use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testSaveAuthorizationThrowsAuthorizationException.
@Test
public void testSaveAuthorizationThrowsAuthorizationException() {
String message = "expected authorization exception";
when(authorizationServiceMock.saveAuthorization(any(Authorization.class))).thenThrow(new AuthorizationException(message));
Authorization authorization = MockProvider.createMockGrantAuthorization();
when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_GRANT)).thenReturn(authorization);
AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization);
given().body(dto).contentType(ContentType.JSON).then().expect().statusCode(Status.FORBIDDEN.getStatusCode()).contentType(ContentType.JSON).body("type", equalTo(AuthorizationException.class.getSimpleName())).body("message", equalTo(message)).when().post(AUTH_CREATE_PATH);
}
use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.
the class BatchRestServiceInteractionTest method activateBatchUnauthorized.
@Test
public void activateBatchUnauthorized() {
String batchId = MockProvider.EXAMPLE_BATCH_ID;
String expectedMessage = "The user with id 'userId' does not have 'UPDATE' permission on resource '" + batchId + "' of type 'Batch'.";
doThrow(new AuthorizationException(expectedMessage)).when(managementServiceMock).activateBatchById(eq(batchId));
given().pathParam("id", batchId).contentType(ContentType.JSON).body(singletonMap("suspended", false)).then().expect().statusCode(Status.FORBIDDEN.getStatusCode()).body("type", equalTo(AuthorizationException.class.getSimpleName())).body("message", equalTo(expectedMessage)).when().put(SUSPENDED_BATCH_RESOURCE_URL);
}
use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.
the class TaskResourceImpl method getForm.
@Override
public FormDto getForm() {
FormService formService = engine.getFormService();
Task task = getTaskById(taskId);
FormData formData;
try {
formData = formService.getTaskFormData(taskId);
} catch (AuthorizationException e) {
throw e;
} catch (ProcessEngineException e) {
throw new RestException(Status.BAD_REQUEST, e, "Cannot get form for task " + taskId);
}
FormDto dto = FormDto.fromFormData(formData);
if (dto.getKey() == null || dto.getKey().isEmpty()) {
if (formData != null && formData.getFormFields() != null && !formData.getFormFields().isEmpty()) {
dto.setKey("embedded:engine://engine/:engine/task/" + taskId + "/rendered-form");
}
}
// to get the application context path it is necessary to
// execute it without authentication (tries to fetch the
// process definition), because:
// - user 'demo' has READ permission on a specific task resource
// - user 'demo' does not have a READ permission on the corresponding
// process definition
// -> running the following lines with authorization would lead
// to an AuthorizationException because the user 'demo' does not
// have READ permission on the corresponding process definition
IdentityService identityService = engine.getIdentityService();
Authentication currentAuthentication = identityService.getCurrentAuthentication();
try {
identityService.clearAuthentication();
String processDefinitionId = task.getProcessDefinitionId();
String caseDefinitionId = task.getCaseDefinitionId();
if (processDefinitionId != null) {
dto.setContextPath(ApplicationContextPathUtil.getApplicationPathByProcessDefinitionId(engine, processDefinitionId));
} else if (caseDefinitionId != null) {
dto.setContextPath(ApplicationContextPathUtil.getApplicationPathByCaseDefinitionId(engine, caseDefinitionId));
}
} finally {
identityService.setAuthentication(currentAuthentication);
}
return dto;
}
use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.
the class JobResourceImpl method executeJob.
@Override
public void executeJob() {
try {
ManagementService managementService = engine.getManagementService();
managementService.executeJob(this.jobId);
} catch (AuthorizationException e) {
throw e;
} catch (ProcessEngineException e) {
throw new InvalidRequestException(Status.NOT_FOUND, e.getMessage());
} catch (RuntimeException r) {
throw new RestException(Status.INTERNAL_SERVER_ERROR, r.getMessage());
}
}
use of org.camunda.bpm.engine.AuthorizationException in project camunda-bpm-platform by camunda.
the class JobResourceImpl method getStacktrace.
@Override
public String getStacktrace() {
try {
ManagementService managementService = engine.getManagementService();
String stacktrace = managementService.getJobExceptionStacktrace(jobId);
return stacktrace;
} catch (AuthorizationException e) {
throw e;
} catch (ProcessEngineException e) {
throw new InvalidRequestException(Status.NOT_FOUND, e.getMessage());
}
}
Aggregations