RoleIntegration;
+import de.mummeit.pmg.api.model.integration.RolePermissionRelationIntegration;
+import de.mummeit.pmg.api.model.structure.Domain;
+import de.mummeit.pmg.api.model.structure.Permission;
+import de.mummeit.pmg.api.model.structure.Role;
+import de.mummeit.utility.BaseIntegrationTest;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class PermissionManagerClientIntegrationTest extends BaseIntegrationTest {
+
+    @Autowired
+    private PermissionManagerClient permissionManagerClient;
+
+    private static final String TEST_DOMAIN = "test-domain";
+    private static final String TEST_PERMISSION = "test-permission";
+    private static final String TEST_ROLE = "test-role";
+    private static final String TEST_USER = "test-user";
+    private static final String TEST_SCOPE = "test-scope";
+
+    @Test
+    @DisplayName("should return health status")
+    void getHealthStatus() {
+        String healthStatus = permissionManagerClient.getHealthStatus();
+        assertNotNull(healthStatus);
+    }
+
+    @Test
+    @DisplayName("should successfully perform integrations")
+    void integrationShouldRun() {
+        List<Integration<?>> integrations = List.of(
+                DomainIntegration.builder()
+                        .id("1")
+                        .action(Integration.Action.create)
+                        .data(DomainIntegration.Data.builder()
+                                .name("test")
+                                .description("test")
+                                .build())
+                        .build(),
+                PermissionIntegration.builder()
+                        .id("2")
+                        .action(Integration.Action.create)
+                        .data(PermissionIntegration.Data.builder()
+                                .domain("test")
+                                .name("test")
+                                .description("test")
+                                .build())
+                        .build(),
+                RoleIntegration.builder()
+                        .id("3")
+                        .action(Integration.Action.create)
+                        .data(RoleIntegration.Data.builder()
+                                .domain("test")
+                                .name("test")
+                                .description("test")
+                                .build())
+                        .build(),
+                RolePermissionRelationIntegration.builder()
+                        .id("4")
+                        .action(Integration.Action.create)
+                        .data(RolePermissionRelationIntegration.Data.builder()
+                                .domain("test")
+                                .role("test")
+                                .permissions(List.of("test"))
+                                .build())
+                        .build()
+        );
+
+        assertDoesNotThrow(() -> permissionManagerClient.performIntegration(integrations));
+    }
+
+    @Test
+    @DisplayName("should manage domains successfully")
+    void domainManagement() {
+        // Create domain
+        Domain domain = new Domain();
+        domain.setName(TEST_DOMAIN);
+        domain.setDescription("Test Domain Description");
+
+        Domain createdDomain = permissionManagerClient.createDomain(domain);
+        assertNotNull(createdDomain);
+        assertEquals(TEST_DOMAIN, createdDomain.getName());
+
+        // Get domain
+        Domain retrievedDomain = permissionManagerClient.getDomain(TEST_DOMAIN);
+        assertNotNull(retrievedDomain);
+        assertEquals(TEST_DOMAIN, retrievedDomain.getName());
+
+        // Update domain
+        domain.setDescription("Updated Description");
+        Domain updatedDomain = permissionManagerClient.updateDomain(TEST_DOMAIN, domain);
+        assertNotNull(updatedDomain);
+        assertEquals("Updated Description", updatedDomain.getDescription());
+
+        // Delete domain
+        assertDoesNotThrow(() -> permissionManagerClient.deleteDomain(TEST_DOMAIN));
+    }
+
+    @Test
+    @DisplayName("should manage permissions successfully")
+    void permissionManagement() {
+        // First create a domain
+        Domain domain = new Domain();
+        domain.setName(TEST_DOMAIN);
+        domain.setDescription("Test Domain Description");
+        permissionManagerClient.createDomain(domain);
+
+        // Create permission
+        Permission permission = new Permission();
+        permission.setName(TEST_PERMISSION);
+        permission.setDescription("Test Permission Description");
+
+        Permission createdPermission = permissionManagerClient.createPermission(TEST_DOMAIN, permission);
+        assertNotNull(createdPermission);
+        assertEquals(TEST_PERMISSION, createdPermission.getName());
+
+        // Get permission
+        Permission retrievedPermission = permissionManagerClient.getPermission(TEST_DOMAIN, TEST_PERMISSION);
+        assertNotNull(retrievedPermission);
+        assertEquals(TEST_PERMISSION, retrievedPermission.getName());
+
+        // Update permission
+        permission.setDescription("Updated Permission Description");
+        Permission updatedPermission = permissionManagerClient.updatePermission(TEST_DOMAIN, TEST_PERMISSION, permission);
+        assertNotNull(updatedPermission);
+        assertEquals("Updated Permission Description", updatedPermission.getDescription());
+
+        // Delete permission
+        assertDoesNotThrow(() -> permissionManagerClient.deletePermission(TEST_DOMAIN, TEST_PERMISSION));
+
+        // Clean up
+        permissionManagerClient.deleteDomain(TEST_DOMAIN);
+    }
+
+    @Test
+    @DisplayName("should manage roles successfully")
+    void roleManagement() {
+        // First create a domain
+        Domain domain = new Domain();
+        domain.setName(TEST_DOMAIN);
+        domain.setDescription("Test Domain Description");
+        permissionManagerClient.createDomain(domain);
+
+        // Create role
+        Role role = new Role();
+        role.setName(TEST_ROLE);
+        role.setDescription("Test Role Description");
+        role.setPermissions(List.of());
+
+        Role createdRole = permissionManagerClient.createRole(TEST_DOMAIN, role);
+        assertNotNull(createdRole);
+        assertEquals(TEST_ROLE, createdRole.getName());
+
+        // Get role
+        Role retrievedRole = permissionManagerClient.getRole(TEST_DOMAIN, TEST_ROLE);
+        assertNotNull(retrievedRole);
+        assertEquals(TEST_ROLE, retrievedRole.getName());
+
+        // Update role
+        role.setDescription("Updated Role Description");
+        Role updatedRole = permissionManagerClient.updateRole(TEST_DOMAIN, TEST_ROLE, role);
+        assertNotNull(updatedRole);
+        assertEquals("Updated Role Description", updatedRole.getDescription());
+
+        // Delete role
+        assertDoesNotThrow(() -> permissionManagerClient.deleteRole(TEST_DOMAIN, TEST_ROLE));
+
+        // Clean up
+        permissionManagerClient.deleteDomain(TEST_DOMAIN);
+    }
+
+    @Test
+    @DisplayName("should manage access successfully")
+    void accessManagement() {
+        // Setup: Create domain, permission, and role
+        Domain domain = new Domain();
+        domain.setName(TEST_DOMAIN);
+        permissionManagerClient.createDomain(domain);
+
+        Permission permission = new Permission();
+        permission.setName(TEST_PERMISSION);
+        permissionManagerClient.createPermission(TEST_DOMAIN, permission);
+
+        Role role = new Role();
+        role.setName(TEST_ROLE);
+        role.setPermissions(List.of());
+        permissionManagerClient.createRole(TEST_DOMAIN, role);
+
+        // Test permit access
+        PermitRequest permitRequest = new PermitRequest();
+        Permit permit = new Permit();
+        permit.setDomain(TEST_DOMAIN);
+        permit.setRoles(List.of(TEST_ROLE));
+        permit.setPermissions(List.of(TEST_PERMISSION));
+        permitRequest.setPermits(List.of(permit));
+        permitRequest.setUserId(TEST_USER);
+        permitRequest.setScope(TEST_SCOPE);
+
+        assertDoesNotThrow(() -> permissionManagerClient.permitAccess(permitRequest));
+
+        // Test check access
+        CheckAccessRequest checkRequest = new CheckAccessRequest();
+        checkRequest.setDomain(TEST_DOMAIN);
+        checkRequest.setPermission(TEST_PERMISSION);
+        checkRequest.setUserId(TEST_USER);
+        checkRequest.setScope(TEST_SCOPE);
+
+        PermittedResponse response = permissionManagerClient.checkAccess(checkRequest);
+        assertNotNull(response);
+        assertTrue(response.isPermitted());
+
+        // Test search permits
+        SearchPermitRequest searchRequest = new SearchPermitRequest();
+        searchRequest.setUserId(TEST_USER);
+        searchRequest.setScope(TEST_SCOPE);
+
+        List<Permission> permits = permissionManagerClient.searchPermits(searchRequest);
+        assertNotNull(permits);
+        assertFalse(permits.isEmpty());
+
+        // Test revoke access
+        assertDoesNotThrow(() -> permissionManagerClient.revokeAccess(permitRequest));
+
+        // Test revoke scope access
+        RevokeScopeAccessRequest revokeScopeRequest = new RevokeScopeAccessRequest();
+        revokeScopeRequest.setScope(TEST_SCOPE);
+        assertDoesNotThrow(() -> permissionManagerClient.revokeScopeAccess(revokeScopeRequest));
+
+        // Test revoke user access
+        RevokeUserAccessRequest revokeUserRequest = new RevokeUserAccessRequest();
+        revokeUserRequest.setUserId(TEST_USER);
+        assertDoesNotThrow(() -> permissionManagerClient.revokeUserAccess(revokeUserRequest));
+
+        // Clean up
+        permissionManagerClient.deleteDomain(TEST_DOMAIN);
+    }
+}