Examples with Authorization org.camunda.bpm.engine.authorization.Authorization used on opensource projects

Search in sources :

Example 81 with Authorization

use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.

the class FilterAuthorizationsTest method testReadFilterPermittedWithMultiple.

public void testReadFilterPermittedWithMultiple() {
    Filter filter = createTestFilter();
    grantReadFilter(filter.getId());
    Authorization authorization = processEngine.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
    authorization.addPermission(Permissions.READ);
    authorization.setUserId(Authorization.ANY);
    authorization.setResource(Resources.FILTER);
    authorization.setResourceId(Authorization.ANY);
    processEngine.getAuthorizationService().saveAuthorization(authorization);
    long count = filterService.createFilterQuery().count();
    assertEquals(1, count);
    Filter returnedFilter = filterService.createFilterQuery().filterId(filter.getId()).singleResult();
    assertNotNull(returnedFilter);
    returnedFilter = filterService.getFilter(filter.getId());
    assertNotNull(returnedFilter);
    processEngine.getAuthorizationService().deleteAuthorization(authorization.getId());
}
Also used : Authorization(org.camunda.bpm.engine.authorization.Authorization) Filter(org.camunda.bpm.engine.filter.Filter)

Example 82 with Authorization

use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.

the class FilterAuthorizationsTest method createAuthorization.

protected Authorization createAuthorization(Permission permission, String resourceId) {
    Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
    authorization.setUserId(testUser.getId());
    authorization.setResource(Resources.FILTER);
    authorization.addPermission(permission);
    if (resourceId != null) {
        authorization.setResourceId(resourceId);
    }
    return authorization;
}
Also used : Authorization(org.camunda.bpm.engine.authorization.Authorization)

Example 83 with Authorization

use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.

the class AuthorizationServiceTest method testCreateAuthorizationWithUserId.

public void testCreateAuthorizationWithUserId() {
    TestResource resource1 = new TestResource("resource1", 100);
    // initially, no authorization exists:
    assertEquals(0, authorizationService.createAuthorizationQuery().count());
    // simple create / delete with userId
    Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    authorization.setUserId("aUserId");
    authorization.setResource(resource1);
    // save the authorization
    authorizationService.saveAuthorization(authorization);
    // authorization exists
    assertEquals(1, authorizationService.createAuthorizationQuery().count());
    // delete the authorization
    authorizationService.deleteAuthorization(authorization.getId());
    // it's gone
    assertEquals(0, authorizationService.createAuthorizationQuery().count());
}
Also used : Authorization(org.camunda.bpm.engine.authorization.Authorization)

Example 84 with Authorization

use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.

the class AuthorizationServiceTest method testPermissions.

public void testPermissions() {
    Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    assertEquals(1, authorization.getPermissions(Permissions.values()).length);
    assertFalse(authorization.isPermissionGranted(ACCESS));
    assertFalse(authorization.isPermissionGranted(DELETE));
    assertFalse(authorization.isPermissionGranted(READ));
    assertFalse(authorization.isPermissionGranted(UPDATE));
    authorization.addPermission(ACCESS);
    assertTrue(authorization.isPermissionGranted(ACCESS));
    assertFalse(authorization.isPermissionGranted(DELETE));
    assertFalse(authorization.isPermissionGranted(READ));
    assertFalse(authorization.isPermissionGranted(UPDATE));
    authorization.addPermission(DELETE);
    assertTrue(authorization.isPermissionGranted(ACCESS));
    assertTrue(authorization.isPermissionGranted(DELETE));
    assertFalse(authorization.isPermissionGranted(READ));
    assertFalse(authorization.isPermissionGranted(UPDATE));
    authorization.addPermission(READ);
    assertTrue(authorization.isPermissionGranted(ACCESS));
    assertTrue(authorization.isPermissionGranted(DELETE));
    assertTrue(authorization.isPermissionGranted(READ));
    assertFalse(authorization.isPermissionGranted(UPDATE));
    authorization.addPermission(UPDATE);
    assertTrue(authorization.isPermissionGranted(ACCESS));
    assertTrue(authorization.isPermissionGranted(DELETE));
    assertTrue(authorization.isPermissionGranted(READ));
    assertTrue(authorization.isPermissionGranted(UPDATE));
    authorization.removePermission(ACCESS);
    assertFalse(authorization.isPermissionGranted(ACCESS));
    assertTrue(authorization.isPermissionGranted(DELETE));
    assertTrue(authorization.isPermissionGranted(READ));
    assertTrue(authorization.isPermissionGranted(UPDATE));
    authorization.removePermission(DELETE);
    assertFalse(authorization.isPermissionGranted(ACCESS));
    assertFalse(authorization.isPermissionGranted(DELETE));
    assertTrue(authorization.isPermissionGranted(READ));
    assertTrue(authorization.isPermissionGranted(UPDATE));
    authorization.removePermission(READ);
    assertFalse(authorization.isPermissionGranted(ACCESS));
    assertFalse(authorization.isPermissionGranted(DELETE));
    assertFalse(authorization.isPermissionGranted(READ));
    assertTrue(authorization.isPermissionGranted(UPDATE));
    authorization.removePermission(UPDATE);
    assertFalse(authorization.isPermissionGranted(ACCESS));
    assertFalse(authorization.isPermissionGranted(DELETE));
    assertFalse(authorization.isPermissionGranted(READ));
    assertFalse(authorization.isPermissionGranted(UPDATE));
}
Also used : Authorization(org.camunda.bpm.engine.authorization.Authorization)

Example 85 with Authorization

use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.

the class AuthorizationServiceTest method testGlobalGrantAuthorizationCheck.

public void testGlobalGrantAuthorizationCheck() {
    TestResource resource1 = new TestResource("resource1", 100);
    // create global authorization which grants all permissions to all users (on resource1):
    Authorization globalAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
    globalAuth.setResource(resource1);
    globalAuth.setResourceId(ANY);
    globalAuth.addPermission(ALL);
    authorizationService.saveAuthorization(globalAuth);
    List<String> jonnysGroups = Arrays.asList(new String[] { "sales", "marketing" });
    List<String> someOneElsesGroups = Arrays.asList(new String[] { "marketing" });
    // this authorizes any user to do anything in this resource:
    assertTrue(authorizationService.isUserAuthorized("jonny", null, ALL, resource1));
    assertTrue(authorizationService.isUserAuthorized("jonny", jonnysGroups, ALL, resource1));
    assertTrue(authorizationService.isUserAuthorized("someone", null, CREATE, resource1));
    assertTrue(authorizationService.isUserAuthorized("someone", someOneElsesGroups, CREATE, resource1));
    assertTrue(authorizationService.isUserAuthorized("someone else", null, DELETE, resource1));
    assertTrue(authorizationService.isUserAuthorized("jonny", null, ALL, resource1, "someId"));
    assertTrue(authorizationService.isUserAuthorized("jonny", jonnysGroups, ALL, resource1, "someId"));
    assertTrue(authorizationService.isUserAuthorized("someone", null, CREATE, resource1, "someId"));
    assertTrue(authorizationService.isUserAuthorized("someone else", null, DELETE, resource1, "someOtherId"));
}
Also used : Authorization(org.camunda.bpm.engine.authorization.Authorization)

Aggregations

Authorization (org.camunda.bpm.engine.authorization.Authorization)117 MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)26 AuthorizationException (org.camunda.bpm.engine.AuthorizationException)22 User (org.camunda.bpm.engine.identity.User)20 Test (org.junit.Test)17 AuthorizationQuery (org.camunda.bpm.engine.authorization.AuthorizationQuery)16 Group (org.camunda.bpm.engine.identity.Group)13 Permission (org.camunda.bpm.engine.authorization.Permission)12 AuthorizationService (org.camunda.bpm.engine.AuthorizationService)9 Tenant (org.camunda.bpm.engine.identity.Tenant)9 AuthorizationDto (org.camunda.bpm.engine.rest.dto.authorization.AuthorizationDto)8 Matchers.anyString (org.mockito.Matchers.anyString)7 ProcessEngineException (org.camunda.bpm.engine.ProcessEngineException)5 IdentityService (org.camunda.bpm.engine.IdentityService)3 Resource (org.camunda.bpm.engine.authorization.Resource)3 TenantEntity (org.camunda.bpm.engine.impl.persistence.entity.TenantEntity)3 Before (org.junit.Before)3 ArrayList (java.util.ArrayList)2 HashSet (java.util.HashSet)2 Filter (org.camunda.bpm.engine.filter.Filter)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial