Example 1 with NotAuthorizedException
use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.
the class WorkbasketQueryAccTest method testQueryWorkbasketByUnauthenticated.
@Test
public void testQueryWorkbasketByUnauthenticated() throws SQLException, NotAuthorizedException, InvalidArgumentException {
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery().nameLike("%").list();
Assert.assertEquals(0L, results.size());
try {
results = workbasketService.createWorkbasketQuery().nameLike("%").accessIdsHavePermission(WorkbasketPermission.TRANSFER, "teamlead_1", "group_1", "group_2").list();
Assert.fail("NotAuthrorizedException was expected");
} catch (NotAuthorizedException ex) {
}
}
Also used :
WorkbasketService(pro.taskana.WorkbasketService)
NotAuthorizedException(pro.taskana.exceptions.NotAuthorizedException)
WorkbasketSummary(pro.taskana.WorkbasketSummary)
AbstractAccTest(acceptance.AbstractAccTest)
Test(org.junit.Test)
Example 2 with NotAuthorizedException
use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.
the class TaskServiceImplIntAutocommitTest method shouldNotTransferByFailingSecurity.
@WithAccessId(userName = "User", groupNames = { "businessadmin" })
@Test
public void shouldNotTransferByFailingSecurity() throws WorkbasketNotFoundException, ClassificationNotFoundException, NotAuthorizedException, ClassificationAlreadyExistException, SQLException, TaskNotFoundException, TaskAlreadyExistException, InvalidWorkbasketException, InvalidArgumentException, WorkbasketAlreadyExistException, DomainNotFoundException {
final String user = CurrentUserContext.getUserid();
// Set up Security for this Test
dataSource = TaskanaEngineConfigurationTest.getDataSource();
taskanaEngineConfiguration = new TaskanaEngineConfiguration(dataSource, false, true);
taskanaEngine = taskanaEngineConfiguration.buildTaskanaEngine();
taskanaEngineImpl = (TaskanaEngineImpl) taskanaEngine;
taskanaEngineImpl.setConnectionManagementMode(ConnectionManagementMode.AUTOCOMMIT);
taskServiceImpl = (TaskServiceImpl) taskanaEngine.getTaskService();
classificationService = taskanaEngine.getClassificationService();
workbasketService = taskanaEngine.getWorkbasketService();
ClassificationImpl classification = (ClassificationImpl) classificationService.newClassification("KEY", "DOMAIN_A", "TASK");
classification.setCategory("EXTERNAL");
classification.setName("Transfert-Task Classification");
classificationService.createClassification(classification);
WorkbasketImpl wb = (WorkbasketImpl) workbasketService.newWorkbasket("k5", "DOMAIN_A");
wb.setName("BASE WB");
wb.setDescription("Normal base WB");
wb.setOwner(user);
wb.setType(WorkbasketType.TOPIC);
wb = (WorkbasketImpl) workbasketService.createWorkbasket(wb);
createWorkbasketWithSecurity(wb, wb.getOwner(), true, true, true, true);
WorkbasketImpl wbNoAppend = (WorkbasketImpl) workbasketService.newWorkbasket("key77", "DOMAIN_A");
wbNoAppend.setName("Test-Security-WorkBasket-APPEND");
wbNoAppend.setDescription("Workbasket without permission APPEND on Task");
wbNoAppend.setOwner(user);
wbNoAppend.setType(WorkbasketType.PERSONAL);
wbNoAppend = (WorkbasketImpl) workbasketService.createWorkbasket(wbNoAppend);
createWorkbasketWithSecurity(wbNoAppend, wbNoAppend.getOwner(), true, true, false, true);
WorkbasketImpl wbNoTransfer = (WorkbasketImpl) workbasketService.newWorkbasket("k99", "DOMAIN_B");
wbNoTransfer.setName("Test-Security-WorkBasket-TRANSFER");
wbNoTransfer.setDescription("Workbasket without permission TRANSFER on Task");
wbNoTransfer.setOwner(user);
wbNoTransfer.setType(WorkbasketType.CLEARANCE);
wbNoTransfer = (WorkbasketImpl) workbasketService.createWorkbasket(wbNoTransfer);
createWorkbasketWithSecurity(wbNoTransfer, wbNoTransfer.getOwner(), true, true, true, false);
TaskImpl task = (TaskImpl) taskServiceImpl.newTask(wb.getId());
task.setName("Task Name");
task.setDescription("Task used for transfer Test");
task.setOwner(user);
task.setClassificationKey(classification.getKey());
task.setPrimaryObjRef(JunitHelper.createDefaultObjRef());
task = (TaskImpl) taskServiceImpl.createTask(task);
// Check failing with missing APPEND
try {
task = (TaskImpl) taskServiceImpl.transfer(task.getId(), wbNoAppend.getId());
fail("Transfer Task should be FAILD, because there are no APPEND-Rights on destination WB.");
} catch (NotAuthorizedException e) {
if (!e.getMessage().contains("APPEND")) {
fail("Transfer Task should be FAILD, because there are no APPEND-Rights on destination WB.");
}
assertThat(task.isTransferred(), equalTo(false));
assertThat(task.getWorkbasketKey(), not(equalTo(wbNoAppend.getKey())));
assertThat(task.getWorkbasketKey(), equalTo(wb.getKey()));
}
// Check failing with missing TRANSFER
task.setId("");
task.getWorkbasketSummaryImpl().setId(wbNoTransfer.getId());
task.setWorkbasketKey(null);
task = (TaskImpl) taskServiceImpl.createTask(task);
try {
task = (TaskImpl) taskServiceImpl.transfer(task.getId(), wb.getId());
fail("Transfer Task should be FAILD, because there are no TRANSFER-Rights on current WB.");
} catch (NotAuthorizedException e) {
if (!e.getMessage().contains("TRANSFER")) {
fail("Transfer Task should be FAILD, because there are no APPEND-Rights on current WB.");
}
assertThat(task.isTransferred(), equalTo(false));
assertThat(task.getWorkbasketKey(), not(equalTo(wbNoAppend.getKey())));
}
}
Also used :
TaskanaEngineConfiguration(pro.taskana.configuration.TaskanaEngineConfiguration)
TaskImpl(pro.taskana.impl.TaskImpl)
WorkbasketImpl(pro.taskana.impl.WorkbasketImpl)
NotAuthorizedException(pro.taskana.exceptions.NotAuthorizedException)
ClassificationImpl(pro.taskana.impl.ClassificationImpl)
TaskanaEngineConfigurationTest(pro.taskana.impl.configuration.TaskanaEngineConfigurationTest)
Test(org.junit.Test)
WithAccessId(pro.taskana.security.WithAccessId)
Example 3 with NotAuthorizedException
use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.
the class TransferTaskAccTest method testBulkTransferTaskWithExceptions.
@WithAccessId(userName = "teamlead_1", groupNames = { "group_1" })
@Test
public void testBulkTransferTaskWithExceptions() throws SQLException, NotAuthorizedException, InvalidArgumentException, ClassificationNotFoundException, WorkbasketNotFoundException, TaskAlreadyExistException, InvalidWorkbasketException, TaskNotFoundException, InvalidStateException, InvalidOwnerException {
TaskService taskService = taskanaEngine.getTaskService();
Workbasket wb = taskanaEngine.getWorkbasketService().getWorkbasket("USER_1_1", "DOMAIN_A");
Instant before = Instant.now();
ArrayList<String> taskIdList = new ArrayList<>();
// working
taskIdList.add("TKI:000000000000000000000000000000000006");
// NotAuthorized
taskIdList.add("TKI:000000000000000000000000000000000041");
// InvalidArgument
taskIdList.add("");
// InvalidArgument (added with ""), duplicate
taskIdList.add(null);
// TaskNotFound
taskIdList.add("TKI:000000000000000000000000000000000099");
BulkOperationResults<String, TaskanaException> results = taskService.transferTasks("WBI:100000000000000000000000000000000006", taskIdList);
assertTrue(results.containsErrors());
assertThat(results.getErrorMap().values().size(), equalTo(3));
// react to result
for (String taskId : results.getErrorMap().keySet()) {
TaskanaException ex = results.getErrorForId(taskId);
if (ex instanceof NotAuthorizedException) {
System.out.println("NotAuthorizedException on bulkTransfer for taskId=" + taskId);
} else if (ex instanceof InvalidArgumentException) {
System.out.println("InvalidArgumentException on bulkTransfer for EMPTY/NULL taskId='" + taskId + "'");
} else if (ex instanceof TaskNotFoundException) {
System.out.println("TaskNotFoundException on bulkTransfer for taskId=" + taskId);
} else {
fail("Impossible failure Entry registered");
}
}
Task transferredTask = taskService.getTask("TKI:000000000000000000000000000000000006");
assertNotNull(transferredTask);
assertTrue(transferredTask.isTransferred());
assertFalse(transferredTask.isRead());
assertEquals(TaskState.READY, transferredTask.getState());
assertThat(transferredTask.getWorkbasketKey(), equalTo(wb.getKey()));
assertThat(transferredTask.getDomain(), equalTo(wb.getDomain()));
assertFalse(transferredTask.getModified().isBefore(before));
assertThat(transferredTask.getOwner(), equalTo(null));
transferredTask = taskService.getTask("TKI:000000000000000000000000000000000002");
assertNotNull(transferredTask);
assertFalse(transferredTask.isTransferred());
assertEquals("USER_1_1", transferredTask.getWorkbasketKey());
}
Also used :
Task(pro.taskana.Task)
InvalidArgumentException(pro.taskana.exceptions.InvalidArgumentException)
TaskNotFoundException(pro.taskana.exceptions.TaskNotFoundException)
TaskService(pro.taskana.TaskService)
Instant(java.time.Instant)
ArrayList(java.util.ArrayList)
NotAuthorizedException(pro.taskana.exceptions.NotAuthorizedException)
Workbasket(pro.taskana.Workbasket)
TaskanaException(pro.taskana.exceptions.TaskanaException)
AbstractAccTest(acceptance.AbstractAccTest)
Test(org.junit.Test)
WithAccessId(pro.taskana.security.WithAccessId)
Example 4 with NotAuthorizedException
use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.
the class QueryClassificationAccTest method testGetClassificationsForTypeAndParent.
@Test
public void testGetClassificationsForTypeAndParent() throws SQLException, ClassificationNotFoundException, NotAuthorizedException, InvalidArgumentException {
ClassificationService classificationService = taskanaEngine.getClassificationService();
List<ClassificationSummary> classifications = classificationService.createClassificationQuery().typeIn("TASK", "DOCUMENT").parentIdIn("").list();
assertNotNull(classifications);
assertEquals(25, classifications.size());
List<ClassificationSummary> documentTypes = classifications.stream().filter(c -> c.getType().equals("DOCUMENT")).collect(Collectors.toList());
assertEquals(2, documentTypes.size());
List<ClassificationSummary> taskTypes = classifications.stream().filter(c -> c.getType().equals("TASK")).collect(Collectors.toList());
assertEquals(23, taskTypes.size());
}
Also used :
SQLException(java.sql.SQLException)
List(java.util.List)
ClassificationNotFoundException(pro.taskana.exceptions.ClassificationNotFoundException)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
ClassificationService(pro.taskana.ClassificationService)
AbstractAccTest(acceptance.AbstractAccTest)
NotAuthorizedException(pro.taskana.exceptions.NotAuthorizedException)
Test(org.junit.Test)
ClassificationSummary(pro.taskana.ClassificationSummary)
Collectors(java.util.stream.Collectors)
Assert.assertEquals(org.junit.Assert.assertEquals)
InvalidArgumentException(pro.taskana.exceptions.InvalidArgumentException)
ClassificationSummary(pro.taskana.ClassificationSummary)
ClassificationService(pro.taskana.ClassificationService)
AbstractAccTest(acceptance.AbstractAccTest)
Test(org.junit.Test)
Example 5 with NotAuthorizedException
use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.
the class WorkbasketServiceImplTest method testGetWorkbasketById_NonAuthorizedUser.
@Test(expected = NotAuthorizedException.class)
public void testGetWorkbasketById_NonAuthorizedUser() throws WorkbasketNotFoundException, NotAuthorizedException {
String wbId = "ID-1";
Workbasket wb = createTestWorkbasket(wbId, "Key-1");
WorkbasketPermission authorization = WorkbasketPermission.READ;
doReturn(wb).when(workbasketMapperMock).findById(wbId);
doThrow(NotAuthorizedException.class).when(cutSpy).checkAuthorization(wb.getId(), authorization);
try {
cutSpy.getWorkbasket(wbId);
} catch (NotAuthorizedException ex) {
verify(taskanaEngineImplMock, times(1)).openConnection();
verify(workbasketMapperMock, times(1)).findById(wbId);
verify(cutSpy, times(1)).checkAuthorization(wb.getId(), authorization);
verify(taskanaEngineImplMock, times(1)).returnConnection();
verify(taskanaEngineImplMock, times(1)).isUserInRole(any());
verifyNoMoreInteractions(taskQueryMock, taskServiceMock, workbasketMapperMock, workbasketAccessMapperMock, distributionTargetMapperMock, taskanaEngineImplMock, taskanaEngineConfigurationMock);
throw ex;
}
}
Also used :
WorkbasketPermission(pro.taskana.WorkbasketPermission)
NotAuthorizedException(pro.taskana.exceptions.NotAuthorizedException)
Workbasket(pro.taskana.Workbasket)
Test(org.junit.Test)
Aggregations
NotAuthorizedException (pro.taskana.exceptions.NotAuthorizedException)27
Test (org.junit.Test)15
InvalidArgumentException (pro.taskana.exceptions.InvalidArgumentException)12
ArrayList (java.util.ArrayList)11
AbstractAccTest (acceptance.AbstractAccTest)10
Workbasket (pro.taskana.Workbasket)9
WithAccessId (pro.taskana.security.WithAccessId)9
List (java.util.List)8
WorkbasketService (pro.taskana.WorkbasketService)8
WorkbasketNotFoundException (pro.taskana.exceptions.WorkbasketNotFoundException)8
TaskSummary (pro.taskana.TaskSummary)7
WorkbasketSummary (pro.taskana.WorkbasketSummary)7
ClassificationNotFoundException (pro.taskana.exceptions.ClassificationNotFoundException)7
InvalidWorkbasketException (pro.taskana.exceptions.InvalidWorkbasketException)7
SQLException (java.sql.SQLException)6
Collectors (java.util.stream.Collectors)5
ClassificationSummary (pro.taskana.ClassificationSummary)5
TaskService (pro.taskana.TaskService)5
TaskNotFoundException (pro.taskana.exceptions.TaskNotFoundException)5
Classification (pro.taskana.Classification)4
