public static Permission getPermissionForName(String name, int resourceType) { // TODO: make this configurable via SPI if (resourceType == Resources.BATCH.resourceType()) { return BatchPermissions.forName(name); } else if (resourceType == Resources.PROCESS_DEFINITION.resourceType()) { return ProcessDefinitionPermissions.forName(name); } else if (resourceType == Resources.PROCESS_INSTANCE.resourceType()) { return ProcessInstancePermissions.forName(name); } else { return Permissions.forName(name); } }
public void testGetCompletedTasksWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getCompletedHistoricTaskInstances(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the tasks"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
public void testGetOperationsLogWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getHistoricUserOperationLogs(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the logs"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
public static Permission getPermissionForName(String name, int resourceType) { // TODO: make this configurable via SPI if (resourceType == Resources.BATCH.resourceType()) { return BatchPermissions.forName(name); } else if (resourceType == Resources.PROCESS_DEFINITION.resourceType()) { return ProcessDefinitionPermissions.forName(name); } else if (resourceType == Resources.PROCESS_INSTANCE.resourceType()) { return ProcessInstancePermissions.forName(name); } else { return Permissions.forName(name); } }
public void testGetRunningActivitiesWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getRunningHistoricActivityInstances(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the activities"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
private static Permission[] getPermissions(Authorization dbAuthorization) { int givenResourceType = dbAuthorization.getResourceType(); if (givenResourceType == Resources.BATCH.resourceType()) { return dbAuthorization.getPermissions(BatchPermissions.values()); } else if (givenResourceType == Resources.PROCESS_DEFINITION.resourceType()) { return dbAuthorization.getPermissions(ProcessDefinitionPermissions.values()); } else if (givenResourceType == Resources.PROCESS_INSTANCE.resourceType()) { return dbAuthorization.getPermissions(ProcessInstancePermissions.values()); } else { return dbAuthorization.getPermissions(Permissions.values()); } }
public void testGetCompletedActivitiesWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getCompletedHistoricActivityInstances(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the activities"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
private static Permission[] getPermissions(Authorization dbAuthorization) { int givenResourceType = dbAuthorization.getResourceType(); if (givenResourceType == Resources.BATCH.resourceType()) { return dbAuthorization.getPermissions(BatchPermissions.values()); } else if (givenResourceType == Resources.PROCESS_DEFINITION.resourceType()) { return dbAuthorization.getPermissions(ProcessDefinitionPermissions.values()); } else if (givenResourceType == Resources.PROCESS_INSTANCE.resourceType()) { return dbAuthorization.getPermissions(ProcessInstancePermissions.values()); } else { return dbAuthorization.getPermissions(Permissions.values()); } }
public void testGetRunningProcessInstancesWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getRunningHistoricProcessInstances(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the activities"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
public void testProcessTaskSetOwnerCreateNewAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); String taskId = selectSingleTask().getId(); createGrantAuthorization(TASK, taskId, userId, UPDATE); // when taskService.setOwner(taskId, "demo"); // then disableAuthorization(); Authorization authorization = authorizationService .createAuthorizationQuery() .userIdIn("demo") .singleResult(); enableAuthorization(); assertNotNull(authorization); assertEquals(TASK.resourceType(), authorization.getResourceType()); assertEquals(taskId, authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(READ)); assertTrue(authorization.isPermissionGranted(getDefaultTaskPermissionForUser())); }
public void testGetRunningTasksWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getRunningHistoricTaskInstances(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the tasks"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
public void testCreateGroup() { // initially there are no authorizations for group "sales": assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); // create new group identityService.saveGroup(identityService.newGroup("sales")); // now there is an authorization for sales which grants all members READ permissions Authorization authorization = authorizationService.createAuthorizationQuery().groupIdIn("sales").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(GROUP.resourceType(), authorization.getResourceType()); assertEquals("sales", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(READ)); // delete the group identityService.deleteGroup("sales"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); }
public void testGetCompletedProcessInstancesWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getCompletedHistoricProcessInstances(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the activities"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
public void testCreateUser() { // initially there are no authorizations for jonny2: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); // create new user identityService.saveUser(identityService.newUser("jonny2")); // now there is an authorization for jonny2 which grants him ALL permissions on himself Authorization authorization = authorizationService.createAuthorizationQuery().userIdIn("jonny2").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(USER.resourceType(), authorization.getResourceType()); assertEquals("jonny2", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(ALL)); // delete the user identityService.deleteUser("jonny2"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); }
public void testGetVariableUpdatesWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getHistoricVariableUpdates(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the activities"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
public void testSuspendProcessDefinitionByKeyIncludingInstancesWithoutAuthorization() { // given createGrantAuthorization(PROCESS_DEFINITION, ONE_TASK_PROCESS_KEY, userId, UPDATE); try { // when repositoryService.suspendProcessDefinitionByKey(ONE_TASK_PROCESS_KEY, true, null); fail("Exception expected: It should not be possible to suspend the process definition"); } catch (AuthorizationException e) { // then String message = e.getMessage(); assertTextPresent(userId, message); assertTextPresent(UPDATE.getName(), message); assertTextPresent(PROCESS_INSTANCE.resourceName(), message); assertTextPresent(UPDATE_INSTANCE.getName(), message); assertTextPresent(ONE_TASK_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
public void testSuspendJobByProcessDefinitionKeyWihtoutAuthorization() { // given startProcessInstanceByKey(TIMER_BOUNDARY_PROCESS_KEY); try { // when managementService.suspendJobByProcessDefinitionKey(TIMER_BOUNDARY_PROCESS_KEY); fail("Exception expected: It should not be possible to suspend a job"); } catch (AuthorizationException e) { // then String message = e.getMessage(); assertTextPresent(userId, message); assertTextPresent(UPDATE.getName(), message); assertTextPresent(PROCESS_INSTANCE.resourceName(), message); assertTextPresent(UPDATE_INSTANCE.getName(), message); assertTextPresent(TIMER_BOUNDARY_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
public void testAuthorizationsOnSingleProcessDefinitionIsNotEnough() { // given startProcessInstanceByKey("process"); createGrantAuthorization(PROCESS_DEFINITION, "process", userId, READ_HISTORY); try { // when optimizeService.getCompletedHistoricActivityInstances(new Date(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the activities"); } catch (AuthorizationException e) { // then String exceptionMessage = e.getMessage(); assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.getName(), exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
public void testGetVariablesByNameWithoutAuthorization() { // given String processInstanceId = startProcessInstanceByKey(PROCESS_KEY, getVariables()).getId(); try { // when runtimeService.getVariables(processInstanceId, Arrays.asList(VARIABLE_NAME)); fail("Exception expected: It should not be to retrieve the variable instances"); } catch (AuthorizationException e) { // then String message = e.getMessage(); assertTextPresent(userId, message); assertTextPresent(READ.getName(), message); assertTextPresent(processInstanceId, message); assertTextPresent(PROCESS_INSTANCE.resourceName(), message); assertTextPresent(READ_INSTANCE.getName(), message); assertTextPresent(PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
public void testGetVariablesTypedByNameWithoutAuthorization() { // given String processInstanceId = startProcessInstanceByKey(PROCESS_KEY, getVariables()).getId(); try { // when runtimeService.getVariablesTyped(processInstanceId, Arrays.asList(VARIABLE_NAME), false); fail("Exception expected: It should not be to retrieve the variable instances"); } catch (AuthorizationException e) { // then String message = e.getMessage(); assertTextPresent(userId, message); assertTextPresent(READ.getName(), message); assertTextPresent(processInstanceId, message); assertTextPresent(PROCESS_INSTANCE.resourceName(), message); assertTextPresent(READ_INSTANCE.getName(), message); assertTextPresent(PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }