Updated some more tests

dbrepo-query-service/rest-service/src/main/java/at/tuwien/endpoint/AbstractEndpoint.java

-package at.tuwien.endpoint;
-
-import at.tuwien.SortType;
-import at.tuwien.api.database.query.ExecuteStatementDto;
-import at.tuwien.config.QueryConfig;
-import at.tuwien.entities.database.AccessType;
-import at.tuwien.entities.database.Database;
-import at.tuwien.entities.database.DatabaseAccess;
-import at.tuwien.entities.database.table.Table;
-import at.tuwien.entities.identifier.Identifier;
-import at.tuwien.exception.*;
-import at.tuwien.service.AccessService;
-import at.tuwien.service.DatabaseService;
-import at.tuwien.service.IdentifierService;
-import at.tuwien.service.TableService;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.Authentication;
-
-import java.security.Principal;
-import java.util.Arrays;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import static at.tuwien.entities.identifier.VisibilityType.EVERYONE;
-
-@Slf4j
-public abstract class AbstractEndpoint {
-
-    private final QueryConfig queryConfig;
-    private final TableService tableService;
-    private final AccessService accessService;
-    private final DatabaseService databaseService;
-    private final IdentifierService identifierService;
-
-    @Autowired
-    protected AbstractEndpoint(TableService tableService, AccessService accessService, DatabaseService databaseService,
-                               IdentifierService identifierService, QueryConfig queryConfig) {
-        this.queryConfig = queryConfig;
-        this.tableService = tableService;
-        this.accessService = accessService;
-        this.databaseService = databaseService;
-        this.identifierService = identifierService;
-    }
-
-    protected Boolean hasDatabasePermission(Long containerId, Long databaseId, String permissionCode,
-                                            Principal principal) throws NotAllowedException {
-        log.trace("validate database permission, containerId={}, databaseId={}, permissionCode={}, principal={}",
-                containerId, databaseId, permissionCode, principal);
-        final Database database;
-        try {
-            database = databaseService.find(containerId, databaseId);
-        } catch (DatabaseNotFoundException e) {
-            log.error("Failed to find database with id {}", databaseId);
-            return false;
-        }
-        /* view-only operations are allowed on public databases */
-        if (database.getIsPublic() && List.of("DATA_VIEW", "DATA_HISTORY", "QUERY_VIEW_ALL").contains(permissionCode)) {
-            log.debug("grant permission {} because database is public", permissionCode);
-            return true;
-        }
-        if (List.of("LIST_VIEWS", "FIND_VIEW", "DATA_VIEW").contains(permissionCode)) {
-            log.debug("grant permission {} because it is allowed on public/private databases", permissionCode);
-            return true;
-        }
-        if (principal == null) {
-            log.error("Failed to grant permission {} because principal is null", permissionCode);
-            return false;
-        }
-        final DatabaseAccess access = accessService.find(databaseId, principal.getName());
-        /* check view access */
-        if (List.of("QUERY_EXECUTE").contains(permissionCode)) {
-            log.debug("grant permission {} because user has access {}", permissionCode, access.getType());
-            return true;
-        }
-        if (List.of("CREATE_VIEW").contains(permissionCode) && database.getOwner().getId().equals(access.getHuserid())) {
-            log.debug("grant permission {} because user is owner {}", permissionCode, access.getType());
-            return true;
-        }
-        /* has role researcher */
-        final Authentication authentication = (Authentication) principal /* with pre-authorization this always holds */;
-        if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("ROLE_RESEARCHER"))) {
-            log.error("Failed to grant permission {} because current user misses authority 'ROLE_RESEARCHER'",
-                    permissionCode);
-            return false;
-        }
-        return false;
-    }
-
-    protected void validateDataParams(Long page, Long size) throws PaginationException {
-        log.trace("validate data params, page={}, size={}", page, size);
-        if ((page == null && size != null) || (page != null && size == null)) {
-            log.error("Failed to validate page and/or size number, either both are present or none");
-            throw new PaginationException("Failed to validate page and/or size number");
-        }
-        if (page != null && page < 0) {
-            log.error("Failed to validate page number, is lower than zero");
-            throw new PaginationException("Failed to validate page number");
-        }
-        if (size != null && size <= 0) {
-            log.error("Failed to validate size number, is lower or equal than zero");
-            throw new PaginationException("Failed to validate size number");
-        }
-    }
-
-    protected void validateDataParams(Long page, Long size, SortType sortDirection, String sortColumn)
-            throws PaginationException, SortException {
-        log.trace("validate data params, page={}, size={}, sortDirection={}, sortColumn={}", page, size,
-                sortDirection, sortColumn);
-        validateDataParams(page, size);
-        if ((sortDirection == null && sortColumn != null) || (sortDirection != null && sortColumn == null)) {
-            log.error("Failed to validate sort direction and/or sort column, either both are present or none");
-            throw new SortException("Failed to validate sort direction and/or sort column");
-        }
-    }
-
-    /**
-     * Do not allow aggregate functions and comments
-     * https://mariadb.com/kb/en/aggregate-functions/
-     */
-    protected void validateForbiddenStatements(ExecuteStatementDto data) throws QueryMalformedException {
-        final List<String> words = new LinkedList<>();
-        Arrays.stream(queryConfig.getNotSupportedKeywords())
-                .forEach(keyword -> {
-                    final Pattern pattern = Pattern.compile(keyword);
-                    final Matcher matcher = pattern.matcher(data.getStatement());
-                    final boolean found = matcher.find();
-                    if (found) {
-                        words.add(keyword);
-                    }
-                });
-        if (words.size() == 0) {
-            return;
-        }
-        log.error("Query contains forbidden keyword(s): {}", words);
-        log.debug("forbidden keywords: {}", words);
-        throw new QueryMalformedException("Query contains forbidden keyword(s): " + Arrays.toString(words.toArray()));
-    }
-
-    protected Boolean hasTablePermission(Long containerId, Long databaseId, Long tableId, String permissionCode,
-                                         Principal principal) throws NotAllowedException {
-        log.trace("validate queue permission, containerId={}, databaseId={}, tableId={}, permissionCode={}, principal={}",
-                containerId, databaseId, tableId, permissionCode, principal);
-        final Database database;
-        try {
-            database = databaseService.find(containerId, databaseId);
-        } catch (DatabaseNotFoundException e) {
-            log.error("Failed to find database with id {}", databaseId);
-            return false;
-        }
-        final Table table;
-        try {
-            table = tableService.find(containerId, databaseId, tableId);
-        } catch (TableNotFoundException e) {
-            log.error("Failed to find table with id {} in database with id {}", tableId, databaseId);
-            return false;
-        } catch (DatabaseNotFoundException e) {
-            /* can never occur here */
-            return false;
-        }
-        /* view-only operations are allowed on public databases */
-        if (database.getIsPublic() && List.of("TABLE_EXPORT", "DATA_VIEW", "DATA_HISTORY").contains(permissionCode)) {
-            log.debug("grant permission {} because database is public", permissionCode);
-            return true;
-        }
-        if (principal == null) {
-            log.error("Failed to grant permission {} because principal is null", permissionCode);
-            return false;
-        }
-        final Authentication authentication = (Authentication) principal /* with pre-authorization this always holds */;
-        if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("ROLE_RESEARCHER"))) {
-            log.error("Failed to grant permission {} because current user misses authority 'ROLE_RESEARCHER'",
-                    permissionCode);
-            return false;
-        }
-        final DatabaseAccess access = accessService.find(databaseId, principal.getName());
-        /* check view access */
-        if (List.of("TABLE_EXPORT", "DATA_VIEW", "DATA_HISTORY", "QUERY_VIEW_ALL", "QUERY_RE_EXECUTE", "QUERY_VIEW", "FIND_VIEW").contains(permissionCode)) {
-            log.trace("grant permission {} because user has access {}", permissionCode, access.getType());
-            return true;
-        }
-        if (List.of("DATA_INSERT", "DATA_UPDATE", "DATA_DELETE").contains(permissionCode) && access.getType().equals(AccessType.WRITE_ALL)) {
-            /* write own is already effective with creator check above */
-            log.debug("grant permission {} because user {} is has table write permission {}", permissionCode, principal.getName(),
-                    access.getType());
-            return true;
-        }
-        if (List.of("QUERY_PERSIST").contains(permissionCode) && access != null) {
-            /* write own is already effective with creator check above */
-            log.debug("grant permission {} because user {} is has database read/write permission {}", permissionCode, principal.getName(),
-                    access.getType());
-            return true;
-        }
-        log.debug("failed to grant permission {} because database is not owner by the current user and also has not appropriate access", permissionCode);
-        return false;
-    }
-
-    protected Boolean hasQueryPermission(Long containerId, Long databaseId, Long queryId, String permissionCode,
-                                         Principal principal) throws NotAllowedException {
-        log.trace("validate query permission, containerId={}, databaseId={}, queryId={}, permissionCode={}, principal={}",
-                containerId, databaseId, queryId, permissionCode, principal);
-        final Database database;
-        try {
-            database = databaseService.find(containerId, databaseId);
-        } catch (DatabaseNotFoundException e) {
-            log.error("Failed to find database with id {}", databaseId);
-            return false;
-        }
-        if (hasPublicIdentifier(databaseId, queryId, permissionCode)) {
-            return true;
-        }
-        /* modification operations are limited to the creator */
-        if (isMyPrivateIdentifier(databaseId, queryId, principal, permissionCode)) {
-            return true;
-        }
-        /* view-only operations are allowed on public databases */
-        if (database.getIsPublic() && List.of("QUERY_VIEW_ALL", "QUERY_VIEW", "QUERY_EXPORT", "QUERY_RE_EXECUTE").contains(
-                permissionCode)) {
-            log.debug("grant permission {} because database is public", permissionCode);
-            return true;
-        }
-        if (principal == null) {
-            log.error("Failed to grant permission {} because principal is null", permissionCode);
-            return false;
-        }
-        final DatabaseAccess access = accessService.find(databaseId, principal.getName());
-        /* check view access */
-        if (List.of("DATA_VIEW", "DATA_HISTORY", "QUERY_VIEW_ALL", "QUERY_RE_EXECUTE", "QUERY_VIEW", "FIND_VIEW", "QUERY_EXPORT").contains(permissionCode)) {
-            log.trace("grant permission {} because user has access {}", permissionCode, access.getType());
-            return true;
-        }
-        /* has role researcher */
-        final Authentication authentication = (Authentication) principal /* with pre-authorization this always holds */;
-        if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("ROLE_RESEARCHER"))) {
-            log.error("Failed to grant permission {} because current user misses authority 'ROLE_RESEARCHER'",
-                    permissionCode);
-            return false;
-        }
-        if (access.getType().equals(AccessType.WRITE_ALL)) {
-            log.trace("grant permission {} because user has access {}", permissionCode, access.getType());
-            return true;
-        }
-        log.debug("failed to grant permission {} because database is not owner by the current user and also has not appropriate access", permissionCode);
-        return false;
-    }
-
-    protected Boolean hasPublicIdentifier(Long databaseId, Long queryId, String permissionCode) {
-        log.trace("validate has public identifier, databaseId={}, queryId={}, permissionCode={}", databaseId, queryId,
-                permissionCode);
-        final Identifier identifier;
-        try {
-            identifier = identifierService.findByDatabaseIdAndQueryId(databaseId, queryId);
-        } catch (IdentifierNotFoundException e) {
-            return false;
-        }
-        if (identifier.getVisibility().equals(EVERYONE)) {
-            log.debug("grant permission {} because identifier visibility is public", permissionCode);
-            return true;
-        }
-        log.error("Failed to grant permission {} because identifier visibility is not public", permissionCode);
-        return false;
-    }
-
-    protected Boolean isMyPrivateIdentifier(Long databaseId, Long queryId, Principal principal, String permissionCode) {
-        log.trace("validate is my private identifier, databaseId={}, queryId={}, permissionCode={}", databaseId, queryId,
-                permissionCode);
-        final Identifier identifier;
-        try {
-            identifier = identifierService.findByDatabaseIdAndQueryId(databaseId, queryId);
-        } catch (IdentifierNotFoundException e) {
-            return false;
-        }
-        if (identifier.getDatabase().getIsPublic()) {
-            log.debug("grant permission {} because database is public", permissionCode);
-            return true;
-        }
-        if (principal == null) {
-            log.error("Failed to grant permission {} because database is private and principal is null",
-                    permissionCode);
-            return false;
-        }
-        if (identifier.getCreator().getUsername().equals(principal.getName())) {
-            log.debug("grant permission {} because database is private and identifier creator is the current user",
-                    permissionCode);
-            return true;
-        }
-        log.error("Failed to grant permission {} because database is private and identifier creator is not the current user", permissionCode);
-        return false;
-    }
-
-}

dbrepo-query-service/rest-service/src/main/java/at/tuwien/endpoint/ExportEndpoint.java

 package at.tuwien.endpoint;
 
 import at.tuwien.ExportResource;
-import at.tuwien.config.QueryConfig;
+import at.tuwien.entities.database.Database;
 import at.tuwien.exception.*;
 import at.tuwien.service.*;
 import io.micrometer.core.annotation.Timed;
@@ -12,7 +12,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.bind.annotation.*;
 
@@ -27,10 +27,12 @@ import java.time.Instant;
 public class ExportEndpoint {
 
     private final QueryService queryService;
+    private final DatabaseService databaseService;
 
     @Autowired
-    public ExportEndpoint(QueryService queryService) {
+    public ExportEndpoint(QueryService queryService, DatabaseService databaseService) {
         this.queryService = queryService;
+        this.databaseService = databaseService;
     }
 
     @GetMapping
@@ -44,10 +46,21 @@ public class ExportEndpoint {
                                                       Principal principal)
             throws TableNotFoundException, DatabaseConnectionException, TableMalformedException,
             DatabaseNotFoundException, ImageNotSupportedException, PaginationException, ContainerNotFoundException,
-            FileStorageException, QueryMalformedException, UserNotFoundException {
-        // TODO: check if authority 'export-table'
+            FileStorageException, QueryMalformedException, UserNotFoundException, NotAllowedException {
         log.debug("endpoint export table, id={}, databaseId={}, tableId={}, timestamp={}, principal={}", containerId, databaseId,
                 tableId, timestamp, principal);
+        final Database database = databaseService.find(containerId, databaseId);
+        if (!database.getIsPublic()) {
+            if (principal == null) {
+                log.error("Failed to export private table: principal is null");
+                throw new NotAllowedException("Failed to export private table: principal is null");
+            }
+            final Authentication authentication = (Authentication) principal;
+            if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("export-table-data"))) {
+                log.error("Failed to export private table: role missing");
+                throw new NotAllowedException("Failed to export private table: role missing");
+            }
+        }
         final HttpHeaders headers = new HttpHeaders();
         final ExportResource resource = queryService.tableFindAll(containerId, databaseId, tableId, timestamp, principal);
         headers.add("Content-Disposition", "attachment; filename=\"" + resource.getFilename() + "\"");

dbrepo-query-service/rest-service/src/main/java/at/tuwien/endpoint/QueryEndpoint.java

@@ -3,6 +3,7 @@ package at.tuwien.endpoint;
 import at.tuwien.ExportResource;
 import at.tuwien.SortType;
 import at.tuwien.api.database.query.*;
+import at.tuwien.entities.database.Database;
 import at.tuwien.querystore.Query;
 import at.tuwien.exception.*;
 import at.tuwien.service.*;
@@ -16,6 +17,7 @@ import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.bind.annotation.*;
 
@@ -31,11 +33,13 @@ public class QueryEndpoint {
 
     private final QueryService queryService;
     private final StoreService storeService;
+    private final DatabaseService databaseService;
     private final EndpointValidator endpointValidator;
 
     @Autowired
     public QueryEndpoint(QueryService queryService, StoreService storeService,
-                         EndpointValidator endpointValidator) {
+                         DatabaseService databaseService, EndpointValidator endpointValidator) {
+        this.databaseService = databaseService;
         this.endpointValidator = endpointValidator;
         this.queryService = queryService;
         this.storeService = storeService;
@@ -44,7 +48,7 @@ public class QueryEndpoint {
     @PostMapping
     @Transactional(readOnly = true)
     @Timed(value = "query.execute", description = "Time needed to execute a query")
-    @PreAuthorize("hasAuthority('execute-query')")
+    @PreAuthorize("isAuthenticated()")
     @Operation(summary = "Execute query", security = @SecurityRequirement(name = "bearerAuth"))
     public ResponseEntity<QueryResultDto> execute(@NotNull @PathVariable("id") Long containerId,
                                                   @NotNull @PathVariable("databaseId") Long databaseId,
@@ -56,7 +60,7 @@ public class QueryEndpoint {
                                                   @RequestParam(required = false) String sortColumn)
             throws DatabaseNotFoundException, ImageNotSupportedException, QueryStoreException, QueryMalformedException,
             ContainerNotFoundException, ColumnParseException, UserNotFoundException, TableMalformedException,
-            NotAllowedException, DatabaseConnectionException, SortException, PaginationException {
+            DatabaseConnectionException, SortException, PaginationException, NotAllowedException {
         log.debug("endpoint execute query, containerId={}, databaseId={}, data={}, page={}, size={}, principal={}, sortDirection={}, sortColumn={}",
                 containerId, databaseId, data, page, size, principal, sortDirection, sortColumn);
         /* check */
@@ -66,6 +70,18 @@ public class QueryEndpoint {
         }
         endpointValidator.validateForbiddenStatements(data);
         endpointValidator.validateDataParams(page, size, sortDirection, sortColumn);
+        final Database database = databaseService.find(containerId, databaseId);
+        if (!database.getIsPublic()) {
+            if (principal == null) {
+                log.error("Failed to execute private query: principal is null");
+                throw new NotAllowedException("Failed to re-execute private query: principal is null");
+            }
+            final Authentication authentication = (Authentication) principal;
+            if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("execute-query"))) {
+                log.error("Failed to execute private query: role missing");
+                throw new NotAllowedException("Failed to re-execute private query: role missing");
+            }
+        }
         /* execute */
         final QueryResultDto result = queryService.execute(containerId, databaseId, data, principal, page, size,
                 sortDirection, sortColumn);
@@ -76,7 +92,6 @@ public class QueryEndpoint {
 
     @GetMapping("/{queryId}/data")
     @Transactional(readOnly = true)
-    @PreAuthorize("hasAuthority('re-execute-query')")
     @Timed(value = "query.reexecute", description = "Time needed to re-execute a query")
     @Operation(summary = "Re-execute some query", security = @SecurityRequirement(name = "bearerAuth"))
     public ResponseEntity<QueryResultDto> reExecute(@NotNull @PathVariable("id") Long containerId,
@@ -88,11 +103,23 @@ public class QueryEndpoint {
                                                     @RequestParam(required = false) SortType sortDirection,
                                                     @RequestParam(required = false) String sortColumn)
             throws QueryStoreException, QueryNotFoundException, DatabaseNotFoundException, ImageNotSupportedException,
-            QueryMalformedException, TableMalformedException, ColumnParseException, NotAllowedException,
-            DatabaseConnectionException, SortException, PaginationException, UserNotFoundException {
+            QueryMalformedException, TableMalformedException, ColumnParseException,
+            DatabaseConnectionException, SortException, PaginationException, UserNotFoundException, NotAllowedException {
         log.debug("endpoint re-execute query, containerId={}, databaseId={}, queryId={}, principal={}, page={}, size={}, sortDirection={}, sortColumn={}",
                 containerId, databaseId, queryId, principal, page, size, sortDirection, sortColumn);
         endpointValidator.validateDataParams(page, size, sortDirection, sortColumn);
+        final Database database = databaseService.find(containerId, databaseId);
+        if (!database.getIsPublic()) {
+            if (principal == null) {
+                log.error("Failed to re-execute private query: principal is null");
+                throw new NotAllowedException("Failed to re-execute private query: principal is null");
+            }
+            final Authentication authentication = (Authentication) principal;
+            if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("re-execute-query"))) {
+                log.error("Failed to re-execute private query: role missing");
+                throw new NotAllowedException("Failed to re-execute private query: role missing");
+            }
+        }
         /* execute */
         final Query query = storeService.findOne(containerId, databaseId, queryId, principal);
         final QueryResultDto result = queryService.reExecute(containerId, databaseId, query, page, size,
@@ -105,7 +132,6 @@ public class QueryEndpoint {
 
     @GetMapping("/{queryId}/data/count")
     @Transactional(readOnly = true)
-    @PreAuthorize("hasAuthority('re-execute-query')")
     @Timed(value = "query.reexecute.count", description = "Time needed to re-execute a query")
     @Operation(summary = "Re-execute some query", security = @SecurityRequirement(name = "bearerAuth"))
     public ResponseEntity<Long> reExecuteCount(@NotNull @PathVariable("id") Long containerId,
@@ -117,6 +143,18 @@ public class QueryEndpoint {
             DatabaseConnectionException, UserNotFoundException {
         log.debug("endpoint re-execute query count, containerId={}, databaseId={}, queryId={}, principal={}",
                 containerId, databaseId, queryId, principal);
+        final Database database = databaseService.find(containerId, databaseId);
+        if (!database.getIsPublic()) {
+            if (principal == null) {
+                log.error("Failed to re-execute private query: principal is null");
+                throw new NotAllowedException("Failed to re-execute private query: principal is null");
+            }
+            final Authentication authentication = (Authentication) principal;
+            if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("re-execute-query"))) {
+                log.error("Failed to re-execute private query: role missing");
+                throw new NotAllowedException("Failed to re-execute private query: role missing");
+            }
+        }
         /* execute */
         final Query query = storeService.findOne(containerId, databaseId, queryId, principal);
         final Long result = queryService.reExecuteCount(containerId, databaseId, query, principal);
@@ -136,10 +174,21 @@ public class QueryEndpoint {
                                     Principal principal)
             throws QueryStoreException, QueryNotFoundException, DatabaseNotFoundException, ImageNotSupportedException,
             ContainerNotFoundException, TableMalformedException, FileStorageException, QueryMalformedException,
-            DatabaseConnectionException, UserNotFoundException {
-        // TODO: check if authority 'export-query-data'
+            DatabaseConnectionException, UserNotFoundException, NotAllowedException {
         log.debug("endpoint export query, containerId={}, databaseId={}, queryId={}, accept={}, principal={}",
                 containerId, databaseId, queryId, accept, principal);
+        final Database database = databaseService.find(containerId, databaseId);
+        if (!database.getIsPublic()) {
+            if (principal == null) {
+                log.error("Failed to export private query: principal is null");
+                throw new NotAllowedException("Failed to export private query: principal is null");
+            }
+            final Authentication authentication = (Authentication) principal;
+            if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("export-query-data"))) {
+                log.error("Failed to export private query: role missing");
+                throw new NotAllowedException("Failed to export private query: role missing");
+            }
+        }
         final Query query = storeService.findOne(containerId, databaseId, queryId, principal);
         log.trace("querystore returned query {}", query);
         final ExportResource resource = queryService.findOne(containerId, databaseId, queryId, principal);

dbrepo-query-service/rest-service/src/main/java/at/tuwien/endpoint/TableDataEndpoint.java

@@ -50,7 +50,7 @@ public class TableDataEndpoint {
                                        @NotNull @Valid @RequestBody TableCsvDto data,
                                        @NotNull Principal principal)
             throws TableNotFoundException, DatabaseNotFoundException, TableMalformedException,
-            ImageNotSupportedException, ContainerNotFoundException, NotAllowedException, DatabaseConnectionException,
+            ImageNotSupportedException, ContainerNotFoundException, DatabaseConnectionException,
             UserNotFoundException {
         log.debug("endpoint insert data, containerId={}, databaseId={}, tableId={}, data={}, principal={}", containerId,
                 databaseId, tableId, data, principal);
@@ -91,7 +91,7 @@ public class TableDataEndpoint {
                                        @NotNull @Valid @RequestBody TableCsvDeleteDto data,
                                        @NotNull Principal principal)
             throws TableNotFoundException, DatabaseNotFoundException, TableMalformedException,
-            ImageNotSupportedException, TupleDeleteException, ContainerNotFoundException,
+            ImageNotSupportedException, ContainerNotFoundException,
             DatabaseConnectionException, QueryMalformedException, UserNotFoundException {
         log.debug("endpoint delete data, containerId={}, databaseId={}, tableId={}, data={}, principal={}", containerId,
                 databaseId, tableId, data, principal);

dbrepo-query-service/rest-service/src/test/java/at/tuwien/auth/AuthTokenFilterTest.java

-package at.tuwien.auth;
-
-import at.tuwien.BaseUnitTest;
-import at.tuwien.config.H2Utils;
-import at.tuwien.config.IndexConfig;
-import at.tuwien.config.ReadyConfig;
-import at.tuwien.repository.jpa.UserRepository;
-import com.rabbitmq.client.Channel;
-import lombok.extern.log4j.Log4j2;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.boot.test.mock.mockito.MockBean;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.test.context.junit.jupiter.SpringExtension;
-
-import static org.junit.jupiter.api.Assertions.*;
-
-@Log4j2
-@SpringBootTest
-@ExtendWith(SpringExtension.class)
-public class AuthTokenFilterTest extends BaseUnitTest {
-
-    @MockBean
-    private Channel channel;
-
-    @MockBean
-    private IndexConfig indexConfig;
-
-    @MockBean
-    private ReadyConfig readyConfig;
-
-    @MockBean
-    private UserRepository userRepository;
-
-    @Autowired
-    private AuthTokenFilter authTokenFilter;
-
-    @Autowired
-    private H2Utils h2Utils;
-
-    @Test
-    public void parseJwt_fails() {
-        final MockHttpServletRequest request = new MockHttpServletRequest();
-        request.addHeader("Authorization", "Basic dXNlcjpwYXNz");
-
-        /* test */
-        final String response = authTokenFilter.parseJwt(request);
-        assertNull(response);
-    }
-
-    @Test
-    public void parseJwt_noAuthenticationHeader_fails() {
-        final MockHttpServletRequest request = new MockHttpServletRequest();
-
-        /* test */
-        final String response = authTokenFilter.parseJwt(request);
-        assertNull(response);
-    }
-
-}

dbrepo-query-service/rest-service/src/test/java/at/tuwien/endpoint/ExportEndpointUnitTest.java

@@ -20,12 +20,16 @@ import org.apache.commons.io.FileUtils;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.mock.mockito.MockBean;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.test.context.support.WithAnonymousUser;
+import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
+import org.springframework.web.client.RestTemplate;
 
 import java.io.File;
 import java.io.IOException;
@@ -51,11 +55,9 @@ public class ExportEndpointUnitTest extends BaseUnitTest {
     @MockBean
     private IndexConfig indexInitializer;
 
-    /* keep */
     @MockBean
     private RabbitMqListenerImpl rabbitMqListener;
 
-    /* keep */
     @MockBean
     private BrokerServiceGateway brokerServiceGateway;
 
@@ -75,75 +77,56 @@ public class ExportEndpointUnitTest extends BaseUnitTest {
     private ExportEndpoint exportEndpoint;
 
     @Test
-    public void export_publicAnonymous_succeeds() throws TableNotFoundException, DatabaseConnectionException,
-            TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
-            PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
-            UserNotFoundException, IOException {
+    @WithAnonymousUser
+    public void export_anonymous_succeeds() {
 
         /* test */
+        assertThrows(NotAllowedException.class, () -> {
             export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, null, null, null, null);
+        });
     }
 
     @Test
-    public void export_publicRead_succeeds() throws TableNotFoundException, DatabaseConnectionException,
-            TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
-            PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
-            UserNotFoundException, IOException {
-
-        /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, null, USER_2_PRINCIPAL, USER_2_USERNAME, DATABASE_1_RESEARCHER_READ_ACCESS);
-    }
-
-    @Test
-    public void export_publicWriteOwn_succeeds() throws TableNotFoundException, DatabaseConnectionException,
-            TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
-            PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
-            UserNotFoundException, IOException {
-
-        /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, null, USER_2_PRINCIPAL, USER_2_USERNAME, DATABASE_1_RESEARCHER_WRITE_OWN_ACCESS);
-    }
-
-    @Test
-    public void export_publicWriteAll_succeeds() throws TableNotFoundException, DatabaseConnectionException,
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"export-table-data"})
+    public void export_publicHasRoleNoAccess_succeeds() throws TableNotFoundException, DatabaseConnectionException,
             TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
             PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
             UserNotFoundException, IOException {
 
         /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, null, USER_2_PRINCIPAL, USER_2_USERNAME, DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS);
+        export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, null, USER_1_PRINCIPAL, USER_1_USERNAME, null);
     }
 
     @Test
-    public void export_publicOwner_succeeds() throws TableNotFoundException, DatabaseConnectionException,
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"export-table-data"})
+    public void export_publicHasRoleReadAccess_succeeds() throws TableNotFoundException, DatabaseConnectionException,
             TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
             PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
             UserNotFoundException, IOException {
 
         /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, null, USER_1_PRINCIPAL, USER_1_USERNAME, DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS);
+        export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, null, USER_1_PRINCIPAL, USER_1_USERNAME, DATABASE_1_RESEARCHER_READ_ACCESS);
     }
 
     @Test
-    public void export_publicReadWithTimestamp_succeeds() throws TableNotFoundException, DatabaseConnectionException,
-            TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
-            PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
-            UserNotFoundException, IOException {
+    @WithAnonymousUser
+    public void export_publicReadWithTimestamp_succeeds() {
         final Instant timestamp = Instant.now();
 
         /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, timestamp, USER_2_PRINCIPAL, USER_2_USERNAME, DATABASE_1_RESEARCHER_READ_ACCESS);
+        assertThrows(NotAllowedException.class, () -> {
+            export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, timestamp, null, null, null);
+        });
     }
 
     @Test
-    public void export_publicReadWithTimestampInFuture_succeeds() throws TableNotFoundException, DatabaseConnectionException,
-            TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
-            PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
-            UserNotFoundException, IOException {
+    public void export_publicReadWithTimestampInFuture_succeeds() {
         final Instant timestamp = Instant.now().plus(10, ChronoUnit.DAYS);
 
         /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, timestamp, USER_2_PRINCIPAL, USER_2_USERNAME, DATABASE_1_RESEARCHER_READ_ACCESS);
+        assertThrows(NotAllowedException.class, () -> {
+            export_generic(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, timestamp, null, null, null);
+        });
     }
 
     /* ################################################################################################### */
@@ -151,6 +134,7 @@ public class ExportEndpointUnitTest extends BaseUnitTest {
     /* ################################################################################################### */
 
     @Test
+    @WithAnonymousUser
     public void export_privateAnonymous_fails() {
 
         /* test */
@@ -160,17 +144,19 @@ public class ExportEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
-    public void export_privateRead_succeeds() throws TableNotFoundException, DatabaseConnectionException,
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-table-data"})
+    public void export_privateHasRoleNoAccess_fails() throws TableNotFoundException, DatabaseConnectionException,
             TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
             PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
             UserNotFoundException, IOException {
 
         /* test */
-        export_generic(CONTAINER_2_ID, DATABASE_2_ID, TABLE_1_ID, DATABASE_2, null, USER_2_PRINCIPAL, USER_2_USERNAME, DATABASE_2_RESEARCHER_READ_ACCESS);
+        export_generic(CONTAINER_2_ID, DATABASE_2_ID, TABLE_1_ID, DATABASE_2, null, USER_2_PRINCIPAL, USER_2_USERNAME, null);
     }
 
     @Test
-    public void export_privateWriteOwn_succeeds() throws TableNotFoundException, DatabaseConnectionException,
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-table-data"})
+    public void export_HasRoleReadAccess_succeeds() throws TableNotFoundException, DatabaseConnectionException,
             TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
             PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
             UserNotFoundException, IOException {
@@ -180,26 +166,7 @@ public class ExportEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
-    public void export_privateWriteAll_succeeds() throws TableNotFoundException, DatabaseConnectionException,
-            TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
-            PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
-            UserNotFoundException, IOException {
-
-        /* test */
-        export_generic(CONTAINER_2_ID, DATABASE_2_ID, TABLE_1_ID, DATABASE_2, null, USER_2_PRINCIPAL, USER_2_USERNAME, DATABASE_2_RESEARCHER_WRITE_ALL_ACCESS);
-    }
-
-    @Test
-    public void export_privateOwner_succeeds() throws TableNotFoundException, DatabaseConnectionException,
-            TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
-            PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
-            UserNotFoundException, IOException {
-
-        /* test */
-        export_generic(CONTAINER_2_ID, DATABASE_2_ID, TABLE_1_ID, DATABASE_2, null, USER_1_PRINCIPAL, USER_1_USERNAME, DATABASE_2_RESEARCHER_WRITE_ALL_ACCESS);
-    }
-
-    @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-table-data"})
     public void export_privateReadWithTimestamp_succeeds() throws TableNotFoundException, DatabaseConnectionException,
             TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
             PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,
@@ -211,6 +178,7 @@ public class ExportEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-table-data"})
     public void export_privateReadWithTimestampInFuture_succeeds() throws TableNotFoundException, DatabaseConnectionException,
             TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException, FileStorageException,
             PaginationException, ContainerNotFoundException, NotAllowedException, QueryMalformedException,

dbrepo-query-service/rest-service/src/test/java/at/tuwien/endpoint/QueryEndpointUnitTest.java

@@ -11,8 +11,8 @@ import at.tuwien.entities.database.Database;
 import at.tuwien.entities.database.DatabaseAccess;
 import at.tuwien.exception.*;
 import at.tuwien.gateway.BrokerServiceGateway;
-import at.tuwien.listener.MessageQueueListener;
 import at.tuwien.listener.impl.RabbitMqListenerImpl;
+import at.tuwien.querystore.Query;
 import at.tuwien.repository.jpa.ContainerRepository;
 import at.tuwien.repository.jpa.DatabaseAccessRepository;
 import at.tuwien.repository.jpa.DatabaseRepository;
@@ -30,6 +30,9 @@ import org.springframework.boot.test.mock.mockito.MockBean;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.test.context.support.WithAnonymousUser;
+import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 
 import java.io.File;
@@ -84,203 +87,189 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
     private QueryEndpoint queryEndpoint;
 
     @Test
-    public void execute_forbiddenKeyword_fails() {
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
+    public void execute_publicForbiddenKeyword_fails() {
         final String statement = "SELECT w.* FROM `weather_aus` w";
 
         /* test */
-        assertThrows(NotAllowedException.class, () -> {
-            generic_execute(CONTAINER_1_ID, DATABASE_1_ID, statement, null, USER_2_PRINCIPAL, DATABASE_1, null);
+        assertThrows(QueryMalformedException.class, () -> {
+            generic_execute(CONTAINER_3_ID, DATABASE_3_ID, statement, null, USER_2_PRINCIPAL, DATABASE_3, null);
         });
     }
 
     @Test
-    public void execute_emptyStatement_fails() {
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
+    public void execute_publicEmptyStatement_fails() {
         final String statement = null;
 
         /* test */
         assertThrows(QueryMalformedException.class, () -> {
-            generic_execute(CONTAINER_1_ID, DATABASE_1_ID, statement, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_READ_ACCESS);
+            generic_execute(CONTAINER_3_ID, DATABASE_3_ID, statement, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_DEVELOPER_READ_ACCESS);
         });
     }
 
     @Test
-    public void execute_blankStatement_fails() {
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
+    public void execute_publicBlankStatement_fails() {
         final String statement = "";
 
         /* test */
         assertThrows(QueryMalformedException.class, () -> {
-            generic_execute(CONTAINER_1_ID, DATABASE_1_ID, statement, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_READ_ACCESS);
+            generic_execute(CONTAINER_3_ID, DATABASE_3_ID, statement, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_DEVELOPER_READ_ACCESS);
         });
     }
 
     @Test
-    public void execute_forbiddenKeyword2_fails() {
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
+    public void execute_publicForbiddenKeyword2_fails() {
         final String statement = "SELECT * FROM `weather_aus` w";
 
         /* test */
-        assertThrows(NotAllowedException.class, () -> {
-            generic_execute(CONTAINER_1_ID, DATABASE_1_ID, statement, null, USER_2_PRINCIPAL, DATABASE_1, null);
+        assertThrows(QueryMalformedException.class, () -> {
+            generic_execute(CONTAINER_3_ID, DATABASE_3_ID, statement, null, USER_2_PRINCIPAL, DATABASE_3, null);
         });
     }
 
     @Test
+    @WithAnonymousUser
     public void execute_publicAnonymized_fails() {
-        final Principal principal = null;
 
         /* test */
-        assertThrows(NotAllowedException.class, () -> {
-            generic_execute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_STATEMENT, null, principal, DATABASE_1, null);
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_execute(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_STATEMENT, null, null, DATABASE_3, null);
         });
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void execute_publicRead_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, ContainerNotFoundException, SortException, NotAllowedException,
             PaginationException {
 
         /* test */
-        generic_execute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_STATEMENT, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_READ_ACCESS);
+        generic_execute(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_STATEMENT, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_DEVELOPER_WRITE_ALL_ACCESS);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void execute_publicWriteOwn_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, ContainerNotFoundException, SortException, NotAllowedException,
             PaginationException {
 
         /* test */
-        generic_execute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_STATEMENT, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_WRITE_OWN_ACCESS);
+        generic_execute(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_STATEMENT, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_DEVELOPER_WRITE_ALL_ACCESS);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void execute_publicWriteAll_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, ContainerNotFoundException, SortException, NotAllowedException,
             PaginationException {
 
         /* test */
-        generic_execute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_STATEMENT, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS);
+        generic_execute(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_STATEMENT, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_DEVELOPER_WRITE_ALL_ACCESS);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void execute_publicOwner_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, ContainerNotFoundException, SortException, NotAllowedException,
             PaginationException {
 
         /* test */
-        generic_execute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_STATEMENT, USER_1_USERNAME, USER_1_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS);
+        generic_execute(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_STATEMENT, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_DEVELOPER_WRITE_ALL_ACCESS);
     }
 
     @Test
-    public void reExecute_publicAnonymized_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
-            DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
-            ImageNotSupportedException, SortException, NotAllowedException,
-            PaginationException, QueryNotFoundException {
+    @WithAnonymousUser
+    public void reExecute_publicAnonymized_succeeds() throws UserNotFoundException, QueryStoreException, SortException,
+            DatabaseConnectionException, TableMalformedException, NotAllowedException, QueryMalformedException,
+            QueryNotFoundException, ColumnParseException, DatabaseNotFoundException, ImageNotSupportedException,
+            PaginationException {
 
         /* test */
-        generic_reExecute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, null, null, DATABASE_1, null);
+        generic_reExecute(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_ID, QUERY_4, QUERY_4_RESULT_ID, QUERY_4_RESULT_DTO,
+                null, null, DATABASE_3, null);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void reExecute_publicRead_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, SortException, NotAllowedException,
             PaginationException, QueryNotFoundException {
 
         /* test */
-        generic_reExecute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_READ_ACCESS);
-    }
-
-    @Test
-    public void reExecute_publicWriteOwn_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
-            DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
-            ImageNotSupportedException, SortException, NotAllowedException,
-            PaginationException, QueryNotFoundException {
-
-        /* test */
-        generic_reExecute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_WRITE_OWN_ACCESS);
+        generic_reExecute(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_ID, QUERY_4, QUERY_4_RESULT_ID, QUERY_4_RESULT_DTO,
+                USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_RESEARCHER_READ_ACCESS);
     }
 
     @Test
-    public void reExecute_publicWriteAll_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
+    public void reExecute_public_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, SortException, NotAllowedException,
             PaginationException, QueryNotFoundException {
 
         /* test */
-        generic_reExecute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS);
-    }
-
-    @Test
-    public void reExecute_publicOwner_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
-            DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
-            ImageNotSupportedException, SortException, NotAllowedException,
-            PaginationException, QueryNotFoundException {
-
-        /* test */
-        generic_reExecute(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, USER_1_USERNAME, USER_1_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS);
+        generic_reExecute(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_ID, QUERY_4, QUERY_4_RESULT_ID, QUERY_4_RESULT_DTO,
+                USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_RESEARCHER_WRITE_OWN_ACCESS);
     }
 
     @Test
+    @WithAnonymousUser
     public void export_publicAnonymized_succeeds() throws UserNotFoundException, QueryStoreException,
             TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
-            ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
-            ContainerNotFoundException, IOException {
+            ImageNotSupportedException, QueryNotFoundException, FileStorageException,
+            ContainerNotFoundException, IOException, NotAllowedException {
 
         /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, null, null, DATABASE_1, null, null, HttpStatus.OK);
+        export_generic(CONTAINER_3_ID, DATABASE_3_ID, QUERY_3_ID, null, null, DATABASE_3, null, null, HttpStatus.OK);
     }
 
     @Test
-    public void export_publicAnonymized_fails() throws UserNotFoundException, QueryStoreException,
-            TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
-            ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
-            ContainerNotFoundException, IOException {
+    @WithAnonymousUser
+    public void export_publicAnonymizedInvalidFormat_fails() throws UserNotFoundException, QueryStoreException, DatabaseConnectionException, TableMalformedException, NotAllowedException, QueryMalformedException, QueryNotFoundException, DatabaseNotFoundException, ImageNotSupportedException, IOException, FileStorageException, ContainerNotFoundException {
 
         /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, null, null, DATABASE_1, null, "application/json", HttpStatus.NOT_IMPLEMENTED);
+        export_generic(CONTAINER_3_ID, DATABASE_3_ID, QUERY_3_ID, null, null, DATABASE_3, null, "application/json", HttpStatus.NOT_IMPLEMENTED);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-query-data"})
     public void export_publicRead_succeeds() throws UserNotFoundException, QueryStoreException,
             TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
-            ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
-            ContainerNotFoundException, IOException {
+            ImageNotSupportedException, QueryNotFoundException, FileStorageException,
+            ContainerNotFoundException, IOException, NotAllowedException {
 
         /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_READ_ACCESS, null, HttpStatus.OK);
+        export_generic(CONTAINER_3_ID, DATABASE_3_ID, QUERY_3_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_RESEARCHER_READ_ACCESS, null, HttpStatus.OK);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-query-data"})
     public void export_publicWriteOwn_succeeds() throws UserNotFoundException, QueryStoreException,
             TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
-            ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
-            ContainerNotFoundException, IOException {
+            ImageNotSupportedException, QueryNotFoundException, FileStorageException,
+            ContainerNotFoundException, IOException, NotAllowedException {
 
         /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_WRITE_OWN_ACCESS, null, HttpStatus.OK);
+        export_generic(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_RESEARCHER_WRITE_OWN_ACCESS, null, HttpStatus.OK);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-query-data"})
     public void export_publicWriteAll_succeeds() throws UserNotFoundException, QueryStoreException,
             TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
-            ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
-            ContainerNotFoundException, IOException {
-
-        /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS, null, HttpStatus.OK);
-    }
-
-    @Test
-    public void export_publicOwner_succeeds() throws UserNotFoundException, QueryStoreException,
-            TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
-            ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
-            ContainerNotFoundException, IOException {
+            ImageNotSupportedException, QueryNotFoundException, FileStorageException,
+            ContainerNotFoundException, IOException, NotAllowedException {
 
         /* test */
-        export_generic(CONTAINER_1_ID, DATABASE_1_ID, QUERY_1_ID, USER_1_USERNAME, USER_1_PRINCIPAL, DATABASE_1, DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS, null, HttpStatus.OK);
+        export_generic(CONTAINER_3_ID, DATABASE_3_ID, QUERY_4_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_3, DATABASE_3_RESEARCHER_WRITE_ALL_ACCESS, null, HttpStatus.OK);
     }
 
     /* ################################################################################################### */
@@ -288,16 +277,18 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
     /* ################################################################################################### */
 
     @Test
+    @WithAnonymousUser
     public void execute_privateAnonymized_fails() {
         final Principal principal = null;
 
         /* test */
-        assertThrows(NotAllowedException.class, () -> {
+        assertThrows(AccessDeniedException.class, () -> {
             generic_execute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_STATEMENT, null, principal, DATABASE_2, null);
         });
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void execute_privateRead_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, ContainerNotFoundException, SortException, NotAllowedException,
@@ -308,6 +299,7 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void execute_privateWriteOwn_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, ContainerNotFoundException, SortException, NotAllowedException,
@@ -318,6 +310,7 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void execute_privateWriteAll_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, ContainerNotFoundException, SortException, NotAllowedException,
@@ -328,6 +321,7 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void execute_privateOwner_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, ContainerNotFoundException, SortException, NotAllowedException,
@@ -338,55 +332,54 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
+    @WithAnonymousUser
     public void reExecute_privateAnonymized_fails() {
 
         /* test */
         assertThrows(NotAllowedException.class, () -> {
-            generic_reExecute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, null, null, DATABASE_2, null);
+            generic_reExecute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, QUERY_1, QUERY_1_RESULT_ID, QUERY_1_RESULT_DTO,
+                    null, null, DATABASE_2, null);
         });
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void reExecute_privateRead_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, SortException, NotAllowedException,
             PaginationException, QueryNotFoundException {
 
         /* test */
-        generic_reExecute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_2, DATABASE_2_RESEARCHER_READ_ACCESS);
+        generic_reExecute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, QUERY_1, QUERY_1_RESULT_ID, QUERY_1_RESULT_DTO,
+                USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_2, DATABASE_2_RESEARCHER_READ_ACCESS);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void reExecute_privateWriteOwn_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, SortException, NotAllowedException,
             PaginationException, QueryNotFoundException {
 
         /* test */
-        generic_reExecute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_2, DATABASE_2_RESEARCHER_WRITE_OWN_ACCESS);
+        generic_reExecute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, QUERY_1, QUERY_1_RESULT_ID, QUERY_1_RESULT_DTO,
+                USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_2, DATABASE_2_RESEARCHER_WRITE_OWN_ACCESS);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"execute-query"})
     public void reExecute_privateWriteAll_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
             DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
             ImageNotSupportedException, SortException, NotAllowedException,
             PaginationException, QueryNotFoundException {
 
         /* test */
-        generic_reExecute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_2, DATABASE_2_RESEARCHER_WRITE_ALL_ACCESS);
-    }
-
-    @Test
-    public void reExecute_privateOwner_succeeds() throws UserNotFoundException, QueryStoreException, TableMalformedException,
-            DatabaseConnectionException, QueryMalformedException, ColumnParseException, DatabaseNotFoundException,
-            ImageNotSupportedException, SortException, NotAllowedException,
-            PaginationException, QueryNotFoundException {
-
-        /* test */
-        generic_reExecute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, USER_1_USERNAME, USER_1_PRINCIPAL, DATABASE_2, DATABASE_2_RESEARCHER_WRITE_ALL_ACCESS);
+        generic_reExecute(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, QUERY_1, QUERY_1_RESULT_ID, QUERY_1_RESULT_DTO,
+                USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_2, DATABASE_2_RESEARCHER_WRITE_ALL_ACCESS);
     }
 
     @Test
+    @WithAnonymousUser
     public void export_privateAnonymized_fails() {
 
         /* test */
@@ -396,15 +389,15 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
-    public void export_privateAnonymized2_fails() {
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-query-data"})
+    public void export_privateInvalidFormat_fails() throws UserNotFoundException, QueryStoreException, DatabaseConnectionException, TableMalformedException, NotAllowedException, QueryMalformedException, QueryNotFoundException, DatabaseNotFoundException, ImageNotSupportedException, IOException, FileStorageException, ContainerNotFoundException {
 
         /* test */
-        assertThrows(NotAllowedException.class, () -> {
-            export_generic(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, null, null, DATABASE_2, null, "application/json", HttpStatus.NOT_IMPLEMENTED);
-        });
+        export_generic(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_2, DATABASE_2_DEVELOPER_READ_ACCESS, "application/json", HttpStatus.NOT_IMPLEMENTED);
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-query-data"})
     public void export_privateRead_succeeds() throws UserNotFoundException, QueryStoreException,
             TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
             ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
@@ -415,6 +408,7 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-query-data"})
     public void export_privateWriteOwn_succeeds() throws UserNotFoundException, QueryStoreException,
             TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
             ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
@@ -425,6 +419,7 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
     }
 
     @Test
+    @WithMockUser(username = USER_2_USERNAME, authorities = {"export-query-data"})
     public void export_privateWriteAll_succeeds() throws UserNotFoundException, QueryStoreException,
             TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
             ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
@@ -434,16 +429,6 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
         export_generic(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, USER_2_USERNAME, USER_2_PRINCIPAL, DATABASE_2, DATABASE_2_RESEARCHER_WRITE_ALL_ACCESS, null, HttpStatus.OK);
     }
 
-    @Test
-    public void export_privateOwner_succeeds() throws UserNotFoundException, QueryStoreException,
-            TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
-            ImageNotSupportedException, NotAllowedException, QueryNotFoundException, FileStorageException,
-            ContainerNotFoundException, IOException {
-
-        /* test */
-        export_generic(CONTAINER_2_ID, DATABASE_2_ID, QUERY_1_ID, USER_1_USERNAME, USER_1_PRINCIPAL, DATABASE_2, DATABASE_2_RESEARCHER_WRITE_ALL_ACCESS, null, HttpStatus.OK);
-    }
-
     /* ################################################################################################### */
     /* ## GENERIC TEST CASES                                                                            ## */
     /* ################################################################################################### */
@@ -489,8 +474,9 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
         assertEquals(QUERY_1_RESULT_RESULT, response.getBody().getResult());
     }
 
-    protected void generic_reExecute(Long containerId, Long databaseId, Long queryId, String username,
-                                     Principal principal, Database database, DatabaseAccess access)
+    protected void generic_reExecute(Long containerId, Long databaseId, Long queryId, Query query, Long resultId,
+                                     QueryResultDto result, String username, Principal principal, Database database,
+                                     DatabaseAccess access)
             throws UserNotFoundException, QueryStoreException, DatabaseConnectionException, QueryNotFoundException,
             DatabaseNotFoundException, ImageNotSupportedException, TableMalformedException, QueryMalformedException,
             ColumnParseException, SortException, NotAllowedException, PaginationException {
@@ -503,7 +489,7 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
         when(databaseRepository.findByContainerIdAndDatabaseId(containerId, databaseId))
                 .thenReturn(Optional.of(database));
         when(storeService.findOne(containerId, databaseId, queryId, principal))
-                .thenReturn(QUERY_1);
+                .thenReturn(query);
         if (access == null) {
             when(databaseAccessRepository.findByDatabaseIdAndUsername(databaseId, username))
                     .thenReturn(Optional.empty());
@@ -511,18 +497,15 @@ public class QueryEndpointUnitTest extends BaseUnitTest {
             when(databaseAccessRepository.findByDatabaseIdAndUsername(databaseId, username))
                     .thenReturn(Optional.of(access));
         }
-        when(queryService.reExecute(containerId, databaseId, QUERY_1, page, size, sortDirection, sortColumn, principal))
-                .thenReturn(QUERY_1_RESULT_DTO);
+        when(queryService.reExecute(containerId, databaseId, query, page, size, sortDirection, sortColumn, principal))
+                .thenReturn(result);
 
         /* test */
         final ResponseEntity<QueryResultDto> response = queryEndpoint.reExecute(containerId, databaseId, queryId,
                 principal, page, size, sortDirection, sortColumn);
         assertEquals(HttpStatus.ACCEPTED, response.getStatusCode());
         assertNotNull(response.getBody());
-        assertEquals(QUERY_1_RESULT_ID, response.getBody().getId());
-        assertEquals(QUERY_1_RESULT_NUMBER, response.getBody().getResultNumber());
-        assertEquals(QUERY_1_RESULT_NUMBER, response.getBody().getResult().size());
-        assertEquals(QUERY_1_RESULT_RESULT, response.getBody().getResult());
+        assertEquals(resultId, response.getBody().getId());
     }
 
     protected void export_generic(Long containerId, Long databaseId, Long queryId, String username, Principal principal,

dbrepo-query-service/rest-service/src/test/java/at/tuwien/endpoint/StoreEndpointUnitTest.java

@@ -12,6 +12,7 @@ import at.tuwien.exception.*;
 import at.tuwien.gateway.BrokerServiceGateway;
 import at.tuwien.listener.impl.RabbitMqListenerImpl;
 import at.tuwien.querystore.Query;
+import at.tuwien.repository.jpa.DatabaseAccessRepository;
 import at.tuwien.repository.jpa.IdentifierRepository;
 import at.tuwien.service.AccessService;
 import at.tuwien.service.DatabaseService;
@@ -32,6 +33,7 @@ import org.springframework.test.context.junit.jupiter.SpringExtension;
 
 import java.security.Principal;
 import java.util.List;
+import java.util.Optional;
 import java.util.UUID;
 
 import static org.junit.jupiter.api.Assertions.*;
@@ -63,73 +65,89 @@ public class StoreEndpointUnitTest extends BaseUnitTest {
     @Autowired
     private StoreEndpoint storeEndpoint;
 
-    @MockBean
-    private QueryService queryService;
-
     @MockBean
     private StoreServiceImpl storeService;
 
     @MockBean
-    private IdentifierRepository identifierRepository;
+    private DatabaseService databaseService;
 
     @MockBean
-    private DatabaseService databaseService;
+    private DatabaseAccessRepository accessRepository;
 
     @MockBean
     private AccessService accessService;
 
     @Test
+    @WithAnonymousUser
     public void findAll_anonymous_succeeds() throws QueryStoreException, DatabaseNotFoundException, ImageNotSupportedException,
-            ContainerNotFoundException, NotAllowedException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
+            ContainerNotFoundException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
 
         /* test */
-        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, null, null);
+        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, null);
     }
 
     @Test
-    @WithAnonymousUser
-    public void findAll_anonymous2_succeeds() throws QueryStoreException, DatabaseNotFoundException, ImageNotSupportedException,
-            ContainerNotFoundException, NotAllowedException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
+    @WithMockUser(username = USER_1_USERNAME)
+    public void findAll_noRole_succeeds() throws QueryStoreException, DatabaseNotFoundException, ImageNotSupportedException,
+            ContainerNotFoundException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
 
         /* test */
-        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, null, null);
+        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, USER_1_PRINCIPAL);
     }
 
     @Test
-    @WithMockUser(username = USER_1_USERNAME)
-    public void findAll_researcher_succeeds() throws QueryStoreException, DatabaseNotFoundException, ImageNotSupportedException,
-            ContainerNotFoundException, NotAllowedException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"list-queries"})
+    public void findAll_hasRole_succeeds() throws QueryStoreException, DatabaseNotFoundException, ImageNotSupportedException,
+            ContainerNotFoundException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
 
         /* test */
-        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, USER_1, USER_1_PRINCIPAL);
+        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, USER_1_PRINCIPAL);
     }
 
     @Test
-    @WithMockUser(username = USER_1_USERNAME)
-    public void findAll_researcherPrivateNoAccess_fails() {
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"list-queries"})
+    public void findAll_noAccess_fails() {
+
+        /* mock */
+        when(accessRepository.findByDatabaseIdAndUsername(DATABASE_2_ID, USER_1_USERNAME))
+                .thenReturn(Optional.of(DATABASE_1_RESEARCHER_READ_ACCESS));
 
         /* test */
         assertThrows(NotAllowedException.class, () -> {
-            findAll_generic(CONTAINER_2_ID, DATABASE_2_ID, DATABASE_2, USER_1, USER_1_PRINCIPAL);
+            findAll_generic(CONTAINER_2_ID, DATABASE_2_ID, DATABASE_2, USER_1_PRINCIPAL);
         });
     }
 
+    @Test
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"list-queries"})
+    public void findAll_hasAccess_succeeds() throws UserNotFoundException, QueryStoreException,
+            DatabaseConnectionException, TableMalformedException, DatabaseNotFoundException, ImageNotSupportedException,
+            ContainerNotFoundException {
+
+        /* mock */
+        when(accessRepository.findByDatabaseIdAndUsername(DATABASE_2_ID, USER_1_USERNAME))
+                .thenReturn(Optional.of(DATABASE_1_RESEARCHER_READ_ACCESS));
+
+        /* test */
+        findAll_generic(CONTAINER_2_ID, DATABASE_2_ID, DATABASE_2, USER_1_PRINCIPAL);
+    }
+
     @Test
     @WithMockUser(username = USER_2_USERNAME)
     public void findAll_dataSteward_succeeds() throws QueryStoreException, DatabaseNotFoundException, ImageNotSupportedException,
-            ContainerNotFoundException, NotAllowedException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
+            ContainerNotFoundException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
 
         /* test */
-        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, USER_2, USER_2_PRINCIPAL);
+        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, USER_2_PRINCIPAL);
     }
 
     @Test
     @WithMockUser(username = USER_3_USERNAME)
     public void findAll_developer_succeeds() throws QueryStoreException, DatabaseNotFoundException, ImageNotSupportedException,
-            ContainerNotFoundException, NotAllowedException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
+            ContainerNotFoundException, DatabaseConnectionException, TableMalformedException, UserNotFoundException {
 
         /* test */
-        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, USER_3, USER_3_PRINCIPAL);
+        findAll_generic(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, USER_3_PRINCIPAL);
     }
 
     @Test
@@ -298,9 +316,9 @@ public class StoreEndpointUnitTest extends BaseUnitTest {
         return response.getBody();
     }
 
-    protected void findAll_generic(Long containerId, Long databaseId, Database database, User user, Principal principal)
+    protected void findAll_generic(Long containerId, Long databaseId, Database database, Principal principal)
             throws UserNotFoundException, QueryStoreException, DatabaseConnectionException, TableMalformedException,
-            DatabaseNotFoundException, ImageNotSupportedException, ContainerNotFoundException, NotAllowedException {
+            DatabaseNotFoundException, ImageNotSupportedException, ContainerNotFoundException {
 
         /* mock */
         doReturn(List.of(QUERY_1)).when(storeService)

dbrepo-query-service/rest-service/src/test/java/at/tuwien/endpoint/TableDataEndpointUnitTest.java

@@ -20,6 +20,7 @@ import at.tuwien.service.TableService;
 import at.tuwien.service.impl.QueryServiceImpl;
 import com.rabbitmq.client.Channel;
 import lombok.extern.log4j.Log4j2;
+import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.Arguments;
@@ -29,6 +30,9 @@ import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.mock.mockito.MockBean;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.test.context.support.WithAnonymousUser;
+import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 
 import java.security.Principal;
@@ -75,177 +79,267 @@ public class TableDataEndpointUnitTest extends BaseUnitTest {
     @Autowired
     private TableDataEndpoint dataEndpoint;
 
-    public static Stream<Arguments> import_fails_parameters() {
-        return Stream.of(
-                Arguments.arguments("public anonymous", NotAllowedException.class, CONTAINER_1_ID, DATABASE_1_ID,
-                        DATABASE_1,
-                        TABLE_1_ID, TABLE_1, null, null, null),
-                Arguments.arguments("public read", NotAllowedException.class, CONTAINER_1_ID, DATABASE_1_ID,
-                        DATABASE_1, TABLE_1_ID,
-                        TABLE_1, USER_2_USERNAME, DATABASE_1_RESEARCHER_READ_ACCESS, USER_2_PRINCIPAL),
-                Arguments.arguments("public write-own", NotAllowedException.class, CONTAINER_1_ID, DATABASE_1_ID,
-                        DATABASE_1, TABLE_1_ID,
-                        TABLE_1, USER_2_USERNAME, DATABASE_1_RESEARCHER_WRITE_OWN_ACCESS, USER_2_PRINCIPAL),
-                Arguments.arguments("private anonymous", NotAllowedException.class, CONTAINER_2_ID, DATABASE_2_ID,
-                        DATABASE_2, TABLE_1_ID, TABLE_1, null, null, null),
-                Arguments.arguments("private read", NotAllowedException.class, CONTAINER_2_ID, DATABASE_2_ID,
-                        DATABASE_2, TABLE_1_ID, TABLE_1, USER_2_USERNAME,
-                        DATABASE_2_RESEARCHER_READ_ACCESS, USER_2_PRINCIPAL),
-                Arguments.arguments("private write-own", NotAllowedException.class, CONTAINER_2_ID, DATABASE_2_ID,
-                        DATABASE_2, TABLE_1_ID, TABLE_1, USER_2_USERNAME,
-                        DATABASE_2_RESEARCHER_WRITE_OWN_ACCESS, USER_2_PRINCIPAL)
-        );
+    @Test
+    @WithAnonymousUser
+    public void import_publicAnonymous_fails() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_import(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, TABLE_1_ID, TABLE_1, null, null, null);
+        });
     }
 
-    @ParameterizedTest
-    @MethodSource("import_fails_parameters")
-    public <T extends Throwable> void import_fails(String test, Class<T> expectedException, Long containerId,
-                                                   Long databaseId, Database database, Long tableId, Table table,
-                                                   String username, DatabaseAccess access, Principal principal) {
+    @Test
+    @WithMockUser(username = USER_2_USERNAME)
+    public void import_publicNoRoleRead_fails() {
 
         /* test */
-        assertThrows(expectedException, () -> {
-            generic_import(containerId, databaseId, database, tableId, table, username, access, principal);
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_import(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, TABLE_1_ID, TABLE_1, USER_2_USERNAME,
+                    DATABASE_1_RESEARCHER_READ_ACCESS, USER_2_PRINCIPAL);
         });
     }
 
-    public static Stream<Arguments> import_succeeds_parameters() {
-        return Stream.of(
-                Arguments.arguments("public write-all", CONTAINER_3_ID, DATABASE_3_ID, DATABASE_3, TABLE_8_ID, TABLE_8,
-                        USER_1_USERNAME, DATABASE_3_RESEARCHER_WRITE_ALL_ACCESS, USER_1_PRINCIPAL),
-                Arguments.arguments("private write-all", CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, TABLE_1_ID,
-                        TABLE_1, USER_1_USERNAME,
-                        DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS, USER_1_PRINCIPAL)
-        );
+    @Test
+    @WithMockUser(username = USER_2_USERNAME)
+    public void import_publicNoRoleWriteOwn_fails() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_import(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, TABLE_1_ID, TABLE_1, USER_2_USERNAME,
+                    DATABASE_1_RESEARCHER_WRITE_OWN_ACCESS, USER_2_PRINCIPAL);
+        });
     }
 
-    @ParameterizedTest
-    @MethodSource("import_succeeds_parameters")
-    public void import_succeeds(String test, Long containerId, Long databaseId, Database database, Long tableId,
-                                Table table, String username, DatabaseAccess access, Principal principal) throws UserNotFoundException, TableNotFoundException, NotAllowedException, TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException, ImageNotSupportedException, ContainerNotFoundException {
+    @Test
+    @WithAnonymousUser
+    public void import_privateAnonymous_fails() {
 
         /* test */
-        generic_import(containerId, databaseId, database, tableId, table, username, access, principal);
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_import(CONTAINER_2_ID, DATABASE_2_ID, DATABASE_2, TABLE_1_ID, TABLE_1, null, null, null);
+        });
     }
 
-    public static Stream<Arguments> insert_fails_parameters() {
-        return Stream.of(
-                Arguments.arguments("public anonymous", NotAllowedException.class, CONTAINER_1_ID, DATABASE_1_ID,
-                        TABLE_1_ID,
-                        DATABASE_1, TABLE_1, USER_2_USERNAME, null, TABLE_1_CSV_DTO, null),
-                Arguments.arguments("public read", NotAllowedException.class, CONTAINER_1_ID, DATABASE_1_ID,
-                        TABLE_1_ID, DATABASE_1,
-                        TABLE_1, USER_2_USERNAME, DATABASE_1_RESEARCHER_READ_ACCESS, TABLE_1_CSV_DTO, USER_2_PRINCIPAL),
-                Arguments.arguments("public write-own", NotAllowedException.class, CONTAINER_1_ID, DATABASE_1_ID,
-                        TABLE_1_ID, DATABASE_1,
-                        TABLE_1, USER_2_USERNAME, DATABASE_1_RESEARCHER_WRITE_OWN_ACCESS, TABLE_1_CSV_DTO, USER_2_PRINCIPAL),
-                Arguments.arguments("private anonymous", NotAllowedException.class, CONTAINER_2_ID, DATABASE_2_ID,
-                        TABLE_1_ID, DATABASE_2, TABLE_1, USER_2_USERNAME, null,
-                        TABLE_1_CSV_DTO, null),
-                Arguments.arguments("private read", NotAllowedException.class, CONTAINER_2_ID, DATABASE_2_ID,
-                        TABLE_1_ID, DATABASE_2, TABLE_1, USER_2_USERNAME,
-                        DATABASE_2_RESEARCHER_READ_ACCESS, TABLE_1_CSV_DTO, USER_2_PRINCIPAL),
-                Arguments.arguments("private write-own", NotAllowedException.class, CONTAINER_2_ID, DATABASE_2_ID,
-                        TABLE_1_ID, DATABASE_2, TABLE_1, USER_2_USERNAME,
-                        DATABASE_2_RESEARCHER_WRITE_OWN_ACCESS, TABLE_1_CSV_DTO, USER_2_PRINCIPAL)
-        );
+    @Test
+    @WithMockUser(username = USER_2_USERNAME)
+    public void import_privateNoRoleRead_fails() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_import(CONTAINER_2_ID, DATABASE_2_ID, DATABASE_2, TABLE_1_ID, TABLE_1, USER_2_USERNAME,
+                    DATABASE_2_RESEARCHER_READ_ACCESS, USER_2_PRINCIPAL);
+        });
     }
 
-    @ParameterizedTest
-    @MethodSource("insert_fails_parameters")
-    public <T extends Throwable> void insert_fails(String test, Class<T> expectedException, Long containerId,
-                                                   Long databaseId, Long tableId, Database database, Table table,
-                                                   String username, DatabaseAccess access, TableCsvDto data,
-                                                   Principal principal) {
+    @Test
+    @WithMockUser(username = USER_2_USERNAME)
+    public void import_privateNoRoleWriteOwn_fails() {
 
         /* test */
-        assertThrows(expectedException, () -> {
-            generic_insert(containerId, databaseId, tableId, database, table, username, access, data, principal);
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_import(CONTAINER_2_ID, DATABASE_2_ID, DATABASE_2, TABLE_1_ID, TABLE_1, USER_2_USERNAME,
+                    DATABASE_2_RESEARCHER_WRITE_OWN_ACCESS, USER_2_PRINCIPAL);
         });
     }
 
-    public static Stream<Arguments> insert_succeeds_parameters() {
-        return Stream.of(
-                Arguments.arguments("public write-all", CONTAINER_3_ID, DATABASE_3_ID, TABLE_8_ID, DATABASE_3,
-                        TABLE_8, USER_1_USERNAME,
-                        DATABASE_3_RESEARCHER_WRITE_ALL_ACCESS, TABLE_8_CSV_DTO, USER_1_PRINCIPAL),
-                Arguments.arguments("private write-all", CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1,
-                        TABLE_1, USER_1_USERNAME,
-                        DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS, TABLE_1_CSV_DTO, USER_1_PRINCIPAL),
-                Arguments.arguments("private owner", CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1,
-                        USER_1_USERNAME,
-                        DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS, TABLE_1_CSV_DTO, USER_1_PRINCIPAL),
-                Arguments.arguments("private owner, data null", CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID,
-                        DATABASE_1, TABLE_1, USER_1_USERNAME,
-                        DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS, null, USER_1_PRINCIPAL)
-        );
+    @Test
+    @WithAnonymousUser
+    public void import_publicAnonymous_succeeds() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_import(CONTAINER_3_ID, DATABASE_3_ID, DATABASE_3, TABLE_8_ID, TABLE_8, null, null, null);
+        });
     }
 
-    @ParameterizedTest
-    @MethodSource("insert_succeeds_parameters")
-    public void insert_succeeds(String test, Long containerId, Long databaseId, Long tableId, Database database,
-                                Table table, String username, DatabaseAccess access, TableCsvDto data,
-                                Principal principal) throws UserNotFoundException, TableNotFoundException,
+    @Test
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"insert-table-data"})
+    public void import_publicWriteAll_succeeds() throws UserNotFoundException, TableNotFoundException, NotAllowedException,
+            TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
+            ImageNotSupportedException, ContainerNotFoundException {
+
+        /* test */
+        generic_import(CONTAINER_3_ID, DATABASE_3_ID, DATABASE_3, TABLE_8_ID, TABLE_8, USER_1_USERNAME,
+                DATABASE_3_RESEARCHER_WRITE_ALL_ACCESS, USER_1_PRINCIPAL);
+    }
+
+    @Test
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"insert-table-data"})
+    public void import_privateWriteAll_succeeds() throws UserNotFoundException, TableNotFoundException, NotAllowedException,
+            TableMalformedException, DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException,
+            ImageNotSupportedException, ContainerNotFoundException {
+
+        /* test */
+        generic_import(CONTAINER_1_ID, DATABASE_1_ID, DATABASE_1, TABLE_1_ID, TABLE_1, USER_1_USERNAME,
+                DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS, USER_1_PRINCIPAL);
+    }
+
+    @Test
+    @WithAnonymousUser
+    public void insert_publicAnonymous_fails() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_insert(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_2_USERNAME, null,
+                    TABLE_1_CSV_DTO, null);
+        });
+    }
+
+    @Test
+    @WithMockUser(username = USER_2_USERNAME)
+    public void insert_publicNoRoleRead_fails() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_insert(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_2_USERNAME,
+                    DATABASE_1_RESEARCHER_READ_ACCESS, TABLE_1_CSV_DTO, USER_2_PRINCIPAL);
+        });
+    }
+
+    @Test
+    @WithMockUser(username = USER_2_USERNAME)
+    public void insert_publicNoRoleWriteOwn_fails() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_insert(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_2_USERNAME,
+                    DATABASE_1_RESEARCHER_WRITE_OWN_ACCESS, TABLE_1_CSV_DTO, USER_2_PRINCIPAL);
+        });
+    }
+
+    @Test
+    @WithAnonymousUser
+    public void insert_privateAnonymous_fails() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_insert(CONTAINER_2_ID, DATABASE_2_ID, TABLE_1_ID, DATABASE_2, TABLE_1, USER_2_USERNAME, null,
+                    TABLE_1_CSV_DTO, null);
+        });
+    }
+
+    @Test
+    @WithMockUser(username = USER_2_USERNAME)
+    public void insert_privateNoRoleRead_fails() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_insert(CONTAINER_2_ID, DATABASE_2_ID, TABLE_1_ID, DATABASE_2, TABLE_1, USER_2_USERNAME,
+                    DATABASE_2_RESEARCHER_READ_ACCESS, TABLE_1_CSV_DTO, USER_2_PRINCIPAL);
+        });
+    }
+
+    @Test
+    @WithMockUser(username = USER_2_USERNAME)
+    public void insert_privateNoRoleWriteOwn_fails() {
+
+        /* test */
+        assertThrows(AccessDeniedException.class, () -> {
+            generic_insert(CONTAINER_2_ID, DATABASE_2_ID, TABLE_1_ID, DATABASE_2, TABLE_1, USER_2_USERNAME,
+                    DATABASE_2_RESEARCHER_WRITE_OWN_ACCESS, TABLE_1_CSV_DTO, USER_2_PRINCIPAL);
+        });
+    }
+
+    @Test
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"insert-table-data"})
+    public void insert_publicWriteAll_succeeds() throws UserNotFoundException, TableNotFoundException,
             NotAllowedException, TableMalformedException, DatabaseConnectionException, DatabaseNotFoundException,
             ImageNotSupportedException, ContainerNotFoundException {
 
         /* test */
-        generic_insert(containerId, databaseId, tableId, database, table, username, access, data, principal);
+        generic_insert(CONTAINER_3_ID, DATABASE_3_ID, TABLE_8_ID, DATABASE_3, TABLE_8, USER_1_USERNAME,
+                DATABASE_3_RESEARCHER_WRITE_ALL_ACCESS, TABLE_8_CSV_DTO, USER_1_PRINCIPAL);
     }
 
-    public static Stream<Arguments> getAll_fails_parameters() {
-        return Stream.of(
-                Arguments.arguments("public anonymous page null", PaginationException.class, CONTAINER_3_ID,
-                        DATABASE_3_ID, TABLE_8_ID, DATABASE_3,
-                        TABLE_8, null, null, null, null, null, 3L, null, null),
-                Arguments.arguments("public anonymous size null", PaginationException.class, CONTAINER_3_ID,
-                        DATABASE_3_ID, TABLE_8_ID, DATABASE_3,
-                        TABLE_8, null, null, null, null, 3L, null, null, null),
-                Arguments.arguments("public anonymous page negative", PaginationException.class, CONTAINER_3_ID,
-                        DATABASE_3_ID, TABLE_8_ID, DATABASE_3,
-                        TABLE_8, null, null, null, null, -3L, 3L, null, null),
-                Arguments.arguments("public anonymous size zero", PaginationException.class, CONTAINER_3_ID,
-                        DATABASE_3_ID, TABLE_8_ID, DATABASE_3,
-                        TABLE_8, null, null, null, null, 0L, 0L, null, null),
-                Arguments.arguments("public anonymous size negative", PaginationException.class, CONTAINER_3_ID,
-                        DATABASE_3_ID, TABLE_8_ID, DATABASE_3,
-                        TABLE_8, null, null, null, null, 0L, -3L, null, null),
-                Arguments.arguments("private anonymous", NotAllowedException.class, CONTAINER_1_ID, DATABASE_1_ID,
-                        TABLE_1_ID, DATABASE_1, TABLE_1, null, null, null, null,
-                        null, null, null, null),
-                Arguments.arguments("private read, page null", PaginationException.class, CONTAINER_1_ID,
-                        DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_1_USERNAME,
-                        DATABASE_1_RESEARCHER_READ_ACCESS, USER_1_PRINCIPAL, null, null, 1L, null, null),
-                Arguments.arguments("private read, size null", PaginationException.class, CONTAINER_1_ID,
-                        DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_1_USERNAME,
-                        DATABASE_1_RESEARCHER_READ_ACCESS, USER_1_PRINCIPAL, null, 1L, null, null, null),
-                Arguments.arguments("private read, page negative", PaginationException.class, CONTAINER_1_ID,
-                        DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_1_USERNAME,
-                        DATABASE_1_RESEARCHER_READ_ACCESS, USER_1_PRINCIPAL, null, -1L, 1L, null, null),
-                Arguments.arguments("private read, size zero", PaginationException.class, CONTAINER_1_ID,
-                        DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_1_USERNAME,
-                        DATABASE_1_RESEARCHER_READ_ACCESS, USER_1_PRINCIPAL, null, 0L, 0L, null, null),
-                Arguments.arguments("private read, size negative", PaginationException.class, CONTAINER_1_ID,
-                        DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_1_USERNAME,
-                        DATABASE_1_RESEARCHER_READ_ACCESS, USER_1_PRINCIPAL, null, 0L, -1L, null, null)
-        );
+    @Test
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"insert-table-data"})
+    public void insert_privateWriteAll_succeeds() throws UserNotFoundException, TableNotFoundException,
+            NotAllowedException, TableMalformedException, DatabaseConnectionException, DatabaseNotFoundException,
+            ImageNotSupportedException, ContainerNotFoundException {
+
+        /* test */
+        generic_insert(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_1_USERNAME,
+                DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS, TABLE_1_CSV_DTO, USER_1_PRINCIPAL);
     }
 
-    @ParameterizedTest
-    @MethodSource("getAll_fails_parameters")
-    public <T extends Throwable> void getAll_fails(String test, Class<T> expectedException, Long containerId,
-                                                   Long databaseId, Long tableId, Database database, Table table,
-                                                   String username, DatabaseAccess access, Principal principal,
-                                                   Instant timestamp, Long page, Long size, SortType sortDirection,
-                                                   String sortColumn) {
+    @Test
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"insert-table-data"})
+    public void insert_privateDataNull_fails() throws UserNotFoundException, TableNotFoundException,
+            NotAllowedException, TableMalformedException, DatabaseConnectionException, DatabaseNotFoundException,
+            ImageNotSupportedException, ContainerNotFoundException {
 
         /* test */
-        assertThrows(expectedException, () -> {
-            generic_getAll(containerId, databaseId, tableId, database, table, username, access, principal, timestamp,
-                    page, size, sortDirection, sortColumn);
+        generic_insert(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, USER_1_USERNAME,
+                DATABASE_1_RESEARCHER_WRITE_ALL_ACCESS, null, USER_1_PRINCIPAL);
+    }
+
+    @Test
+    @WithAnonymousUser
+    public void getAll_publicAnonymousPageNull_fails() {
+
+        /* test */
+        assertThrows(PaginationException.class, () -> {
+            generic_getAll(CONTAINER_3_ID, DATABASE_3_ID, TABLE_8_ID, DATABASE_3, TABLE_8, null, null, null, null, null,
+                    3L, null, null);
+        });
+    }
+
+    @Test
+    @WithAnonymousUser
+    public void getAll_publicAnonymousSizeNull_fails()  {
+
+        /* test */
+        assertThrows(PaginationException.class, () -> {
+            generic_getAll(CONTAINER_3_ID, DATABASE_3_ID, TABLE_8_ID, DATABASE_3, TABLE_8, null, null, null, null, 3L,
+                    null, null, null);
         });
     }
 
+    @Test
+    @WithAnonymousUser
+    public void getAll_publicAnonymousPageNegative_fails() {
+
+        /* test */
+        assertThrows(PaginationException.class, () -> {
+            generic_getAll(CONTAINER_3_ID, DATABASE_3_ID, TABLE_8_ID, DATABASE_3, TABLE_8, null, null, null, null, -3L,
+                    3L, null, null);
+        });
+    }
+
+    @Test
+    @WithAnonymousUser
+    public void getAll_publicAnonymousSizeNegative_fails()  {
+
+        /* test */
+        assertThrows(PaginationException.class, () -> {
+            generic_getAll(CONTAINER_3_ID, DATABASE_3_ID, TABLE_8_ID, DATABASE_3, TABLE_8, null, null, null, null, 3L,
+                    -3L, null, null);
+        });
+    }
+
+    @Test
+    @WithAnonymousUser
+    public void getAll_publicAnonymousPageZero_fails() {
+
+        /* test */
+        assertThrows(PaginationException.class, () -> {
+            generic_getAll(CONTAINER_3_ID, DATABASE_3_ID, TABLE_8_ID, DATABASE_3, TABLE_8, null, null, null, null, 0L,
+                    0L, null, null);
+        });
+    }
+
+    @Test
+    @WithAnonymousUser
+    public void getAll_privateAnonymous_fails() throws UserNotFoundException, TableNotFoundException,
+            QueryStoreException, SortException, TableMalformedException, NotAllowedException,
+            DatabaseConnectionException, QueryMalformedException, DatabaseNotFoundException, ImageNotSupportedException,
+            PaginationException, ContainerNotFoundException {
+
+        /* test */
+        generic_getAll(CONTAINER_1_ID, DATABASE_1_ID, TABLE_1_ID, DATABASE_1, TABLE_1, null, null, null, null, null, null, null, null);
+    }
+
     public static Stream<Arguments> getAll_succeeds_parameters() {
         return Stream.of(
                 Arguments.arguments("public anonymous", CONTAINER_3_ID, DATABASE_3_ID, TABLE_8_ID, DATABASE_3,
@@ -273,6 +367,7 @@ public class TableDataEndpointUnitTest extends BaseUnitTest {
     }
 
     @ParameterizedTest
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"insert-table-data"})
     @MethodSource("getAll_succeeds_parameters")
     public void getAll_succeeds(String test, Long containerId, Long databaseId, Long tableId, Database database,
                                 Table table, String username, DatabaseAccess access, Principal principal,
@@ -309,6 +404,7 @@ public class TableDataEndpointUnitTest extends BaseUnitTest {
     }
 
     @ParameterizedTest
+    @WithMockUser(username = USER_1_USERNAME, authorities = {"insert-table-data"})
     @MethodSource("getAll_succeeds_parameters")
     public void getCount_succeeds(String test, Long containerId, Long databaseId, Long tableId, Database database,
                                   Table table, String username, DatabaseAccess access, Principal principal,

dbrepo-query-service/services/src/main/java/at/tuwien/config/GatewayConfig.java

@@ -4,6 +4,7 @@ import lombok.Getter;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.client.support.BasicAuthenticationInterceptor;
 import org.springframework.web.client.RestTemplate;
 import org.springframework.web.util.DefaultUriBuilderFactory;
 
@@ -14,6 +15,12 @@ public class GatewayConfig {
     @Value("${fda.gateway.endpoint}")
     private String gatewayEndpoint;
 
+    @Value("${spring.rabbitmq.username}")
+    private String brokerUsername;
+
+    @Value("${spring.rabbitmq.password}")
+    private String brokerPassword;
+
     @Bean
     public RestTemplate restTemplate() {
         final RestTemplate restTemplate =  new RestTemplate();
@@ -21,4 +28,13 @@ public class GatewayConfig {
         return restTemplate;
     }
 
+    @Bean("brokerRestTemplate")
+    public RestTemplate brokerRestTemplate() {
+        final RestTemplate restTemplate = new RestTemplate();
+        restTemplate.setUriTemplateHandler(new DefaultUriBuilderFactory(gatewayEndpoint));
+        restTemplate.getInterceptors()
+                .add(new BasicAuthenticationInterceptor(brokerUsername, brokerPassword));
+        return restTemplate;
+    }
+
 }