Search in sources :

Example 76 with AuthorizationException

use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.

the class AuthorizationRestServiceInteractionTest method testSaveAuthorizationThrowsAuthorizationException.

@Test
public void testSaveAuthorizationThrowsAuthorizationException() {
    String message = "expected authorization exception";
    when(authorizationServiceMock.saveAuthorization(any(Authorization.class))).thenThrow(new AuthorizationException(message));
    Authorization authorization = MockProvider.createMockGrantAuthorization();
    when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_GRANT)).thenReturn(authorization);
    AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization);
    given().body(dto).contentType(ContentType.JSON).then().expect().statusCode(Status.FORBIDDEN.getStatusCode()).contentType(ContentType.JSON).body("type", equalTo(AuthorizationException.class.getSimpleName())).body("message", equalTo(message)).when().post(AUTH_CREATE_PATH);
}
Also used : Authorization(org.camunda.bpm.engine.authorization.Authorization) AuthorizationDto(org.camunda.bpm.engine.rest.dto.authorization.AuthorizationDto) AuthorizationException(org.camunda.bpm.engine.AuthorizationException) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 77 with AuthorizationException

use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.

the class BatchRestServiceInteractionTest method activateBatchUnauthorized.

@Test
public void activateBatchUnauthorized() {
    String batchId = MockProvider.EXAMPLE_BATCH_ID;
    String expectedMessage = "The user with id 'userId' does not have 'UPDATE' permission on resource '" + batchId + "' of type 'Batch'.";
    doThrow(new AuthorizationException(expectedMessage)).when(managementServiceMock).activateBatchById(eq(batchId));
    given().pathParam("id", batchId).contentType(ContentType.JSON).body(singletonMap("suspended", false)).then().expect().statusCode(Status.FORBIDDEN.getStatusCode()).body("type", equalTo(AuthorizationException.class.getSimpleName())).body("message", equalTo(expectedMessage)).when().put(SUSPENDED_BATCH_RESOURCE_URL);
}
Also used : AuthorizationException(org.camunda.bpm.engine.AuthorizationException) Test(org.junit.Test)

Example 78 with AuthorizationException

use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.

the class TaskResourceImpl method getForm.

@Override
public FormDto getForm() {
    FormService formService = engine.getFormService();
    Task task = getTaskById(taskId);
    FormData formData;
    try {
        formData = formService.getTaskFormData(taskId);
    } catch (AuthorizationException e) {
        throw e;
    } catch (ProcessEngineException e) {
        throw new RestException(Status.BAD_REQUEST, e, "Cannot get form for task " + taskId);
    }
    FormDto dto = FormDto.fromFormData(formData);
    if (dto.getKey() == null || dto.getKey().isEmpty()) {
        if (formData != null && formData.getFormFields() != null && !formData.getFormFields().isEmpty()) {
            dto.setKey("embedded:engine://engine/:engine/task/" + taskId + "/rendered-form");
        }
    }
    // to get the application context path it is necessary to
    // execute it without authentication (tries to fetch the
    // process definition), because:
    // - user 'demo' has READ permission on a specific task resource
    // - user 'demo' does not have a READ permission on the corresponding
    // process definition
    // -> running the following lines with authorization would lead
    // to an AuthorizationException because the user 'demo' does not
    // have READ permission on the corresponding process definition
    IdentityService identityService = engine.getIdentityService();
    Authentication currentAuthentication = identityService.getCurrentAuthentication();
    try {
        identityService.clearAuthentication();
        String processDefinitionId = task.getProcessDefinitionId();
        String caseDefinitionId = task.getCaseDefinitionId();
        if (processDefinitionId != null) {
            dto.setContextPath(ApplicationContextPathUtil.getApplicationPathByProcessDefinitionId(engine, processDefinitionId));
        } else if (caseDefinitionId != null) {
            dto.setContextPath(ApplicationContextPathUtil.getApplicationPathByCaseDefinitionId(engine, caseDefinitionId));
        }
    } finally {
        identityService.setAuthentication(currentAuthentication);
    }
    return dto;
}
Also used : FormData(org.camunda.bpm.engine.form.FormData) IdentityService(org.camunda.bpm.engine.IdentityService) Task(org.camunda.bpm.engine.task.Task) HalTask(org.camunda.bpm.engine.rest.hal.task.HalTask) AuthorizationException(org.camunda.bpm.engine.AuthorizationException) Authentication(org.camunda.bpm.engine.impl.identity.Authentication) FormService(org.camunda.bpm.engine.FormService) RestException(org.camunda.bpm.engine.rest.exception.RestException) FormDto(org.camunda.bpm.engine.rest.dto.task.FormDto) ProcessEngineException(org.camunda.bpm.engine.ProcessEngineException)

Example 79 with AuthorizationException

use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.

the class JobResourceImpl method executeJob.

@Override
public void executeJob() {
    try {
        ManagementService managementService = engine.getManagementService();
        managementService.executeJob(this.jobId);
    } catch (AuthorizationException e) {
        throw e;
    } catch (ProcessEngineException e) {
        throw new InvalidRequestException(Status.NOT_FOUND, e.getMessage());
    } catch (RuntimeException r) {
        throw new RestException(Status.INTERNAL_SERVER_ERROR, r.getMessage());
    }
}
Also used : ManagementService(org.camunda.bpm.engine.ManagementService) AuthorizationException(org.camunda.bpm.engine.AuthorizationException) RestException(org.camunda.bpm.engine.rest.exception.RestException) InvalidRequestException(org.camunda.bpm.engine.rest.exception.InvalidRequestException) ProcessEngineException(org.camunda.bpm.engine.ProcessEngineException)

Example 80 with AuthorizationException

use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.

the class JobResourceImpl method getStacktrace.

@Override
public String getStacktrace() {
    try {
        ManagementService managementService = engine.getManagementService();
        String stacktrace = managementService.getJobExceptionStacktrace(jobId);
        return stacktrace;
    } catch (AuthorizationException e) {
        throw e;
    } catch (ProcessEngineException e) {
        throw new InvalidRequestException(Status.NOT_FOUND, e.getMessage());
    }
}
Also used : ManagementService(org.camunda.bpm.engine.ManagementService) AuthorizationException(org.camunda.bpm.engine.AuthorizationException) InvalidRequestException(org.camunda.bpm.engine.rest.exception.InvalidRequestException) ProcessEngineException(org.camunda.bpm.engine.ProcessEngineException)

Aggregations

AuthorizationException (org.camunda.bpm.engine.AuthorizationException)213 Test (org.junit.Test)142 Matchers.anyString (org.mockito.Matchers.anyString)116 Matchers.containsString (org.hamcrest.Matchers.containsString)55 HashMap (java.util.HashMap)50 Authorization (org.camunda.bpm.engine.authorization.Authorization)22 ProcessEngineException (org.camunda.bpm.engine.ProcessEngineException)21 MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)21 InvalidRequestException (org.camunda.bpm.engine.rest.exception.InvalidRequestException)20 RestException (org.camunda.bpm.engine.rest.exception.RestException)14 AbstractRestServiceTest (org.camunda.bpm.engine.rest.AbstractRestServiceTest)13 User (org.camunda.bpm.engine.identity.User)12 Group (org.camunda.bpm.engine.identity.Group)10 Tenant (org.camunda.bpm.engine.identity.Tenant)10 ProcessInstance (org.camunda.bpm.engine.runtime.ProcessInstance)10 ArrayList (java.util.ArrayList)8 LinkedHashMap (java.util.LinkedHashMap)7 Map (java.util.Map)7 ExampleVariableObject (org.camunda.bpm.engine.rest.helper.ExampleVariableObject)7 ManagementService (org.camunda.bpm.engine.ManagementService)6