Example 41 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class DefaultAuthorizationProviderTest method setUp.
protected void setUp() throws Exception {
// we are jonny
identityService.setAuthenticatedUserId("jonny");
// make sure we can do stuff:
Authorization jonnyIsGod = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
jonnyIsGod.setUserId("jonny");
jonnyIsGod.setResource(USER);
jonnyIsGod.setResourceId(ANY);
jonnyIsGod.addPermission(ALL);
authorizationService.saveAuthorization(jonnyIsGod);
jonnyIsGod = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
jonnyIsGod.setUserId("jonny");
jonnyIsGod.setResource(GROUP);
jonnyIsGod.setResourceId(ANY);
jonnyIsGod.addPermission(ALL);
authorizationService.saveAuthorization(jonnyIsGod);
jonnyIsGod = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
jonnyIsGod.setUserId("jonny");
jonnyIsGod.setResource(AUTHORIZATION);
jonnyIsGod.setResourceId(ANY);
jonnyIsGod.addPermission(ALL);
authorizationService.saveAuthorization(jonnyIsGod);
// enable authorizations
processEngineConfiguration.setAuthorizationEnabled(true);
super.setUp();
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
Example 42 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class DefaultAuthorizationProviderTest method tearDown.
protected void tearDown() throws Exception {
processEngineConfiguration.setAuthorizationEnabled(false);
List<Authorization> jonnysAuths = authorizationService.createAuthorizationQuery().userIdIn("jonny").list();
for (Authorization authorization : jonnysAuths) {
authorizationService.deleteAuthorization(authorization.getId());
}
super.tearDown();
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
Example 43 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class DefaultAuthorizationProviderTest method testCreateUser.
public void testCreateUser() {
// initially there are no authorizations for jonny2:
assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count());
// create new user
identityService.saveUser(identityService.newUser("jonny2"));
// now there is an authorization for jonny2 which grants him ALL permissions on himself
Authorization authorization = authorizationService.createAuthorizationQuery().userIdIn("jonny2").singleResult();
assertNotNull(authorization);
assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType());
assertEquals(USER.resourceType(), authorization.getResourceType());
assertEquals("jonny2", authorization.getResourceId());
assertTrue(authorization.isPermissionGranted(ALL));
// delete the user
identityService.deleteUser("jonny2");
// the authorization is deleted as well:
assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count());
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
Example 44 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class IdentityServiceAuthorizationsTest method testTenantUserMembershipCreateAuthorizations.
public void testTenantUserMembershipCreateAuthorizations() {
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
Tenant tenant1 = identityService.newTenant("tenant1");
identityService.saveTenant(tenant1);
// add base permission which allows nobody to create memberships
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(TENANT_MEMBERSHIP);
basePerms.setResourceId(ANY);
// add all then remove 'create'
basePerms.addPermission(ALL);
basePerms.removePermission(CREATE);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.createTenantUserMembership("tenant1", "jonny1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(CREATE.getName(), TENANT_MEMBERSHIP.resourceName(), "tenant1", info);
}
}
Also used :
MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization)
Authorization(org.camunda.bpm.engine.authorization.Authorization)
User(org.camunda.bpm.engine.identity.User)
Tenant(org.camunda.bpm.engine.identity.Tenant)
MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization)
AuthorizationException(org.camunda.bpm.engine.AuthorizationException)
Example 45 with Authorization
use of org.camunda.bpm.engine.authorization.Authorization in project camunda-bpm-platform by camunda.
the class IdentityServiceAuthorizationsTest method testTenantUserMembershipDeleteAuthorizations.
public void testTenantUserMembershipDeleteAuthorizations() {
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
Tenant tenant1 = identityService.newTenant("tenant1");
identityService.saveTenant(tenant1);
// add base permission which allows nobody to delete memberships
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(TENANT_MEMBERSHIP);
basePerms.setResourceId(ANY);
// add all then remove 'delete'
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteTenantUserMembership("tenant1", "jonny1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), TENANT_MEMBERSHIP.resourceName(), "tenant1", info);
}
}
Also used :
MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization)
Authorization(org.camunda.bpm.engine.authorization.Authorization)
User(org.camunda.bpm.engine.identity.User)
Tenant(org.camunda.bpm.engine.identity.Tenant)
MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization)
AuthorizationException(org.camunda.bpm.engine.AuthorizationException)
Aggregations
Authorization (org.camunda.bpm.engine.authorization.Authorization)117
MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)26
AuthorizationException (org.camunda.bpm.engine.AuthorizationException)22
User (org.camunda.bpm.engine.identity.User)20
Test (org.junit.Test)17
AuthorizationQuery (org.camunda.bpm.engine.authorization.AuthorizationQuery)16
Group (org.camunda.bpm.engine.identity.Group)13
Permission (org.camunda.bpm.engine.authorization.Permission)12
AuthorizationService (org.camunda.bpm.engine.AuthorizationService)9
Tenant (org.camunda.bpm.engine.identity.Tenant)9
AuthorizationDto (org.camunda.bpm.engine.rest.dto.authorization.AuthorizationDto)8
Matchers.anyString (org.mockito.Matchers.anyString)7
ProcessEngineException (org.camunda.bpm.engine.ProcessEngineException)5
IdentityService (org.camunda.bpm.engine.IdentityService)3
Resource (org.camunda.bpm.engine.authorization.Resource)3
TenantEntity (org.camunda.bpm.engine.impl.persistence.entity.TenantEntity)3
Before (org.junit.Before)3
ArrayList (java.util.ArrayList)2
HashSet (java.util.HashSet)2
Filter (org.camunda.bpm.engine.filter.Filter)2
