use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testUpdateNonExistingAuthorization.
@Test
public void testUpdateNonExistingAuthorization() {
Authorization authorization = MockProvider.createMockGlobalAuthorization();
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(null);
AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization);
given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).body(dto).contentType(ContentType.JSON).then().expect().statusCode(Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON).body("message", equalTo("Authorization with id " + MockProvider.EXAMPLE_AUTHORIZATION_ID + " does not exist.")).when().put(AUTH_RESOURCE_PATH);
verify(authorizationServiceMock, never()).saveAuthorization(authorization);
}
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testSaveAuthorizationThrowsAuthorizationException.
@Test
public void testSaveAuthorizationThrowsAuthorizationException() {
String message = "expected authorization exception";
when(authorizationServiceMock.saveAuthorization(any(Authorization.class))).thenThrow(new AuthorizationException(message));
Authorization authorization = MockProvider.createMockGrantAuthorization();
when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_GRANT)).thenReturn(authorization);
AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization);
given().body(dto).contentType(ContentType.JSON).then().expect().statusCode(Status.FORBIDDEN.getStatusCode()).contentType(ContentType.JSON).body("type", equalTo(AuthorizationException.class.getSimpleName())).body("message", equalTo(message)).when().post(AUTH_CREATE_PATH);
}
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testAuthorizationResourceOptionsUpdateUnauthorized.
@Test
public void testAuthorizationResourceOptionsUpdateUnauthorized() {
String fullAuthorizationUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + AuthorizationRestService.PATH + "/" + MockProvider.EXAMPLE_AUTHORIZATION_ID;
Authorization authorization = MockProvider.createMockGlobalAuthorization();
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(authorization);
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(true);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);
when(processEngine.getProcessEngineConfiguration().isAuthorizationEnabled()).thenReturn(true);
given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullAuthorizationUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1].href", equalTo(fullAuthorizationUrl)).body("links[1].method", equalTo(HttpMethod.DELETE)).body("links[1].rel", equalTo("delete")).body("links[2]", nullValue()).when().options(AUTH_RESOURCE_PATH);
verify(identityServiceMock, times(2)).getCurrentAuthentication();
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
}
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testDeleteAuthorization.
@Test
public void testDeleteAuthorization() {
Authorization authorization = MockProvider.createMockGlobalAuthorization();
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(authorization);
given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().expect().statusCode(Status.NO_CONTENT.getStatusCode()).when().delete(AUTH_RESOURCE_PATH);
verify(authorizationQuery).authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID);
verify(authorizationServiceMock).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID);
}
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testCreateRevokeAuthorization.
@Test
public void testCreateRevokeAuthorization() {
Authorization authorization = MockProvider.createMockRevokeAuthorization();
when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_REVOKE)).thenReturn(authorization);
when(authorizationServiceMock.saveAuthorization(authorization)).thenReturn(authorization);
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(authorization);
AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization);
given().body(dto).contentType(ContentType.JSON).then().expect().statusCode(Status.OK.getStatusCode()).when().post(AUTH_CREATE_PATH);
verify(authorizationServiceMock).createNewAuthorization(Authorization.AUTH_TYPE_REVOKE);
verify(authorization, times(2)).setUserId(authorization.getUserId());
verify(authorization, times(4)).setResourceType(authorization.getAuthorizationType());
verify(authorization, times(2)).setResourceId(authorization.getResourceId());
verify(authorization, times(2)).setPermissions(authorization.getPermissions(Permissions.values()));
verify(authorizationServiceMock).saveAuthorization(authorization);
}
Aggregations