protected void initDefaultUserPermissionForTask() { if (defaultUserPermissionForTask == null) { if (Permissions.UPDATE.getName().equals(defaultUserPermissionNameForTask)) { defaultUserPermissionForTask = Permissions.UPDATE; } else if (Permissions.TASK_WORK.getName().equals(defaultUserPermissionNameForTask)) { defaultUserPermissionForTask = Permissions.TASK_WORK; } else { throw LOG.invalidConfigDefaultUserPermissionNameForTask(defaultUserPermissionNameForTask, new String[]{Permissions.UPDATE.getName(), Permissions.TASK_WORK.getName()}); } } }
public static Authorization createMockGlobalAuthorization() { Authorization mockAuthorization = mock(Authorization.class); when(mockAuthorization.getId()).thenReturn(EXAMPLE_AUTHORIZATION_ID); when(mockAuthorization.getAuthorizationType()).thenReturn(Authorization.AUTH_TYPE_GLOBAL); when(mockAuthorization.getUserId()).thenReturn(Authorization.ANY); when(mockAuthorization.getResourceType()).thenReturn(EXAMPLE_RESOURCE_TYPE_ID); when(mockAuthorization.getResourceId()).thenReturn(EXAMPLE_RESOURCE_ID); when(mockAuthorization.getPermissions(Permissions.values())).thenReturn(EXAMPLE_GRANT_PERMISSION_VALUES); return mockAuthorization; }
protected void resetPermissions() { cachedPermissions = new HashSet<>(); if(authorizationType == AUTH_TYPE_GLOBAL) { this.permissions = Permissions.NONE.getValue(); } else if(authorizationType == AUTH_TYPE_GRANT) { this.permissions = Permissions.NONE.getValue(); } else if(authorizationType == AUTH_TYPE_REVOKE) { this.permissions = Permissions.ALL.getValue(); } else { throw LOG.engineAuthorizationTypeException(authorizationType, AUTH_TYPE_GLOBAL, AUTH_TYPE_GRANT, AUTH_TYPE_REVOKE); } }
public static Permission getPermissionForName(String name, int resourceType) { // TODO: make this configurable via SPI if (resourceType == Resources.BATCH.resourceType()) { return BatchPermissions.forName(name); } else if (resourceType == Resources.PROCESS_DEFINITION.resourceType()) { return ProcessDefinitionPermissions.forName(name); } else if (resourceType == Resources.PROCESS_INSTANCE.resourceType()) { return ProcessInstancePermissions.forName(name); } else { return Permissions.forName(name); } }
public static Permission forName(String name) { Permission permission = valueOf(name); return permission; }
public void testHistoricProcessInstanceReportWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); String taskId = selectSingleTask().getId(); disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService .createHistoricProcessInstanceReport() .duration(PeriodUnit.MONTH); fail("Exception expected: It should not be possible to create a historic process instance report"); } catch (AuthorizationException e) { // then List<MissingAuthorization> missingAuthorizations = e.getMissingAuthorizations(); assertEquals(1, missingAuthorizations.size()); MissingAuthorization missingAuthorization = missingAuthorizations.get(0); assertEquals(READ_HISTORY.toString(), missingAuthorization.getViolatedPermissionName()); assertEquals(PROCESS_DEFINITION.resourceName(), missingAuthorization.getResourceType()); assertEquals(ANY, missingAuthorization.getResourceId()); } }
public static Permission getPermissionForName(String name, int resourceType) { // TODO: make this configurable via SPI if (resourceType == Resources.BATCH.resourceType()) { return BatchPermissions.forName(name); } else if (resourceType == Resources.PROCESS_DEFINITION.resourceType()) { return ProcessDefinitionPermissions.forName(name); } else if (resourceType == Resources.PROCESS_INSTANCE.resourceType()) { return ProcessInstancePermissions.forName(name); } else { return Permissions.forName(name); } }
public static Permission forName(String name) { Permission permission = valueOf(name); return permission; }
public void testHistoricTaskInstanceReportWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); String taskId = selectSingleTask().getId(); disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService .createHistoricTaskInstanceReport() .duration(PeriodUnit.MONTH); fail("Exception expected: It should not be possible to create a historic task instance report"); } catch (AuthorizationException e) { // then List<MissingAuthorization> missingAuthorizations = e.getMissingAuthorizations(); assertEquals(1, missingAuthorizations.size()); MissingAuthorization missingAuthorization = missingAuthorizations.get(0); assertEquals(READ_HISTORY.toString(), missingAuthorization.getViolatedPermissionName()); assertEquals(PROCESS_DEFINITION.resourceName(), missingAuthorization.getResourceType()); assertEquals(ANY, missingAuthorization.getResourceId()); } }
protected void initDefaultUserPermissionForTask() { if (defaultUserPermissionForTask == null) { if (Permissions.UPDATE.getName().equals(defaultUserPermissionNameForTask)) { defaultUserPermissionForTask = Permissions.UPDATE; } else if (Permissions.TASK_WORK.getName().equals(defaultUserPermissionNameForTask)) { defaultUserPermissionForTask = Permissions.TASK_WORK; } else { throw LOG.invalidConfigDefaultUserPermissionNameForTask(defaultUserPermissionNameForTask, new String[]{Permissions.UPDATE.getName(), Permissions.TASK_WORK.getName()}); } } }
public static Authorization createMockGrantAuthorization() { Authorization mockAuthorization = mock(Authorization.class); when(mockAuthorization.getId()).thenReturn(EXAMPLE_AUTHORIZATION_ID); when(mockAuthorization.getAuthorizationType()).thenReturn(Authorization.AUTH_TYPE_GRANT); when(mockAuthorization.getUserId()).thenReturn(EXAMPLE_USER_ID); when(mockAuthorization.getResourceType()).thenReturn(EXAMPLE_RESOURCE_TYPE_ID); when(mockAuthorization.getResourceId()).thenReturn(EXAMPLE_RESOURCE_ID); when(mockAuthorization.getPermissions(Permissions.values())).thenReturn(EXAMPLE_GRANT_PERMISSION_VALUES); return mockAuthorization; }
protected void resetPermissions() { cachedPermissions = new HashSet<>(); if(authorizationType == AUTH_TYPE_GLOBAL) { this.permissions = Permissions.NONE.getValue(); } else if(authorizationType == AUTH_TYPE_GRANT) { this.permissions = Permissions.NONE.getValue(); } else if(authorizationType == AUTH_TYPE_REVOKE) { this.permissions = Permissions.ALL.getValue(); } else { throw LOG.engineAuthorizationTypeException(authorizationType, AUTH_TYPE_GLOBAL, AUTH_TYPE_GRANT, AUTH_TYPE_REVOKE); } }
public static Permission getPermissionForName(String name) { // TODO: make this configuratble via SPI return Permissions.forName(name); }
public static Permission forName(String name) { Permission permission = valueOf(name); return permission; }
public void testHistoricProcessInstanceReportWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); String taskId = selectSingleTask().getId(); disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService .createHistoricProcessInstanceReport() .duration(PeriodUnit.MONTH); fail("Exception expected: It should not be possible to create a historic process instance report"); } catch (AuthorizationException e) { // then List<MissingAuthorization> missingAuthorizations = e.getMissingAuthorizations(); assertEquals(1, missingAuthorizations.size()); MissingAuthorization missingAuthorization = missingAuthorizations.get(0); assertEquals(READ_HISTORY.toString(), missingAuthorization.getViolatedPermissionName()); assertEquals(PROCESS_DEFINITION.resourceName(), missingAuthorization.getResourceType()); assertEquals(ANY, missingAuthorization.getResourceId()); } }
public void testGetCompletedTasksWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getCompletedHistoricTaskInstances(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the tasks"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
public static Authorization createMockRevokeAuthorization() { Authorization mockAuthorization = mock(Authorization.class); when(mockAuthorization.getId()).thenReturn(EXAMPLE_AUTHORIZATION_ID); when(mockAuthorization.getAuthorizationType()).thenReturn(Authorization.AUTH_TYPE_REVOKE); when(mockAuthorization.getUserId()).thenReturn(EXAMPLE_USER_ID); when(mockAuthorization.getResourceType()).thenReturn(EXAMPLE_RESOURCE_TYPE_ID); when(mockAuthorization.getResourceId()).thenReturn(EXAMPLE_RESOURCE_ID); when(mockAuthorization.getPermissions(Permissions.values())).thenReturn(EXAMPLE_REVOKE_PERMISSION_VALUES); return mockAuthorization; }
public boolean isEveryPermissionGranted() { if(AUTH_TYPE_REVOKE == authorizationType) { throw LOG.permissionStateException("isEveryPermissionGranted", "REVOKE"); } return permissions == Permissions.ALL.getValue(); }
public void testHistoricTaskInstanceReportWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); String taskId = selectSingleTask().getId(); disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService .createHistoricTaskInstanceReport() .duration(PeriodUnit.MONTH); fail("Exception expected: It should not be possible to create a historic task instance report"); } catch (AuthorizationException e) { // then List<MissingAuthorization> missingAuthorizations = e.getMissingAuthorizations(); assertEquals(1, missingAuthorizations.size()); MissingAuthorization missingAuthorization = missingAuthorizations.get(0); assertEquals(READ_HISTORY.toString(), missingAuthorization.getViolatedPermissionName()); assertEquals(PROCESS_DEFINITION.resourceName(), missingAuthorization.getResourceType()); assertEquals(ANY, missingAuthorization.getResourceId()); } }
public void testGetOperationsLogWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getHistoricUserOperationLogs(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the logs"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }