Example 6 with Resource
use of org.camunda.bpm.engine.authorization.Resource in project camunda-bpm-platform by camunda.
the class AuthorizationScenarioInstance method assertAuthorizationException.
public void assertAuthorizationException(AuthorizationException e) {
if (!missingAuthorizations.isEmpty() && e != null) {
String message = e.getMessage();
String assertionFailureMessage = describeScenarioFailure("Expected an authorization exception but the message was wrong: " + e.getMessage());
List<MissingAuthorization> actualMissingAuthorizations = new ArrayList<MissingAuthorization>(e.getMissingAuthorizations());
List<MissingAuthorization> expectedMissingAuthorizations = MissingAuthorizationMatcher.asMissingAuthorizations(missingAuthorizations);
Assert.assertThat(actualMissingAuthorizations, containsInAnyOrder(MissingAuthorizationMatcher.asMatchers(expectedMissingAuthorizations)));
for (Authorization missingAuthorization : missingAuthorizations) {
Assert.assertTrue(assertionFailureMessage, message.contains(missingAuthorization.getUserId()));
Assert.assertEquals(missingAuthorization.getUserId(), e.getUserId());
for (Permission permission : missingAuthorization.getPermissions(Permissions.values())) {
if (permission != Permissions.NONE) {
Assert.assertTrue(assertionFailureMessage, message.contains(permission.getName()));
}
}
if (!Authorization.ANY.equals(missingAuthorization.getResourceId())) {
// missing ANY authorizations are not explicitly represented in the error message
Assert.assertTrue(assertionFailureMessage, message.contains(missingAuthorization.getResourceId()));
}
Resource resource = AuthorizationTestUtil.getResourceByType(missingAuthorization.getResourceType());
Assert.assertTrue(assertionFailureMessage, message.contains(resource.resourceName()));
}
} else if (missingAuthorizations.isEmpty() && e == null) {
// nothing to do
} else {
if (e != null) {
Assert.fail(describeScenarioFailure("Expected no authorization exception but got one: " + e.getMessage()));
} else {
Assert.fail(describeScenarioFailure("Expected failure due to missing authorizations but code under test was successful"));
}
}
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization)
MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization)
ArrayList(java.util.ArrayList)
Permission(org.camunda.bpm.engine.authorization.Permission)
Resource(org.camunda.bpm.engine.authorization.Resource)
Example 7 with Resource
use of org.camunda.bpm.engine.authorization.Resource in project camunda-bpm-platform by camunda.
the class AuthorizationQueryTest method testValidQueryCounts.
public void testValidQueryCounts() {
Resource resource1 = new TestResource("resource1", 100);
Resource resource2 = new TestResource("resource2", 101);
Resource nonExisting = new TestResource("non-existing", 102);
// query by user id
assertEquals(2, authorizationService.createAuthorizationQuery().userIdIn("user1").count());
assertEquals(1, authorizationService.createAuthorizationQuery().userIdIn("user2").count());
assertEquals(1, authorizationService.createAuthorizationQuery().userIdIn("user3").count());
assertEquals(3, authorizationService.createAuthorizationQuery().userIdIn("user1", "user2").count());
assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("non-existing").count());
// query by group id
assertEquals(2, authorizationService.createAuthorizationQuery().groupIdIn("group1").count());
assertEquals(1, authorizationService.createAuthorizationQuery().groupIdIn("group2").count());
assertEquals(1, authorizationService.createAuthorizationQuery().groupIdIn("group3").count());
assertEquals(3, authorizationService.createAuthorizationQuery().groupIdIn("group1", "group2").count());
assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("non-existing").count());
// query by resource type
assertEquals(4, authorizationService.createAuthorizationQuery().resourceType(resource1).count());
assertEquals(0, authorizationService.createAuthorizationQuery().resourceType(nonExisting).count());
assertEquals(4, authorizationService.createAuthorizationQuery().resourceType(resource1.resourceType()).count());
assertEquals(0, authorizationService.createAuthorizationQuery().resourceType(nonExisting.resourceType()).count());
// query by resource id
assertEquals(2, authorizationService.createAuthorizationQuery().resourceId("resource1-2").count());
assertEquals(0, authorizationService.createAuthorizationQuery().resourceId("non-existing").count());
// query by permission
assertEquals(1, authorizationService.createAuthorizationQuery().hasPermission(Permissions.ACCESS).count());
assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(Permissions.DELETE).count());
assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).count());
assertEquals(3, authorizationService.createAuthorizationQuery().hasPermission(Permissions.UPDATE).count());
// multiple permissions at the same time
assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).hasPermission(Permissions.UPDATE).count());
assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(Permissions.UPDATE).hasPermission(Permissions.READ).count());
assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).hasPermission(Permissions.ACCESS).count());
// user id & resource type
assertEquals(1, authorizationService.createAuthorizationQuery().userIdIn("user1").resourceType(resource1).count());
assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("user1").resourceType(nonExisting).count());
// group id & resource type
assertEquals(1, authorizationService.createAuthorizationQuery().groupIdIn("group2").resourceType(resource2).count());
assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("group1").resourceType(nonExisting).count());
}
Also used :
Resource(org.camunda.bpm.engine.authorization.Resource)
Example 8 with Resource
use of org.camunda.bpm.engine.authorization.Resource in project camunda-bpm-platform by camunda.
the class AuthorizationQueryTest method setUp.
@Override
protected void setUp() throws Exception {
super.setUp();
Resource resource1 = new TestResource("resource1", 100);
Resource resource2 = new TestResource("resource2", 101);
createAuthorization("user1", null, resource1, "resource1-1", Permissions.ACCESS);
createAuthorization("user1", null, resource2, "resource2-1", Permissions.DELETE);
createAuthorization("user2", null, resource1, "resource1-2");
createAuthorization("user3", null, resource2, "resource2-1", Permissions.READ, Permissions.UPDATE);
createAuthorization(null, "group1", resource1, "resource1-1");
createAuthorization(null, "group1", resource1, "resource1-2", Permissions.UPDATE);
createAuthorization(null, "group2", resource2, "resource2-2", Permissions.READ, Permissions.UPDATE);
createAuthorization(null, "group3", resource2, "resource2-3", Permissions.DELETE);
}
Also used :
Resource(org.camunda.bpm.engine.authorization.Resource)
Aggregations
Resource (org.camunda.bpm.engine.authorization.Resource)8
Authorization (org.camunda.bpm.engine.authorization.Authorization)3
AuthorizationService (org.camunda.bpm.engine.AuthorizationService)2
MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)2
Permission (org.camunda.bpm.engine.authorization.Permission)2
AuthorizationEntity (org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity)2
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
FilterService (org.camunda.bpm.engine.FilterService)1
IdentityService (org.camunda.bpm.engine.IdentityService)1
TaskService (org.camunda.bpm.engine.TaskService)1
Filter (org.camunda.bpm.engine.filter.Filter)1
Group (org.camunda.bpm.engine.identity.Group)1
User (org.camunda.bpm.engine.identity.User)1
TaskQuery (org.camunda.bpm.engine.task.TaskQuery)1
