Example 21 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testUpdateNonExistingAuthorization.
@Test
public void testUpdateNonExistingAuthorization() {
Authorization authorization = MockProvider.createMockGlobalAuthorization();
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(null);
AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization);
given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).body(dto).contentType(ContentType.JSON).then().expect().statusCode(Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON).body("message", equalTo("Authorization with id " + MockProvider.EXAMPLE_AUTHORIZATION_ID + " does not exist.")).when().put(AUTH_RESOURCE_PATH);
verify(authorizationServiceMock, never()).saveAuthorization(authorization);
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
AuthorizationDto(org.camunda.bpm.engine.rest.dto.authorization.AuthorizationDto)
AuthorizationQuery(org.camunda.bpm.engine.authorization.AuthorizationQuery)
Test(org.junit.Test)
Example 22 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testSaveAuthorizationThrowsAuthorizationException.
@Test
public void testSaveAuthorizationThrowsAuthorizationException() {
String message = "expected authorization exception";
when(authorizationServiceMock.saveAuthorization(any(Authorization.class))).thenThrow(new AuthorizationException(message));
Authorization authorization = MockProvider.createMockGrantAuthorization();
when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_GRANT)).thenReturn(authorization);
AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization);
given().body(dto).contentType(ContentType.JSON).then().expect().statusCode(Status.FORBIDDEN.getStatusCode()).contentType(ContentType.JSON).body("type", equalTo(AuthorizationException.class.getSimpleName())).body("message", equalTo(message)).when().post(AUTH_CREATE_PATH);
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
AuthorizationDto(org.camunda.bpm.engine.rest.dto.authorization.AuthorizationDto)
AuthorizationException(org.camunda.bpm.engine.AuthorizationException)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 23 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testAuthorizationResourceOptionsUpdateUnauthorized.
@Test
public void testAuthorizationResourceOptionsUpdateUnauthorized() {
String fullAuthorizationUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + AuthorizationRestService.PATH + "/" + MockProvider.EXAMPLE_AUTHORIZATION_ID;
Authorization authorization = MockProvider.createMockGlobalAuthorization();
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(authorization);
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(true);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);
when(processEngine.getProcessEngineConfiguration().isAuthorizationEnabled()).thenReturn(true);
given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullAuthorizationUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1].href", equalTo(fullAuthorizationUrl)).body("links[1].method", equalTo(HttpMethod.DELETE)).body("links[1].rel", equalTo("delete")).body("links[2]", nullValue()).when().options(AUTH_RESOURCE_PATH);
verify(identityServiceMock, times(2)).getCurrentAuthentication();
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
AuthorizationQuery(org.camunda.bpm.engine.authorization.AuthorizationQuery)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 24 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testDeleteAuthorization.
@Test
public void testDeleteAuthorization() {
Authorization authorization = MockProvider.createMockGlobalAuthorization();
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(authorization);
given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().expect().statusCode(Status.NO_CONTENT.getStatusCode()).when().delete(AUTH_RESOURCE_PATH);
verify(authorizationQuery).authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID);
verify(authorizationServiceMock).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID);
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
AuthorizationQuery(org.camunda.bpm.engine.authorization.AuthorizationQuery)
Test(org.junit.Test)
Example 25 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testCreateRevokeAuthorization.
@Test
public void testCreateRevokeAuthorization() {
Authorization authorization = MockProvider.createMockRevokeAuthorization();
when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_REVOKE)).thenReturn(authorization);
when(authorizationServiceMock.saveAuthorization(authorization)).thenReturn(authorization);
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(authorization);
AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization);
given().body(dto).contentType(ContentType.JSON).then().expect().statusCode(Status.OK.getStatusCode()).when().post(AUTH_CREATE_PATH);
verify(authorizationServiceMock).createNewAuthorization(Authorization.AUTH_TYPE_REVOKE);
verify(authorization, times(2)).setUserId(authorization.getUserId());
verify(authorization, times(4)).setResourceType(authorization.getAuthorizationType());
verify(authorization, times(2)).setResourceId(authorization.getResourceId());
verify(authorization, times(2)).setPermissions(authorization.getPermissions(Permissions.values()));
verify(authorizationServiceMock).saveAuthorization(authorization);
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
AuthorizationDto(org.camunda.bpm.engine.rest.dto.authorization.AuthorizationDto)
AuthorizationQuery(org.camunda.bpm.engine.authorization.AuthorizationQuery)
Test(org.junit.Test)
Aggregations
Authorization (org.camunda.bpm.engine.authorization.Authorization)117
MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)26
AuthorizationException (org.camunda.bpm.engine.AuthorizationException)22
User (org.camunda.bpm.engine.identity.User)20
Test (org.junit.Test)17
AuthorizationQuery (org.camunda.bpm.engine.authorization.AuthorizationQuery)16
Group (org.camunda.bpm.engine.identity.Group)13
Permission (org.camunda.bpm.engine.authorization.Permission)12
AuthorizationService (org.camunda.bpm.engine.AuthorizationService)9
Tenant (org.camunda.bpm.engine.identity.Tenant)9
AuthorizationDto (org.camunda.bpm.engine.rest.dto.authorization.AuthorizationDto)8
Matchers.anyString (org.mockito.Matchers.anyString)7
ProcessEngineException (org.camunda.bpm.engine.ProcessEngineException)5
IdentityService (org.camunda.bpm.engine.IdentityService)3
Resource (org.camunda.bpm.engine.authorization.Resource)3
TenantEntity (org.camunda.bpm.engine.impl.persistence.entity.TenantEntity)3
Before (org.junit.Before)3
ArrayList (java.util.ArrayList)2
HashSet (java.util.HashSet)2
Filter (org.camunda.bpm.engine.filter.Filter)2
