protected Authorization getDbAuthorization() { Authorization dbAuthorization = authorizationService.createAuthorizationQuery() .authorizationId(resourceId) .singleResult(); if (dbAuthorization == null) { throw new InvalidRequestException(Status.NOT_FOUND, "Authorization with id " + resourceId + " does not exist."); } else { return dbAuthorization; } }
protected Authorization getDbAuthorization() { Authorization dbAuthorization = authorizationService.createAuthorizationQuery() .authorizationId(resourceId) .singleResult(); if (dbAuthorization == null) { throw new InvalidRequestException(Status.NOT_FOUND, "Authorization with id " + resourceId + " does not exist."); } else { return dbAuthorization; } }
public Void execute(CommandContext commandContext) { final AuthorizationManager authorizationManager = commandContext.getAuthorizationManager(); AuthorizationEntity authorization = (AuthorizationEntity) new AuthorizationQueryImpl() .authorizationId(authorizationId) .singleResult(); ensureNotNull("Authorization for Id '" + authorizationId + "' does not exist", "authorization", authorization); authorizationManager.delete(authorization); return null; }
public Void execute(CommandContext commandContext) { final AuthorizationManager authorizationManager = commandContext.getAuthorizationManager(); AuthorizationEntity authorization = (AuthorizationEntity) new AuthorizationQueryImpl() .authorizationId(authorizationId) .singleResult(); ensureNotNull("Authorization for Id '" + authorizationId + "' does not exist", "authorization", authorization); authorizationManager.delete(authorization); return null; }
@Test public void testGetNonExistingAuthorizationById() { AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class); when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery); when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery); when(authorizationQuery.singleResult()).thenReturn(null); given() .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID) .then().expect() .statusCode(Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON) .body("message", equalTo("Authorization with id "+MockProvider.EXAMPLE_AUTHORIZATION_ID+" does not exist.")) .when() .get(AUTH_RESOURCE_PATH); }
@Test public void testDeleteNonExistingAuthorization() { AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class); when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery); when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery); when(authorizationQuery.singleResult()).thenReturn(null); given() .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID) .then().expect() .statusCode(Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON) .body("message", equalTo("Authorization with id "+MockProvider.EXAMPLE_AUTHORIZATION_ID+" does not exist.")) .when() .delete(AUTH_RESOURCE_PATH); verify(authorizationServiceMock, never()).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID); }
@Test public void testDeleteAuthorization() { Authorization authorization = MockProvider.createMockGlobalAuthorization(); AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class); when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery); when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery); when(authorizationQuery.singleResult()).thenReturn(authorization); given() .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID) .then().expect() .statusCode(Status.NO_CONTENT.getStatusCode()) .when() .delete(AUTH_RESOURCE_PATH); verify(authorizationQuery).authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID); verify(authorizationServiceMock).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID); }
public void testCaseTaskAddCandidateGroupNoAuthorization() { // given createCaseInstanceByKey(CASE_KEY); String taskId = selectSingleTask().getId(); createGrantAuthorization(TASK, taskId, userId, UPDATE); // when taskService.addCandidateGroup(taskId, "management"); // then disableAuthorization(); Authorization authorization = authorizationService .createAuthorizationQuery() .groupIdIn("management") .singleResult(); enableAuthorization(); assertNull(authorization); }
public void testCaseTaskAddCandidateUserNoAuthorization() { // given createCaseInstanceByKey(CASE_KEY); String taskId = selectSingleTask().getId(); createGrantAuthorization(TASK, taskId, userId, UPDATE); // when taskService.addCandidateUser(taskId, "demo"); // then disableAuthorization(); Authorization authorization = authorizationService .createAuthorizationQuery() .userIdIn("demo") .singleResult(); enableAuthorization(); assertNull(authorization); }
public void testCaseTaskSetAssigneeNoAuthorization() { // given createCaseInstanceByKey(CASE_KEY); String taskId = selectSingleTask().getId(); createGrantAuthorization(TASK, taskId, userId, UPDATE); // when taskService.setAssignee(taskId, "demo"); // then disableAuthorization(); Authorization authorization = authorizationService .createAuthorizationQuery() .userIdIn("demo") .singleResult(); enableAuthorization(); assertNull(authorization); }
public void testCaseTaskSetOwnerNoAuthorization() { // given createCaseInstanceByKey(CASE_KEY); String taskId = selectSingleTask().getId(); createGrantAuthorization(TASK, taskId, userId, UPDATE); // when taskService.setOwner(taskId, "demo"); // then disableAuthorization(); Authorization authorization = authorizationService .createAuthorizationQuery() .userIdIn("demo") .singleResult(); enableAuthorization(); assertNull(authorization); }
public void testPermissionsOnAssignSameAssigneeAndOwnerToTask() { try { // given createGrantAuthorization(Resources.TASK, Authorization.ANY, userId, Permissions.CREATE, Permissions.DELETE, Permissions.READ); processEngineConfiguration.setResourceAuthorizationProvider(new MyExtendedPermissionDefaultAuthorizationProvider()); // when Task newTask = taskService.newTask(); newTask.setAssignee("Horst"); newTask.setOwner("Horst"); taskService.saveTask(newTask); // then Authorization auth = authorizationService.createAuthorizationQuery().userIdIn("Horst").singleResult(); assertTrue(auth.isPermissionGranted(Permissions.DELETE)); taskService.deleteTask(newTask.getId(), true); } finally { processEngineConfiguration.setResourceAuthorizationProvider(new DefaultAuthorizationProvider()); } }
public void testIsPermissionGrantedRetryJob() { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); String userId = "userId"; authorization.setUserId(userId); authorization.addPermission(ProcessInstancePermissions.RETRY_JOB); authorization.setResource(Resources.PROCESS_INSTANCE); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); // then Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult(); assertTrue(authorizationResult.isPermissionGranted(ProcessInstancePermissions.RETRY_JOB)); assertFalse(authorizationResult.isPermissionGranted(Permissions.ACCESS)); assertFalse(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES)); assertFalse(authorizationResult.isPermissionGranted(ProcessDefinitionPermissions.RETRY_JOB)); }
public void testIsPermissionRevokedAccess() { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE); String userId = "userId"; authorization.setUserId(userId); authorization.removePermission(Permissions.ACCESS); authorization.setResource(Resources.APPLICATION); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); // then Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult(); assertTrue(authorizationResult.isPermissionRevoked(Permissions.ACCESS)); assertFalse(authorizationResult.isPermissionRevoked(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES)); assertFalse(authorizationResult.isPermissionRevoked(ProcessInstancePermissions.RETRY_JOB)); assertFalse(authorizationResult.isPermissionRevoked(ProcessDefinitionPermissions.RETRY_JOB)); }
public void testIsPermissionRevokedRetryJob() { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE); String userId = "userId"; authorization.setUserId(userId); authorization.removePermission(ProcessInstancePermissions.RETRY_JOB); authorization.setResource(Resources.PROCESS_INSTANCE); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); // then Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult(); assertTrue(authorizationResult.isPermissionRevoked(ProcessInstancePermissions.RETRY_JOB)); assertFalse(authorizationResult.isPermissionRevoked(Permissions.ACCESS)); assertFalse(authorizationResult.isPermissionRevoked(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES)); assertFalse(authorizationResult.isPermissionRevoked(ProcessDefinitionPermissions.RETRY_JOB)); }
@Test public void testQuerySingleCorrectPermission() throws Exception { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("userId"); authorization.setResource(Resources.PROCESS_DEFINITION); authorization.addPermission(Permissions.READ); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // assume Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.PROCESS_DEFINITION).singleResult(); assertNotNull(authResult); // then assertEquals(1, authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).count()); }
@Test public void testQuerySingleIncorrectPermission() throws Exception { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("userId"); authorization.setResource(Resources.BATCH); authorization.addPermission(BatchPermissions.CREATE_BATCH_DELETE_RUNNING_PROCESS_INSTANCES); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // assume Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.BATCH).singleResult(); assertNotNull(authResult); // then assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(Permissions.CREATE_INSTANCE).count()); }
public void testIsPermissionGrantedAccess() { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); String userId = "userId"; authorization.setUserId(userId); authorization.addPermission(Permissions.ACCESS); authorization.setResource(Resources.APPLICATION); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); // then Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult(); assertTrue(authorizationResult.isPermissionGranted(Permissions.ACCESS)); assertFalse(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES)); assertFalse(authorizationResult.isPermissionGranted(ProcessInstancePermissions.RETRY_JOB)); assertFalse(authorizationResult.isPermissionGranted(ProcessDefinitionPermissions.RETRY_JOB)); }
public void testCreateUser() { // initially there are no authorizations for jonny2: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); // create new user identityService.saveUser(identityService.newUser("jonny2")); // now there is an authorization for jonny2 which grants him ALL permissions on himself Authorization authorization = authorizationService.createAuthorizationQuery().userIdIn("jonny2").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(USER.resourceType(), authorization.getResourceType()); assertEquals("jonny2", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(ALL)); // delete the user identityService.deleteUser("jonny2"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); }
public void testCreateGroup() { // initially there are no authorizations for group "sales": assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); // create new group identityService.saveGroup(identityService.newGroup("sales")); // now there is an authorization for sales which grants all members READ permissions Authorization authorization = authorizationService.createAuthorizationQuery().groupIdIn("sales").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(GROUP.resourceType(), authorization.getResourceType()); assertEquals("sales", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(READ)); // delete the group identityService.deleteGroup("sales"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); }