.hasPermission(Permissions.ACCESS) .singleResult(); List<Authorization> retryJobPDResult = authorizationService.createAuthorizationQuery() .hasPermission(ProcessDefinitionPermissions.RETRY_JOB) .list(); List<Authorization> retryJobPIResult = authorizationService.createAuthorizationQuery() .hasPermission(ProcessInstancePermissions.RETRY_JOB) .list(); assertEquals(1, authorizationService.createAuthorizationQuery().hasPermission(Permissions.ACCESS).count()); assertTrue(retryJobPDResult.isEmpty()); assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(ProcessDefinitionPermissions.RETRY_JOB).count()); assertTrue(retryJobPIResult.isEmpty()); assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(ProcessInstancePermissions.RETRY_JOB).count());
@Test public void testQueryPermissionsWithMixedResource() throws Exception { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("userId"); authorization.setResource(Resources.PROCESS_DEFINITION); authorization.addPermission(Permissions.READ); authorization.addPermission(ProcessDefinitionPermissions.RETRY_JOB); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // assume Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.PROCESS_DEFINITION).singleResult(); assertNotNull(authResult); assertEquals(1, authorizationService.createAuthorizationQuery() .resourceType(Resources.PROCESS_DEFINITION) .hasPermission(ProcessDefinitionPermissions.READ) .hasPermission(ProcessDefinitionPermissions.RETRY_JOB) .count()); assertEquals(1, authorizationService.createAuthorizationQuery() .resourceType(Resources.PROCESS_DEFINITION) .hasPermission(ProcessDefinitionPermissions.READ) .count()); // then assertEquals(0, authorizationService.createAuthorizationQuery() .resourceType(Resources.PROCESS_DEFINITION) .hasPermission(Permissions.READ) .hasPermission(Permissions.ACCESS) .count()); }
assertEquals(1, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.ACCESS).list().size()); assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.DELETE).list().size()); assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.READ).list().size()); assertEquals(3, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.UPDATE).list().size()); assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.READ).hasPermission(TestPermissions.UPDATE).list().size()); assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.UPDATE).hasPermission(TestPermissions.READ).list().size()); assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.READ).hasPermission(TestPermissions.ACCESS).list().size());
@Test public void testCreateAndDeleteTenantUserMembershipForMultipleTenants() { createTenant(TENANT_TWO); identityService.createTenantUserMembership(TENANT_ONE, USER_ID); identityService.createTenantUserMembership(TENANT_TWO, USER_ID); assertEquals(2, authorizationService.createAuthorizationQuery() .userIdIn(USER_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); identityService.deleteTenantUserMembership(TENANT_ONE, USER_ID); assertEquals(1, authorizationService.createAuthorizationQuery() .userIdIn(USER_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); }
@Test public void testCreateAndDeleteTenantGroupMembershipForMultipleTenants() { createTenant(TENANT_TWO); identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ID); identityService.createTenantGroupMembership(TENANT_TWO, GROUP_ID); assertEquals(2, authorizationService.createAuthorizationQuery() .groupIdIn(GROUP_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); identityService.deleteTenantGroupMembership(TENANT_ONE, GROUP_ID); assertEquals(1, authorizationService.createAuthorizationQuery() .groupIdIn(GROUP_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); }
@Test public void testCreateAndDeleteTenantGroupMembership() { identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ID); identityService.deleteTenantGroupMembership(TENANT_ONE, GROUP_ID); assertEquals(0, authorizationService.createAuthorizationQuery() .groupIdIn(GROUP_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); identityService.setAuthentication(USER_ID, Collections.singletonList(GROUP_ID)); assertEquals(0,identityService.createTenantQuery() .count()); }
@Test public void testCreateTenantGroupMembership() { identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ID); assertEquals(1, authorizationService.createAuthorizationQuery() .groupIdIn(GROUP_ID) .resourceType(Resources.TENANT) .resourceId(TENANT_ONE) .hasPermission(Permissions.READ).count()); identityService.setAuthentication(USER_ID, Collections.singletonList(GROUP_ID)); assertEquals(TENANT_ONE,identityService.createTenantQuery() .singleResult() .getId()); }
@Test public void testQueryCorrectAndIncorrectPersmission() throws Exception { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("userId"); authorization.setResource(Resources.PROCESS_DEFINITION); authorization.addPermission(Permissions.READ); authorization.addPermission(ProcessDefinitionPermissions.RETRY_JOB); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // assume Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.PROCESS_DEFINITION).singleResult(); assertNotNull(authResult); // then assertEquals(0, authorizationService.createAuthorizationQuery() .hasPermission(Permissions.READ) .hasPermission(Permissions.ACCESS) .count()); }
@Test public void testCreateAndDeleteTenantUserMembership() { identityService.createTenantUserMembership(TENANT_ONE, USER_ID); identityService.deleteTenantUserMembership(TENANT_ONE, USER_ID); assertEquals(0, authorizationService.createAuthorizationQuery() .userIdIn(USER_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); identityService.setAuthenticatedUserId(USER_ID); assertEquals(0,identityService.createTenantQuery() .count()); }
@Test public void testCreateTenantUserMembership() { identityService.createTenantUserMembership(TENANT_ONE, USER_ID); assertEquals(1, authorizationService.createAuthorizationQuery() .userIdIn(USER_ID) .resourceType(Resources.TENANT) .resourceId(TENANT_ONE) .hasPermission(Permissions.READ).count()); identityService.setAuthenticatedUserId(USER_ID); assertEquals(TENANT_ONE,identityService.createTenantQuery() .singleResult() .getId()); }
assertEquals(1, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.ACCESS).count()); assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.DELETE).count()); assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.READ).count()); assertEquals(3, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.UPDATE).count()); assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.READ).hasPermission(TestPermissions.UPDATE).count()); assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.UPDATE).hasPermission(TestPermissions.READ).count()); assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(TestPermissions.READ).hasPermission(TestPermissions.ACCESS).count());
@Test public void testQuerySingleCorrectPermission() throws Exception { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("userId"); authorization.setResource(Resources.PROCESS_DEFINITION); authorization.addPermission(Permissions.READ); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // assume Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.PROCESS_DEFINITION).singleResult(); assertNotNull(authResult); // then assertEquals(1, authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).count()); }
@Test public void testQuerySingleIncorrectPermission() throws Exception { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("userId"); authorization.setResource(Resources.BATCH); authorization.addPermission(BatchPermissions.CREATE_BATCH_DELETE_RUNNING_PROCESS_INSTANCES); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // assume Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.BATCH).singleResult(); assertNotNull(authResult); // then assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(Permissions.CREATE_INSTANCE).count()); }
@Test public void testQueryPermissionWithMixedResource() throws Exception { // given Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("userId"); authorization.setResource(Resources.APPLICATION); authorization.addPermission(Permissions.ACCESS); authorization.setResourceId(ANY); authorizationService.saveAuthorization(authorization); processEngineConfiguration.setAuthorizationEnabled(true); // assume Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.APPLICATION).singleResult(); assertNotNull(authResult); // then assertEquals(0, authorizationService.createAuthorizationQuery() .resourceType(Resources.BATCH) .hasPermission(Permissions.ACCESS) .count()); }
@Test public void testCreateAndDeleteTenantGroupMembership() { identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ID); identityService.deleteTenantGroupMembership(TENANT_ONE, GROUP_ID); assertEquals(0, authorizationService.createAuthorizationQuery() .groupIdIn(GROUP_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); identityService.setAuthentication(USER_ID, Collections.singletonList(GROUP_ID)); assertEquals(0,identityService.createTenantQuery() .count()); }
@Test public void testCreateAndDeleteTenantGroupMembershipForMultipleTenants() { createTenant(TENANT_TWO); identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ID); identityService.createTenantGroupMembership(TENANT_TWO, GROUP_ID); assertEquals(2, authorizationService.createAuthorizationQuery() .groupIdIn(GROUP_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); identityService.deleteTenantGroupMembership(TENANT_ONE, GROUP_ID); assertEquals(1, authorizationService.createAuthorizationQuery() .groupIdIn(GROUP_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); }
@Test public void testCreateAndDeleteTenantUserMembershipForMultipleTenants() { createTenant(TENANT_TWO); identityService.createTenantUserMembership(TENANT_ONE, USER_ID); identityService.createTenantUserMembership(TENANT_TWO, USER_ID); assertEquals(2, authorizationService.createAuthorizationQuery() .userIdIn(USER_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); identityService.deleteTenantUserMembership(TENANT_ONE, USER_ID); assertEquals(1, authorizationService.createAuthorizationQuery() .userIdIn(USER_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); }
@Test public void testCreateTenantGroupMembership() { identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ID); assertEquals(1, authorizationService.createAuthorizationQuery() .groupIdIn(GROUP_ID) .resourceType(Resources.TENANT) .resourceId(TENANT_ONE) .hasPermission(Permissions.READ).count()); identityService.setAuthentication(USER_ID, Collections.singletonList(GROUP_ID)); assertEquals(TENANT_ONE,identityService.createTenantQuery() .singleResult() .getId()); }
@Test public void testCreateAndDeleteTenantUserMembership() { identityService.createTenantUserMembership(TENANT_ONE, USER_ID); identityService.deleteTenantUserMembership(TENANT_ONE, USER_ID); assertEquals(0, authorizationService.createAuthorizationQuery() .userIdIn(USER_ID) .resourceType(Resources.TENANT) .hasPermission(Permissions.READ).count()); identityService.setAuthenticatedUserId(USER_ID); assertEquals(0,identityService.createTenantQuery() .count()); }
@Test public void testCreateTenantUserMembership() { identityService.createTenantUserMembership(TENANT_ONE, USER_ID); assertEquals(1, authorizationService.createAuthorizationQuery() .userIdIn(USER_ID) .resourceType(Resources.TENANT) .resourceId(TENANT_ONE) .hasPermission(Permissions.READ).count()); identityService.setAuthenticatedUserId(USER_ID); assertEquals(TENANT_ONE,identityService.createTenantQuery() .singleResult() .getId()); }