protected static Authorization createAuthorization(AuthorizationService authorizationService, Permission permission, Resources resource, String userId) { Authorization auth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); auth.addPermission(permission); auth.setResource(resource); auth.setResourceId(Authorization.ANY); auth.setUserId(userId); return auth; } }
protected void grouptGrant(String groupId, Resource resource, Permission... perms) { AuthorizationService authorizationService = engine.getAuthorizationService(); Authorization groupGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); groupGrant.setResource(resource); groupGrant.setResourceId(ANY); for (Permission permission : perms) { groupGrant.addPermission(permission); } groupGrant.setGroupId(groupId); authorizationService.saveAuthorization(groupGrant); }
protected void userGrant(String userId, Resource resource, Permission... perms) { AuthorizationService authorizationService = engine.getAuthorizationService(); Authorization groupGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); groupGrant.setResource(resource); groupGrant.setResourceId(ANY); for (Permission permission : perms) { groupGrant.addPermission(permission); } groupGrant.setUserId(userId); authorizationService.saveAuthorization(groupGrant); }
protected void createGrantAuthorization(Resource resource, String resourceId, Permission permission, String userId) { Authorization authorization = createGrantAuthorization(resource, resourceId); authorization.setUserId(userId); authorization.addPermission(permission); saveAuthorization(authorization); }
protected void createGrantAuthorization(Resource resource, String resourceId, String userId, Permission... permissions) { Authorization authorization = createGrantAuthorization(resource, resourceId); authorization.setUserId(userId); for (Permission permission : permissions) { authorization.addPermission(permission); } saveAuthorization(authorization); }
protected void createGroupGrantAuthorization(Resource resource, String resourceId, String groupId, Permission... permissions) { Authorization authorization = createGrantAuthorization(resource, resourceId); authorization.setGroupId(groupId); for (Permission permission : permissions) { authorization.addPermission(permission); } saveAuthorization(authorization); }
protected void createGrantAuthorizationGroup(Resource resource, String resourceId, String groupId, Permission... permissions) { Authorization authorization = createGrantAuthorization(resource, resourceId); authorization.setGroupId(groupId); for (Permission permission : permissions) { authorization.addPermission(permission); } saveAuthorization(authorization); }
protected User createUser(String userId) { User user = identityService.newUser(userId); identityService.saveUser(user); // give user all permission to manipulate authorizations Authorization authorization = createGrantAuthorization(AUTHORIZATION, ANY); authorization.setUserId(userId); authorization.addPermission(ALL); saveAuthorization(authorization); // give user all permission to manipulate users authorization = createGrantAuthorization(USER, ANY); authorization.setUserId(userId); authorization.addPermission(Permissions.ALL); saveAuthorization(authorization); return user; }
protected User createUser(String userId) { User user = identityService.newUser(userId); identityService.saveUser(user); // give user all permission to manipulate authorizations Authorization authorization = createGrantAuthorization(AUTHORIZATION, ANY); authorization.setUserId(userId); authorization.addPermission(ALL); saveAuthorization(authorization); // give user all permission to manipulate users authorization = createGrantAuthorization(USER, ANY); authorization.setUserId(userId); authorization.addPermission(Permissions.ALL); saveAuthorization(authorization); return user; }
protected Authorization createAuthorization(Permission permission, String resourceId) { Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT); authorization.setUserId(testUser.getId()); authorization.setResource(Resources.FILTER); authorization.addPermission(permission); if (resourceId != null) { authorization.setResourceId(resourceId); } return authorization; }
public void testDeleteProcessInstanceByModifyingWithoutDeleteInstancePermissionOnProcessDefinition() { // given String processInstanceId = startProcessInstanceByKey(MESSAGE_BOUNDARY_PROCESS_KEY).getId(); Authorization authorization = createGrantAuthorization(PROCESS_DEFINITION, MESSAGE_BOUNDARY_PROCESS_KEY); authorization.setUserId(userId); authorization.addPermission(UPDATE_INSTANCE); authorization.addPermission(DELETE_INSTANCE); saveAuthorization(authorization); // when runtimeService.createProcessInstanceModification(processInstanceId) .cancelAllForActivity("task") .execute(); // then assertProcessEnded(processInstanceId); }
protected void grantAuthorization(String userId, Resource resource, String resourceId, Permission permission) { Authorization authorization = engineRule.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GRANT); authorization.setResource(resource); authorization.setResourceId(resourceId); authorization.addPermission(permission); authorization.setUserId(userId); engineRule.getAuthorizationService().saveAuthorization(authorization); authorizations.add(authorization); } }
public void createGrantAuthorization(Resource resource, String resourceId, String userId, Permission... permissions) { Authorization authorization = createAuthorization(Authorization.AUTH_TYPE_GRANT, resource, resourceId); authorization.setUserId(userId); for (Permission permission : permissions) { authorization.addPermission(permission); } engineRule.getAuthorizationService().saveAuthorization(authorization); manageAuthorization(authorization); }
protected void createAuthorization(String userId, String groupId, Resource resourceType, String resourceId, Permission... permissions) { Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT); authorization.setUserId(userId); authorization.setGroupId(groupId); authorization.setResource(resourceType); authorization.setResourceId(resourceId); for (Permission permission : permissions) { authorization.addPermission(permission); } authorizationService.saveAuthorization(authorization); }
public void testReportResourceAuthorization() { MyResourceAuthorizationProvider.clearProperties(); Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId(userId); authorization.addPermission(ALL); authorization.setResource(REPORT); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); assertEquals(true, authorizationService.isUserAuthorized(userId, Arrays.asList(groupId), ALL, REPORT)); processEngineConfiguration.setAuthorizationEnabled(false); }
public void testDashboardResourceAuthorization() { MyResourceAuthorizationProvider.clearProperties(); Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId(userId); authorization.addPermission(ALL); authorization.setResource(DASHBOARD); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); assertEquals(true, authorizationService.isUserAuthorized(userId, Arrays.asList(groupId), ALL, DASHBOARD)); processEngineConfiguration.setAuthorizationEnabled(false); }
public void testIsUserAuthorizedWithValidResourceImpl() { // given ResourceImpl resource = new ResourceImpl("authorization", 0); Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); String userId = "userId"; authorization.setUserId(userId); authorization.addPermission(Permissions.ACCESS); authorization.setResource(Resources.APPLICATION); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // then assertEquals(true, authorizationService.isUserAuthorized(userId, null, Permissions.ACCESS, resource)); }
@Test public void testQuerySingleCorrectPermission() throws Exception { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("userId"); authorization.setResource(Resources.PROCESS_DEFINITION); authorization.addPermission(Permissions.READ); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // assume Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.PROCESS_DEFINITION).singleResult(); assertNotNull(authResult); // then assertEquals(1, authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).count()); }
@Test public void testQuerySingleIncorrectPermission() throws Exception { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("userId"); authorization.setResource(Resources.BATCH); authorization.addPermission(BatchPermissions.CREATE_BATCH_DELETE_RUNNING_PROCESS_INSTANCES); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // assume Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.BATCH).singleResult(); assertNotNull(authResult); // then assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(Permissions.CREATE_INSTANCE).count()); }
public void testIsPermissionGrantedRetryJob() { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); String userId = "userId"; authorization.setUserId(userId); authorization.addPermission(ProcessInstancePermissions.RETRY_JOB); authorization.setResource(Resources.PROCESS_INSTANCE); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); // then Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult(); assertTrue(authorizationResult.isPermissionGranted(ProcessInstancePermissions.RETRY_JOB)); assertFalse(authorizationResult.isPermissionGranted(Permissions.ACCESS)); assertFalse(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES)); assertFalse(authorizationResult.isPermissionGranted(ProcessDefinitionPermissions.RETRY_JOB)); }