public static Permission forName(String name) { Permission permission = valueOf(name); return permission; } }
public static Permission getPermissionForName(String name, int resourceType) { // TODO: make this configurable via SPI if (resourceType == Resources.BATCH.resourceType()) { return BatchPermissions.forName(name); } else if (resourceType == Resources.PROCESS_DEFINITION.resourceType()) { return ProcessDefinitionPermissions.forName(name); } else if (resourceType == Resources.PROCESS_INSTANCE.resourceType()) { return ProcessInstancePermissions.forName(name); } else { return Permissions.forName(name); } }
private static Permission[] getPermissions(Authorization dbAuthorization) { int givenResourceType = dbAuthorization.getResourceType(); if (givenResourceType == Resources.BATCH.resourceType()) { return dbAuthorization.getPermissions(BatchPermissions.values()); } else if (givenResourceType == Resources.PROCESS_DEFINITION.resourceType()) { return dbAuthorization.getPermissions(ProcessDefinitionPermissions.values()); } else if (givenResourceType == Resources.PROCESS_INSTANCE.resourceType()) { return dbAuthorization.getPermissions(ProcessInstancePermissions.values()); } else { return dbAuthorization.getPermissions(Permissions.values()); } }
} catch (BadUserRequestException e) { assertTrue(e.getMessage().contains("The resource type 'Application' is not valid")); assertTrue(e.getMessage().contains(ProcessDefinitionPermissions.RETRY_JOB.getName()));
public static Permission getPermissionForName(String name, int resourceType) { // TODO: make this configurable via SPI if (resourceType == Resources.BATCH.resourceType()) { return BatchPermissions.forName(name); } else if (resourceType == Resources.PROCESS_DEFINITION.resourceType()) { return ProcessDefinitionPermissions.forName(name); } else if (resourceType == Resources.PROCESS_INSTANCE.resourceType()) { return ProcessInstancePermissions.forName(name); } else { return Permissions.forName(name); } }
private static Permission[] getPermissions(Authorization dbAuthorization) { int givenResourceType = dbAuthorization.getResourceType(); if (givenResourceType == Resources.BATCH.resourceType()) { return dbAuthorization.getPermissions(BatchPermissions.values()); } else if (givenResourceType == Resources.PROCESS_DEFINITION.resourceType()) { return dbAuthorization.getPermissions(ProcessDefinitionPermissions.values()); } else if (givenResourceType == Resources.PROCESS_INSTANCE.resourceType()) { return dbAuthorization.getPermissions(ProcessInstancePermissions.values()); } else { return dbAuthorization.getPermissions(Permissions.values()); } }
public void testIsUserAuthorizedWithInvalidResourceMultiplePermissions() { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); String userId = "userId"; authorization.setUserId(userId); authorization.addPermission(ProcessInstancePermissions.READ); authorization.addPermission(ProcessInstancePermissions.RETRY_JOB); authorization.setResource(Resources.PROCESS_INSTANCE); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // then assertEquals(true, authorizationService.isUserAuthorized(userId, null, Permissions.READ, Resources.PROCESS_INSTANCE)); assertEquals(true, authorizationService.isUserAuthorized(userId, null, ProcessInstancePermissions.RETRY_JOB, Resources.PROCESS_INSTANCE)); assertEquals(false, authorizationService.isUserAuthorized(userId, null, BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES, Resources.BATCH)); assertEquals(false, authorizationService.isUserAuthorized(userId, null, ProcessDefinitionPermissions.RETRY_JOB, Resources.PROCESS_DEFINITION)); assertEquals(false, authorizationService.isUserAuthorized(userId, null, Permissions.ACCESS, Resources.APPLICATION)); try { authorizationService.isUserAuthorized(userId, null, ProcessDefinitionPermissions.RETRY_JOB, Resources.PROCESS_INSTANCE); fail("expected exception"); } catch (BadUserRequestException e) { assertTrue(e.getMessage().contains("The resource type 'ProcessInstance' is not valid")); assertTrue(e.getMessage().contains(ProcessDefinitionPermissions.RETRY_JOB.getName())); } }
public static Permission forName(String name) { Permission permission = valueOf(name); return permission; } }
public void testSetJobRetriesByJobDefinitionIdWithoutAuthorization() { // given disableAuthorization(); JobDefinition jobDefinition = managementService.createJobDefinitionQuery().listPage(0, 1).get(0); enableAuthorization(); String jobDefinitionId = jobDefinition.getId(); try { // when managementService.setJobRetriesByJobDefinitionId(jobDefinitionId, 1); fail("Exception expected: It should not be possible to set job retries"); } catch (AuthorizationException e) { // then String message = e.getMessage(); assertTextPresent(userId, message); assertTextPresent(UPDATE.getName(), message); assertTextPresent(PROCESS_INSTANCE.resourceName(), message); assertTextPresent(UPDATE_INSTANCE.getName(), message); assertTextPresent(jobDefinition.getProcessDefinitionKey(), message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); assertTextPresent(ProcessInstancePermissions.RETRY_JOB.getName(), message); assertTextPresent(ProcessDefinitionPermissions.RETRY_JOB.getName(), message); } }
public void testSetJobRetriesWithoutAuthorization() { // given Job job = selectAnyJob(); String jobId = job.getId(); try { // when managementService.setJobRetries(jobId, 1); fail("Exception expected: It should not be possible to set job retries"); } catch (AuthorizationException e) { // then String message = e.getMessage(); assertTextPresent(userId, message); assertTextPresent(UPDATE.getName(), message); assertTextPresent(PROCESS_INSTANCE.resourceName(), message); assertTextPresent(UPDATE_INSTANCE.getName(), message); assertTextPresent(job.getProcessDefinitionKey(), message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); assertTextPresent(ProcessInstancePermissions.RETRY_JOB.getName(), message); assertTextPresent(ProcessDefinitionPermissions.RETRY_JOB.getName(), message); } }
public void testSetJobRetriesByJobDefinitionIdWithUpdatePermissionOnProcessInstance() { // given String processInstanceId = startProcessInstanceByKey(TIMER_BOUNDARY_PROCESS_KEY).getId(); createGrantAuthorization(PROCESS_INSTANCE, processInstanceId, userId, UPDATE); String jobDefinitionId = selectJobDefinitionByProcessDefinitionKey(TIMER_BOUNDARY_PROCESS_KEY).getId(); try { // when managementService.setJobRetriesByJobDefinitionId(jobDefinitionId, 1); fail("Exception expected: It should not be possible to set job retries"); } catch (AuthorizationException e) { // then String message = e.getMessage(); assertTextPresent(userId, message); assertTextPresent(UPDATE.getName(), message); assertTextPresent(PROCESS_INSTANCE.resourceName(), message); assertTextPresent(UPDATE_INSTANCE.getName(), message); assertTextPresent(TIMER_BOUNDARY_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); assertTextPresent(ProcessInstancePermissions.RETRY_JOB.getName(), message); assertTextPresent(ProcessDefinitionPermissions.RETRY_JOB.getName(), message); } }
public void testSetJobRetriesByJobDefinitionIdWithRevokeRetryJobPermission() { // given String processInstanceId = startProcessInstanceByKey(TIMER_BOUNDARY_PROCESS_KEY).getId(); createGrantAuthorization(PROCESS_DEFINITION, processInstanceId, userId, UPDATE); createRevokeAuthorization(PROCESS_DEFINITION, processInstanceId, userId, ProcessDefinitionPermissions.RETRY_JOB); JobDefinition jobDefinition = selectJobDefinitionByProcessDefinitionKey(TIMER_BOUNDARY_PROCESS_KEY); try { // when managementService.setJobRetriesByJobDefinitionId(jobDefinition.getId(), 1); fail("Exception expected: It should not be possible to set job retries"); } catch (AuthorizationException e) { // then String message = e.getMessage(); assertTextPresent(userId, message); assertTextPresent(UPDATE.getName(), message); assertTextPresent(PROCESS_INSTANCE.resourceName(), message); assertTextPresent(UPDATE_INSTANCE.getName(), message); assertTextPresent(jobDefinition.getProcessDefinitionKey(), message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); assertTextPresent(ProcessInstancePermissions.RETRY_JOB.getName(), message); assertTextPresent(ProcessDefinitionPermissions.RETRY_JOB.getName(), message); } }
public void testSetJobRetriesWithRevokeAuthorizationRevokeRetryJobPermission() { // given String processInstanceId = startProcessInstanceByKey(TIMER_BOUNDARY_PROCESS_KEY).getId(); createGrantAuthorization(PROCESS_DEFINITION, processInstanceId, userId, UPDATE); createRevokeAuthorization(PROCESS_DEFINITION, processInstanceId, userId, ProcessDefinitionPermissions.RETRY_JOB); Job job = selectJobByProcessInstanceId(processInstanceId); try { // when managementService.setJobRetries(job.getId(), 1); fail("Exception expected: It should not be possible to set job retries"); } catch (AuthorizationException e) { // then String message = e.getMessage(); assertTextPresent(userId, message); assertTextPresent(UPDATE.getName(), message); assertTextPresent(PROCESS_INSTANCE.resourceName(), message); assertTextPresent(UPDATE_INSTANCE.getName(), message); assertTextPresent(job.getProcessDefinitionKey(), message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); assertTextPresent(ProcessInstancePermissions.RETRY_JOB.getName(), message); assertTextPresent(ProcessDefinitionPermissions.RETRY_JOB.getName(), message); } }