@Override public MidPointPrincipal getPrincipal() throws SecurityViolationException { return SecurityUtil.getPrincipal(); }
@Override public List<AccessCertificationWorkItemType> searchOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, ExpressionEvaluationException, CommunicationException, ConfigurationException { OperationResult result = parentResult.createSubresult(OPERATION_SEARCH_OPEN_WORK_ITEMS); try { securityEnforcer.authorize(ModelAuthorizationAction.READ_OWN_CERTIFICATION_DECISIONS.getUrl(), null, AuthorizationParameters.EMPTY, null, task, result); return queryHelper.searchOpenWorkItems(baseWorkItemsQuery, SecurityUtil.getPrincipal(), notDecidedOnly, options, result); } catch (RuntimeException e) { result.recordFatalError("Couldn't search for certification work items: unexpected exception: " + e.getMessage(), e); throw e; } finally { result.computeStatusIfUnknown(); } }
@Override public int countOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, ExpressionEvaluationException, CommunicationException, ConfigurationException { OperationResult result = parentResult.createSubresult(OPERATION_COUNT_OPEN_WORK_ITEMS); try { securityEnforcer.authorize(ModelAuthorizationAction.READ_OWN_CERTIFICATION_DECISIONS.getUrl(), null, AuthorizationParameters.EMPTY, null, task, result); return queryHelper.countOpenWorkItems(baseWorkItemsQuery, SecurityUtil.getPrincipal(), notDecidedOnly, options, result); } catch (RuntimeException e) { result.recordFatalError("Couldn't search for certification work items: unexpected exception: " + e.getMessage(), e); throw e; } finally { result.computeStatusIfUnknown(); } }
@GET @Path("/self") @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, RestServiceUtil.APPLICATION_YAML}) public Response getSelf(@Context MessageContext mc){ LOGGER.debug("model rest service for get operation start"); Task task = RestServiceUtil.initRequest(mc); OperationResult parentResult = task.getResult().createSubresult(OPERATION_SELF); Response response; try { UserType loggedInUser = SecurityUtil.getPrincipal().getUser(); PrismObject<UserType> user = model.getObject(UserType.class, loggedInUser.getOid(), null, task, parentResult); response = RestServiceUtil.createResponse(Response.Status.OK, user, parentResult, true); // ResponseBuilder builder = Response.ok(); // builder.entity(user); // response = builder.build(); parentResult.recordSuccessIfUnknown(); } catch (SecurityViolationException | ObjectNotFoundException | SchemaException | CommunicationException | ConfigurationException | ExpressionEvaluationException e) { response = RestServiceUtil.handleException(parentResult, e); } finishRequest(task); return response; }
protected void checkVisibleWorkItem(ExpectedWorkItem expectedWorkItem, int count, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException, CommunicationException { S_AtomicFilterExit q = QueryUtils .filterForAssignees(prismContext.queryFor(WorkItemType.class), SecurityUtil.getPrincipal(), OtherPrivilegesLimitationType.F_APPROVAL_WORK_ITEMS, relationRegistry); List<WorkItemType> currentWorkItems = modelService.searchContainers(WorkItemType.class, q.build(), null, task, result); long found = currentWorkItems.stream().filter(wi -> expectedWorkItem == null || expectedWorkItem.matches(wi)).count(); assertEquals("Wrong # of matching work items", count, found); }
@Test public void test052SearchDecisionsJack() throws Exception { final String TEST_NAME = "test052SearchDecisionsJack"; TestUtil.displayTestTitle(this, TEST_NAME); // GIVEN login(userJack.asPrismObject()); Task task = taskManager.createTaskInstance(TestRoleInducementCertification.class.getName() + "." + TEST_NAME); OperationResult result = task.getResult(); // WHEN TestUtil.displayWhen(TEST_NAME); List<AccessCertificationWorkItemType> workItems = queryHelper.searchOpenWorkItems(null, SecurityUtil.getPrincipal(), false, null, result); /* Expected cases - phase 1: NONE */ // THEN TestUtil.displayThen(TEST_NAME); result.computeStatus(); TestUtil.assertSuccess(result); display("workItems", workItems); assertEquals("Wrong number of certification work items", 0, workItems.size()); }
@Test public void test051SearchDecisionsElaine() throws Exception { final String TEST_NAME = "test051SearchDecisionsElaine"; TestUtil.displayTestTitle(this, TEST_NAME); // GIVEN login(userElaine.asPrismObject()); Task task = taskManager.createTaskInstance(TestRoleInducementCertification.class.getName() + "." + TEST_NAME); OperationResult result = task.getResult(); // WHEN TestUtil.displayWhen(TEST_NAME); List<AccessCertificationWorkItemType> workItems = queryHelper.searchOpenWorkItems(null, SecurityUtil.getPrincipal(), false, null, result); /* Expected cases - phase 1: CEO-Dummy: elaine */ // THEN TestUtil.displayThen(TEST_NAME); result.computeStatus(); TestUtil.assertSuccess(result); display("caseList", workItems); assertEquals("Wrong number of work items", 1, workItems.size()); checkWorkItemSanity(workItems, ROLE_CEO_OID, RESOURCE_DUMMY_OID, roleCeo); }
@Test public void test050SearchDecisionsAdministrator() throws Exception { final String TEST_NAME = "test050SearchDecisionsAdministrator"; TestUtil.displayTestTitle(this, TEST_NAME); // GIVEN login(userAdministrator.asPrismObject()); Task task = taskManager.createTaskInstance(TestRoleInducementCertification.class.getName() + "." + TEST_NAME); OperationResult result = task.getResult(); // WHEN TestUtil.displayWhen(TEST_NAME); List<AccessCertificationWorkItemType> workItems = queryHelper.searchOpenWorkItems(null, SecurityUtil.getPrincipal(), false, null, result); /* Expected cases - phase 1: COO-Dummy: administrator COO-DummyBlack: administrator COO-Superuser: administrator */ // THEN TestUtil.displayThen(TEST_NAME); result.computeStatus(); TestUtil.assertSuccess(result); display("workItems", workItems); assertEquals("Wrong number of certification work items", 3, workItems.size()); checkWorkItemSanity(workItems, ROLE_COO_OID, RESOURCE_DUMMY_OID, roleCoo); checkWorkItemSanity(workItems, ROLE_COO_OID, RESOURCE_DUMMY_BLACK_OID, roleCoo); checkWorkItemSanity(workItems, ROLE_COO_OID, ROLE_SUPERUSER_OID, roleCoo); }
user = SecurityUtil.getPrincipal(); } catch (SecurityViolationException e) { throw new SystemException("Couldn't record a decision: " + e.getMessage(), e);
user = SecurityUtil.getPrincipal(); } catch (SecurityViolationException e) { throw new SystemException("Couldn't determine current user: " + e.getMessage(), e);