Switch from polar bookshop's customer role

src/main/java/com/insilicosoft/portal/svc/rip/RipIdentifiers.java

@@ -5,6 +5,7 @@ public final class RipIdentifiers {
   public static final String PARAM_NAME_SIMULATION_FILE = "mpfile";
   public static final String REQUEST_MAPPING_RUN = "/run";
   public static final String REQUEST_MAPPING_UPLOAD_ASYNC = "/uploadAsync";
+  public static final String ROLE_USER = "user";
 
   private RipIdentifiers() {}
 

src/main/java/com/insilicosoft/portal/svc/rip/config/SecurityConfig.java

@@ -1,5 +1,6 @@
 package com.insilicosoft.portal.svc.rip.config;
 
+import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
 import static org.springframework.security.config.Customizer.withDefaults;
 
 import org.springframework.beans.factory.annotation.Value;
@@ -9,7 +10,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.config.http.SessionCreationPolicy;
+
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
@@ -48,9 +49,10 @@ public SecurityConfig(@Value("${com.insilicosoft.actuator.username}") String act
   SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
     // Note: We've got MVC in classpath, so mvcMatchers (not antMatchers) are in effect
     http.authorizeHttpRequests((authz) -> authz.requestMatchers(EndpointRequest.to(InfoEndpoint.class)).authenticated()
-                                               .requestMatchers(RipIdentifiers.REQUEST_MAPPING_RUN.concat("/**")).hasRole("customer"))
+                                               .requestMatchers(RipIdentifiers.REQUEST_MAPPING_RUN.concat("/**"))
+                                                               .hasRole(RipIdentifiers.ROLE_USER))
         .oauth2ResourceServer((oauth2) -> oauth2.jwt(withDefaults()))
-        .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+        .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(STATELESS))
         .csrf(AbstractHttpConfigurer::disable)
         .httpBasic(withDefaults());
     return http.build();

src/test-e2e/resources/keycloak/test-realm-config.json

@@ -46,7 +46,7 @@
   "roles" : {
     "realm" : [ {
       "id" : "3f42160d-a6a7-4bc9-9e6f-fe0d8ffd3eed",
-      "name" : "customer",
+      "name" : "user",
       "composite" : false,
       "clientRole" : false,
       "containerId" : "879889b2-df11-4724-91cc-e1a1c2c37fed",
@@ -396,7 +396,7 @@
     } ],
     "disableableCredentialTypes" : [ ],
     "requiredActions" : [ ],
-    "realmRoles" : [ "customer", "default-roles-polarbookshop" ],
+    "realmRoles" : [ "user", "default-roles-polarbookshop" ],
     "notBefore" : 0,
     "groups" : [ ]
   }, {
@@ -417,7 +417,7 @@
     } ],
     "disableableCredentialTypes" : [ ],
     "requiredActions" : [ ],
-    "realmRoles" : [ "customer", "default-roles-polarbookshop", "employee" ],
+    "realmRoles" : [ "user", "default-roles-polarbookshop", "employee" ],
     "notBefore" : 0,
     "groups" : [ ]
   } ],

src/test-i/java/com/insilicosoft/portal/svc/rip/controller/FileAsyncUploadControllerIT.java

@@ -32,7 +32,7 @@
 public class FileAsyncUploadControllerIT {
 
   private static final MediaType textWithCharset = new MediaType(MediaType.TEXT_PLAIN, StandardCharsets.UTF_8);
-  private static final GrantedAuthority customerRole = new SimpleGrantedAuthority("ROLE_customer");
+  private static final GrantedAuthority userRole = new SimpleGrantedAuthority("ROLE_".concat(RipIdentifiers.ROLE_USER));
 
   @Autowired
   private MockMvc mockMvc;
@@ -53,7 +53,7 @@ void testGet() throws Exception {
 
       given(mockInputProcessorService.get()).willReturn(getMessage);
 
-      mockMvc.perform(get(RipIdentifiers.REQUEST_MAPPING_RUN).with(jwt().authorities(customerRole)))
+      mockMvc.perform(get(RipIdentifiers.REQUEST_MAPPING_RUN).with(jwt().authorities(userRole)))
              //.andDo(print())
              .andExpect(status().isOk())
              .andExpect(content().contentType(textWithCharset))