Examples with TrustedIdentityProvider io.automatiko.engine.api.auth.TrustedIdentityProvider used on opensource projects

Example 1 with TrustedIdentityProvider

use of io.automatiko.engine.api.auth.TrustedIdentityProvider in project automatiko-engine by automatiko-io.

the class AccessPolicyTest method testAssignInitiatorFromIdentity.

@Test
public void testAssignInitiatorFromIdentity() throws Exception {
    IdentityProvider.set(securityPolicy.value());
    Application app = generateCodeProcessesOnly("access-policy/UserTasksProcessWithAccessPolicy.bpmn2");
    assertThat(app).isNotNull();
    Process<? extends Model> p = app.processes().processById("UserTasksProcess");
    Model m = p.createModel();
    Map<String, Object> parameters = new HashMap<>();
    m.fromMap(parameters);
    ProcessInstance<?> processInstance = p.createInstance(m);
    processInstance.start();
    assertThat(processInstance.initiator()).hasValue("john");
    assertThat(processInstance.status()).isEqualTo(ProcessInstance.STATE_ACTIVE);
    // set identity to other user than initiator or any of the assigned human task actors
    IdentityProvider.set(new StaticIdentityProvider("mike"));
    // not initiator so can't
    // update process instance model
    assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> processInstance.updateVariables(null));
    // abort process instance
    assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> processInstance.abort());
    // signal process instance
    assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> processInstance.send(Sig.of("test")));
    assertThat(processInstance.status()).isEqualTo(ProcessInstance.STATE_ACTIVE);
    // set identity to one of the assigned human task actors but other than initiator
    IdentityProvider.set(new StaticIdentityProvider("mary"));
    processInstance.send(Sig.of("test"));
    // set identity to trusted identity to verify system actions can go through
    IdentityProvider.set(new TrustedIdentityProvider("System<test>"));
    processInstance.send(Sig.of("test"));
    // go back to initiator as identity that is allowed to perform operations
    IdentityProvider.set(securityPolicy.value());
    processInstance.abort();
    assertThat(processInstance.status()).isEqualTo(ProcessInstance.STATE_ABORTED);
}

Example 2 with TrustedIdentityProvider

use of io.automatiko.engine.api.auth.TrustedIdentityProvider in project automatiko-engine by automatiko-io.

the class DefaultWorkItemExecutionManager method error.

@SuppressWarnings("unchecked")
protected void error(String processId, WorkItem workItem, WorkItemManager manager, Throwable error) {
    LOGGER.debug("Executing error callback after work item execution");
    Process<?> process = processData.get(processId);
    if (process == null) {
        LOGGER.error("Unable to find process with id {}, completion of service invocation aborted", processId);
        return;
    }
    try {
        IdentityProvider.set(new TrustedIdentityProvider("System<async>"));
        UnitOfWorkExecutor.executeInUnitOfWork(application.unitOfWorkManager(), () -> {
            String id = StringUtils.isEmpty(workItem.getParentProcessInstanceId()) ? workItem.getProcessInstanceId() : workItem.getParentProcessInstanceId() + ":" + workItem.getProcessInstanceId();
            Optional<ProcessInstance<?>> instance = (Optional<ProcessInstance<?>>) process.instances().findById(id);
            if (instance.isPresent()) {
                instance.get().failWorkItem(workItem.getId(), error);
            }
            return null;
        });
    } catch (Throwable e) {
    }
}

Example 3 with TrustedIdentityProvider

use of io.automatiko.engine.api.auth.TrustedIdentityProvider in project automatiko-engine by automatiko-io.

the class DefaultWorkItemExecutionManager method success.

@SuppressWarnings("unchecked")
protected void success(String processId, String name, WorkItem workItem, WorkItemManager manager, Object value) {
    LOGGER.debug("Executing success callback after work item execution");
    Process<?> process = processData.get(processId);
    if (process == null) {
        LOGGER.error("Unable to find process with id {}, completion of service invocation aborted", processId);
        return;
    }
    IdentityProvider.set(new TrustedIdentityProvider("System<async>"));
    UnitOfWorkExecutor.executeInUnitOfWork(application.unitOfWorkManager(), () -> {
        String id = StringUtils.isEmpty(workItem.getParentProcessInstanceId()) ? workItem.getProcessInstanceId() : workItem.getParentProcessInstanceId() + ":" + workItem.getProcessInstanceId();
        Optional<ProcessInstance<?>> instance = (Optional<ProcessInstance<?>>) process.instances().findById(id);
        if (instance.isPresent()) {
            instance.get().completeWorkItem(workItem.getId(), name == null ? null : Collections.singletonMap(name, value));
        }
        return null;
    });
}

Example 4 with TrustedIdentityProvider

use of io.automatiko.engine.api.auth.TrustedIdentityProvider in project automatiko-engine by automatiko-io.

the class TestJobService method triggerProcessInstanceJob.

public void triggerProcessInstanceJob(String jobId) {
    LOGGER.debug("Job {} started", jobId);
    ProcessInstanceJobDescription job = (ProcessInstanceJobDescription) jobs.remove(jobId);
    if (job == null) {
        throw new IllegalArgumentException("Job with id " + jobId + " not found");
    }
    try {
        Process<?> process = mappedProcesses.get(job.processId());
        if (process == null) {
            LOGGER.warn("No process found for process id {}", job.processId());
            return;
        }
        IdentityProvider.set(new TrustedIdentityProvider("System<timer>"));
        UnitOfWorkExecutor.executeInUnitOfWork(unitOfWorkManager, () -> {
            Optional<? extends ProcessInstance<?>> processInstanceFound = process.instances().findById(job.processInstanceId());
            if (processInstanceFound.isPresent()) {
                ProcessInstance<?> processInstance = processInstanceFound.get();
                String[] ids = job.id().split("_");
                processInstance.send(Sig.of(job.triggerType(), TimerInstance.with(Long.parseLong(ids[1]), job.id(), job.expirationTime().repeatLimit())));
                if (job.expirationTime().repeatLimit() == 0) {
                    jobs.remove(jobId);
                }
            } else {
                // since owning process instance does not exist cancel timers
                jobs.remove(jobId);
            }
            return null;
        });
        LOGGER.debug("Job {} completed", job.id());
    } finally {
        if (job.expirationTime().next() != null) {
            jobs.remove(jobId);
            scheduleProcessInstanceJob(job);
        } else {
            jobs.remove(jobId);
        }
    }
}

Example 5 with TrustedIdentityProvider

use of io.automatiko.engine.api.auth.TrustedIdentityProvider in project automatiko-engine by automatiko-io.

the class Controller method reconcile.

@Override
public synchronized UpdateControl<$DataType$> reconcile($DataType$ resource, Context context) {
    if (!acceptedPayload(resource)) {
        LOGGER.debug("Event has been rejected by the filter expression");
        return UpdateControl.noUpdate();
    }
    String trigger = "$Trigger$";
    IdentityProvider.set(new TrustedIdentityProvider("System<messaging>"));
    final $Type$ model = new $Type$();
    return io.automatiko.engine.services.uow.UnitOfWorkExecutor.executeInUnitOfWork(application.unitOfWorkManager(), () -> {
        try {
            String correlation = resource.getMetadata().getName();
            if (correlation != null) {
                LOGGER.debug("Correlation ({}) is set, attempting to find if there is matching instance already active", correlation);
                Optional<? extends ProcessInstance> possiblyFound = (Optional<? extends ProcessInstance>) process.instances().findById(correlation);
                if (possiblyFound.isPresent()) {
                    ProcessInstance pInstance = (ProcessInstance) possiblyFound.get();
                    LOGGER.debug("Found process instance {} matching correlation {}, signaling instead of starting new instance", pInstance.id(), correlation);
                    pInstance.send(Sig.of("Message-updated", resource));
                    $DataType$ updated = ($DataType$) ((Model) pInstance.variables()).toMap().get("resource");
                    if (updated == null || Boolean.TRUE.equals(((WorkflowProcessInstanceImpl) ((AbstractProcessInstance<?>) pInstance).processInstance()).getVariable("skipResourceUpdate"))) {
                        LOGGER.debug("Signalled and returned updated {} no need to updated custom resource", updated);
                        return UpdateControl.noUpdate();
                    }
                    LOGGER.debug("Signalled and returned updated {} that requires update of the custom resource", updated);
                    return UpdateControl.updateResourceAndStatus(updated);
                }
            }
            if (canStartInstance()) {
                LOGGER.debug("Received message without reference id and no correlation is set/matched, staring new process instance with trigger '{}'", trigger);
                ProcessInstance<?> pi = process.createInstance(correlation, model);
                pi.start(trigger, null, resource);
                $DataType$ updated = ($DataType$) ((Model) pi.variables()).toMap().get("resource");
                if (updated == null || Boolean.TRUE.equals(((WorkflowProcessInstanceImpl) ((AbstractProcessInstance<?>) pi).processInstance()).getVariable("skipResourceUpdate"))) {
                    LOGGER.debug("New instance started and not need to update custom resource");
                    return UpdateControl.noUpdate();
                }
                LOGGER.debug("New instance started and with the need to update custom resource");
                return UpdateControl.updateResourceAndStatus(updated);
            } else {
                LOGGER.warn("Received message without reference id and no correlation is set/matched, for trigger not capable of starting new instance '{}'", trigger);
            }
        } catch (Throwable t) {
            LOGGER.error("Encountered problems while creating/updating instance", t);
        }
        return UpdateControl.noUpdate();
    });
}