Examples with MissingAuthorization org.camunda.bpm.engine.authorization.MissingAuthorization used on opensource projects

Search in sources :

Example 16 with MissingAuthorization

use of org.camunda.bpm.engine.authorization.MissingAuthorization in project camunda-bpm-platform by camunda.

the class AuthorizationServiceAuthorizationsTest method testUserUpdateAuthorizations.

public void testUserUpdateAuthorizations() {
    // create global auth
    Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
    basePerms.setResource(AUTHORIZATION);
    basePerms.setResourceId(ANY);
    basePerms.addPermission(ALL);
    // revoke update
    basePerms.removePermission(UPDATE);
    authorizationService.saveAuthorization(basePerms);
    // turn on authorization
    processEngineConfiguration.setAuthorizationEnabled(true);
    identityService.setAuthenticatedUserId(jonny2);
    // fetch authhorization
    basePerms = authorizationService.createAuthorizationQuery().singleResult();
    // make some change to the perms
    basePerms.addPermission(ALL);
    try {
        authorizationService.saveAuthorization(basePerms);
        fail("exception expected");
    } catch (AuthorizationException e) {
        assertEquals(1, e.getMissingAuthorizations().size());
        MissingAuthorization info = e.getMissingAuthorizations().get(0);
        assertEquals(jonny2, e.getUserId());
        assertExceptionInfo(UPDATE.getName(), AUTHORIZATION.resourceName(), basePerms.getId(), info);
    }
    // but we can create a new auth
    Authorization newAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    newAuth.setUserId("jonny2");
    newAuth.setResource(AUTHORIZATION);
    newAuth.setResourceId(ANY);
    newAuth.addPermission(ALL);
    authorizationService.saveAuthorization(newAuth);
}
Also used : Authorization(org.camunda.bpm.engine.authorization.Authorization) MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) AuthorizationException(org.camunda.bpm.engine.AuthorizationException)

Example 17 with MissingAuthorization

use of org.camunda.bpm.engine.authorization.MissingAuthorization in project camunda-bpm-platform by camunda.

the class AuthorizationServiceAuthorizationsTest method testCreateAuthorization.

public void testCreateAuthorization() {
    // add base permission which allows nobody to create authorizations
    Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
    basePerms.setResource(AUTHORIZATION);
    basePerms.setResourceId(ANY);
    // add all then remove 'create'
    basePerms.addPermission(ALL);
    basePerms.removePermission(CREATE);
    authorizationService.saveAuthorization(basePerms);
    // now enable authorizations:
    processEngineConfiguration.setAuthorizationEnabled(true);
    identityService.setAuthenticatedUserId(jonny2);
    try {
        // we cannot create another authorization
        authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
        fail("exception expected");
    } catch (AuthorizationException e) {
        assertEquals(1, e.getMissingAuthorizations().size());
        MissingAuthorization info = e.getMissingAuthorizations().get(0);
        assertEquals(jonny2, e.getUserId());
        assertExceptionInfo(CREATE.getName(), AUTHORIZATION.resourceName(), null, info);
    }
    // circumvent auth check to get new transient object
    Authorization authorization = new AuthorizationEntity(AUTH_TYPE_REVOKE);
    authorization.setUserId("someUserId");
    authorization.setResource(Resources.APPLICATION);
    try {
        authorizationService.saveAuthorization(authorization);
        fail("exception expected");
    } catch (AuthorizationException e) {
        assertEquals(1, e.getMissingAuthorizations().size());
        MissingAuthorization info = e.getMissingAuthorizations().get(0);
        assertEquals(jonny2, e.getUserId());
        assertExceptionInfo(CREATE.getName(), AUTHORIZATION.resourceName(), null, info);
    }
}
Also used : Authorization(org.camunda.bpm.engine.authorization.Authorization) MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) AuthorizationException(org.camunda.bpm.engine.AuthorizationException) AuthorizationEntity(org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity)

Example 18 with MissingAuthorization

use of org.camunda.bpm.engine.authorization.MissingAuthorization in project camunda-bpm-platform by camunda.

the class IdentityServiceAuthorizationsTest method testTenanGroupMembershipDeleteAuthorizations.

public void testTenanGroupMembershipDeleteAuthorizations() {
    Group group1 = identityService.newGroup("group1");
    identityService.saveGroup(group1);
    Tenant tenant1 = identityService.newTenant("tenant1");
    identityService.saveTenant(tenant1);
    // add base permission which allows nobody to delete memberships
    Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
    basePerms.setResource(TENANT_MEMBERSHIP);
    basePerms.setResourceId(ANY);
    // add all then remove 'delete'
    basePerms.addPermission(ALL);
    basePerms.removePermission(DELETE);
    authorizationService.saveAuthorization(basePerms);
    processEngineConfiguration.setAuthorizationEnabled(true);
    identityService.setAuthenticatedUserId(jonny2);
    try {
        identityService.deleteTenantGroupMembership("tenant1", "group1");
        fail("exception expected");
    } catch (AuthorizationException e) {
        assertEquals(1, e.getMissingAuthorizations().size());
        MissingAuthorization info = e.getMissingAuthorizations().get(0);
        assertEquals(jonny2, e.getUserId());
        assertExceptionInfo(DELETE.getName(), TENANT_MEMBERSHIP.resourceName(), "tenant1", info);
    }
}
Also used : MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) Authorization(org.camunda.bpm.engine.authorization.Authorization) Group(org.camunda.bpm.engine.identity.Group) Tenant(org.camunda.bpm.engine.identity.Tenant) MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) AuthorizationException(org.camunda.bpm.engine.AuthorizationException)

Example 19 with MissingAuthorization

use of org.camunda.bpm.engine.authorization.MissingAuthorization in project camunda-bpm-platform by camunda.

the class IdentityServiceAuthorizationsTest method testTenantUpdateAuthorizations.

public void testTenantUpdateAuthorizations() {
    // create tenant
    Tenant tenant = new TenantEntity("tenant");
    identityService.saveTenant(tenant);
    // create global auth
    Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
    basePerms.setResource(TENANT);
    basePerms.setResourceId(ANY);
    basePerms.addPermission(ALL);
    // revoke update
    basePerms.removePermission(UPDATE);
    authorizationService.saveAuthorization(basePerms);
    // turn on authorization
    processEngineConfiguration.setAuthorizationEnabled(true);
    identityService.setAuthenticatedUserId(jonny2);
    // fetch user:
    tenant = identityService.createTenantQuery().singleResult();
    tenant.setName("newName");
    try {
        identityService.saveTenant(tenant);
        fail("exception expected");
    } catch (AuthorizationException e) {
        assertEquals(1, e.getMissingAuthorizations().size());
        MissingAuthorization info = e.getMissingAuthorizations().get(0);
        assertEquals(jonny2, e.getUserId());
        assertExceptionInfo(UPDATE.getName(), TENANT.resourceName(), "tenant", info);
    }
    // but I can create a new tenant:
    Tenant newTenant = identityService.newTenant("newTenant");
    identityService.saveTenant(newTenant);
}
Also used : MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) Authorization(org.camunda.bpm.engine.authorization.Authorization) Tenant(org.camunda.bpm.engine.identity.Tenant) MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) TenantEntity(org.camunda.bpm.engine.impl.persistence.entity.TenantEntity) AuthorizationException(org.camunda.bpm.engine.AuthorizationException)

Example 20 with MissingAuthorization

use of org.camunda.bpm.engine.authorization.MissingAuthorization in project camunda-bpm-platform by camunda.

the class IdentityServiceAuthorizationsTest method testMembershipCreateAuthorizations.

public void testMembershipCreateAuthorizations() {
    User jonny1 = identityService.newUser("jonny1");
    identityService.saveUser(jonny1);
    Group group1 = identityService.newGroup("group1");
    identityService.saveGroup(group1);
    // add base permission which allows nobody to add users to groups
    Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
    basePerms.setResource(GROUP_MEMBERSHIP);
    basePerms.setResourceId(ANY);
    // add all then remove 'crate'
    basePerms.addPermission(ALL);
    basePerms.removePermission(CREATE);
    authorizationService.saveAuthorization(basePerms);
    processEngineConfiguration.setAuthorizationEnabled(true);
    identityService.setAuthenticatedUserId(jonny2);
    try {
        identityService.createMembership("jonny1", "group1");
        fail("exception expected");
    } catch (AuthorizationException e) {
        assertEquals(1, e.getMissingAuthorizations().size());
        MissingAuthorization info = e.getMissingAuthorizations().get(0);
        assertEquals(jonny2, e.getUserId());
        assertExceptionInfo(CREATE.getName(), GROUP_MEMBERSHIP.resourceName(), "group1", info);
    }
}
Also used : MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) Authorization(org.camunda.bpm.engine.authorization.Authorization) Group(org.camunda.bpm.engine.identity.Group) User(org.camunda.bpm.engine.identity.User) MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) AuthorizationException(org.camunda.bpm.engine.AuthorizationException)

Aggregations

MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)24 AuthorizationException (org.camunda.bpm.engine.AuthorizationException)21 Authorization (org.camunda.bpm.engine.authorization.Authorization)19 Group (org.camunda.bpm.engine.identity.Group)7 Tenant (org.camunda.bpm.engine.identity.Tenant)7 User (org.camunda.bpm.engine.identity.User)7 ArrayList (java.util.ArrayList)4 TenantEntity (org.camunda.bpm.engine.impl.persistence.entity.TenantEntity)3 Permission (org.camunda.bpm.engine.authorization.Permission)2 Resource (org.camunda.bpm.engine.authorization.Resource)2 CompositePermissionCheck (org.camunda.bpm.engine.impl.db.CompositePermissionCheck)2 PermissionCheck (org.camunda.bpm.engine.impl.db.PermissionCheck)2 Authentication (org.camunda.bpm.engine.impl.identity.Authentication)2 GET (javax.ws.rs.GET)1 Path (javax.ws.rs.Path)1 AuthorizationEntity (org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity)1 GroupEntity (org.camunda.bpm.engine.impl.persistence.entity.GroupEntity)1 UserEntity (org.camunda.bpm.engine.impl.persistence.entity.UserEntity)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial