/** * @return the id of the resource if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the id of the resource * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getResourceId() { if (missingAuthorizations.size() == 1) { return missingAuthorizations.get(0).getResourceId(); } return null; }
/** * @return the id of the resource if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the id of the resource * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getResourceId() { if (missingAuthorizations.size() == 1) { return missingAuthorizations.get(0).getResourceId(); } return null; }
/** * Generated exception message for the missing authorization. * * @param exceptionInfo to use */ private static String generateMissingAuthorizationMessage(MissingAuthorization exceptionInfo) { StringBuilder builder = new StringBuilder(); String permissionName = exceptionInfo.getViolatedPermissionName(); String resourceType = exceptionInfo.getResourceType(); String resourceId = exceptionInfo.getResourceId(); builder.append("'"); builder.append(permissionName); builder.append("' permission on resource '"); builder.append((resourceId != null ? (resourceId+"' of type '") : "" )); builder.append(resourceType); builder.append("'"); return builder.toString(); } }
/** * Generated exception message for the missing authorization. * * @param exceptionInfo to use */ private static String generateMissingAuthorizationMessage(MissingAuthorization exceptionInfo) { StringBuilder builder = new StringBuilder(); String permissionName = exceptionInfo.getViolatedPermissionName(); String resourceType = exceptionInfo.getResourceType(); String resourceId = exceptionInfo.getResourceId(); builder.append("'"); builder.append(permissionName); builder.append("' permission on resource '"); builder.append((resourceId != null ? (resourceId+"' of type '") : "" )); builder.append(resourceType); builder.append("'"); return builder.toString(); } }
public AuthorizationException(String userId, MissingAuthorization exceptionInfo) { super( "The user with id '"+userId+ "' does not have "+generateMissingAuthorizationMessage(exceptionInfo)+"."); this.userId = userId; missingAuthorizations = new ArrayList<MissingAuthorization>(); missingAuthorizations.add(exceptionInfo); this.resourceType = exceptionInfo.getResourceType(); this.permissionName = exceptionInfo.getViolatedPermissionName(); this.resourceId = exceptionInfo.getResourceId(); }
public AuthorizationException(String userId, MissingAuthorization exceptionInfo) { super( "The user with id '"+userId+ "' does not have "+generateMissingAuthorizationMessage(exceptionInfo)+"."); this.userId = userId; missingAuthorizations = new ArrayList<MissingAuthorization>(); missingAuthorizations.add(exceptionInfo); this.resourceType = exceptionInfo.getResourceType(); this.permissionName = exceptionInfo.getViolatedPermissionName(); this.resourceId = exceptionInfo.getResourceId(); }
@Override protected boolean matchesSafely(MissingAuthorization item, Description mismatchDescription) { if (StringUtils.equals(missing.getResourceId(), item.getResourceId()) && StringUtils.equals(missing.getResourceType(), item.getResourceType()) && StringUtils.equals(missing.getViolatedPermissionName(), item.getViolatedPermissionName())) { return true; } mismatchDescription.appendText("expected missing authorization: ").appendValue(missing).appendValue(" received: ").appendValue(item); return false; }
/** * Checks if the info has the expected parameters. * * @param expectedPermissionName to use * @param expectedResourceName to use * @param expectedResourceId to use * @param info to check */ public static void assertExceptionInfo(String expectedPermissionName, String expectedResourceName, String expectedResourceId, MissingAuthorization info) { assertEquals(expectedPermissionName, info.getViolatedPermissionName()); assertEquals(expectedResourceName, info.getResourceType()); assertEquals(expectedResourceId, info.getResourceId()); }
public static MissingAuthorizationDto fromInfo(MissingAuthorization info) { MissingAuthorizationDto dto = new MissingAuthorizationDto(); dto.setPermissionName(info.getViolatedPermissionName()); dto.setResourceId(info.getResourceId()); dto.setResourceName(info.getResourceType()); return dto; }
public static MissingAuthorizationDto fromInfo(MissingAuthorization info) { MissingAuthorizationDto dto = new MissingAuthorizationDto(); dto.setPermissionName(info.getViolatedPermissionName()); dto.setResourceId(info.getResourceId()); dto.setResourceName(info.getResourceType()); return dto; }
/** * @return the id of the resource if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the id of the resource * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getResourceId() { if (missingAuthorizations.size() == 1) { return missingAuthorizations.get(0).getResourceId(); } return null; }
/** * Generated exception message for the missing authorization. * * @param exceptionInfo to use */ private static String generateMissingAuthorizationMessage(MissingAuthorization exceptionInfo) { StringBuilder builder = new StringBuilder(); String permissionName = exceptionInfo.getViolatedPermissionName(); String resourceType = exceptionInfo.getResourceType(); String resourceId = exceptionInfo.getResourceId(); builder.append("'"); builder.append(permissionName); builder.append("' permission on resource '"); builder.append((resourceId != null ? (resourceId+"' of type '") : "" )); builder.append(resourceType); builder.append("'"); return builder.toString(); } }
public void testHistoricProcessInstanceReportWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); String taskId = selectSingleTask().getId(); disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService .createHistoricProcessInstanceReport() .duration(PeriodUnit.MONTH); fail("Exception expected: It should not be possible to create a historic process instance report"); } catch (AuthorizationException e) { // then List<MissingAuthorization> missingAuthorizations = e.getMissingAuthorizations(); assertEquals(1, missingAuthorizations.size()); MissingAuthorization missingAuthorization = missingAuthorizations.get(0); assertEquals(READ_HISTORY.toString(), missingAuthorization.getViolatedPermissionName()); assertEquals(PROCESS_DEFINITION.resourceName(), missingAuthorization.getResourceType()); assertEquals(ANY, missingAuthorization.getResourceId()); } }
public void testHistoricTaskInstanceReportWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); String taskId = selectSingleTask().getId(); disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService .createHistoricTaskInstanceReport() .duration(PeriodUnit.MONTH); fail("Exception expected: It should not be possible to create a historic task instance report"); } catch (AuthorizationException e) { // then List<MissingAuthorization> missingAuthorizations = e.getMissingAuthorizations(); assertEquals(1, missingAuthorizations.size()); MissingAuthorization missingAuthorization = missingAuthorizations.get(0); assertEquals(READ_HISTORY.toString(), missingAuthorization.getViolatedPermissionName()); assertEquals(PROCESS_DEFINITION.resourceName(), missingAuthorization.getResourceType()); assertEquals(ANY, missingAuthorization.getResourceId()); } }
public AuthorizationException(String userId, MissingAuthorization exceptionInfo) { super( "The user with id '"+userId+ "' does not have "+generateMissingAuthorizationMessage(exceptionInfo)+"."); this.userId = userId; missingAuthorizations = new ArrayList<MissingAuthorization>(); missingAuthorizations.add(exceptionInfo); this.resourceType = exceptionInfo.getResourceType(); this.permissionName = exceptionInfo.getViolatedPermissionName(); this.resourceId = exceptionInfo.getResourceId(); }
@Override protected boolean matchesSafely(MissingAuthorization item, Description mismatchDescription) { if (StringUtils.equals(missing.getResourceId(), item.getResourceId()) && StringUtils.equals(missing.getResourceType(), item.getResourceType()) && StringUtils.equals(missing.getViolatedPermissionName(), item.getViolatedPermissionName())) { return true; } mismatchDescription.appendText("expected missing authorization: ").appendValue(missing).appendValue(" received: ").appendValue(item); return false; }
/** * Checks if the info has the expected parameters. * * @param expectedPermissionName to use * @param expectedResourceName to use * @param expectedResourceId to use * @param info to check */ public static void assertExceptionInfo(String expectedPermissionName, String expectedResourceName, String expectedResourceId, MissingAuthorization info) { assertEquals(expectedPermissionName, info.getViolatedPermissionName()); assertEquals(expectedResourceName, info.getResourceType()); assertEquals(expectedResourceId, info.getResourceId()); } }
public static MissingAuthorizationDto fromInfo(MissingAuthorization info) { MissingAuthorizationDto dto = new MissingAuthorizationDto(); dto.setPermissionName(info.getViolatedPermissionName()); dto.setResourceId(info.getResourceId()); dto.setResourceName(info.getResourceType()); return dto; }
public void testHistoricProcessInstanceReportWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); String taskId = selectSingleTask().getId(); disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService .createHistoricProcessInstanceReport() .duration(PeriodUnit.MONTH); fail("Exception expected: It should not be possible to create a historic process instance report"); } catch (AuthorizationException e) { // then List<MissingAuthorization> missingAuthorizations = e.getMissingAuthorizations(); assertEquals(1, missingAuthorizations.size()); MissingAuthorization missingAuthorization = missingAuthorizations.get(0); assertEquals(READ_HISTORY.toString(), missingAuthorization.getViolatedPermissionName()); assertEquals(PROCESS_DEFINITION.resourceName(), missingAuthorization.getResourceType()); assertEquals(ANY, missingAuthorization.getResourceId()); } }
public void testHistoricTaskInstanceReportWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); String taskId = selectSingleTask().getId(); disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService .createHistoricTaskInstanceReport() .duration(PeriodUnit.MONTH); fail("Exception expected: It should not be possible to create a historic task instance report"); } catch (AuthorizationException e) { // then List<MissingAuthorization> missingAuthorizations = e.getMissingAuthorizations(); assertEquals(1, missingAuthorizations.size()); MissingAuthorization missingAuthorization = missingAuthorizations.get(0); assertEquals(READ_HISTORY.toString(), missingAuthorization.getViolatedPermissionName()); assertEquals(PROCESS_DEFINITION.resourceName(), missingAuthorization.getResourceType()); assertEquals(ANY, missingAuthorization.getResourceId()); } }