use of org.camunda.bpm.engine.identity.Group in project camunda-bpm-platform by camunda.
the class IdentityServiceTenantTest method createTenantGroupMembershipAlreadyExisting.
@Test
public void createTenantGroupMembershipAlreadyExisting() {
Tenant tenant = identityService.newTenant(TENANT_ONE);
identityService.saveTenant(tenant);
Group group = identityService.newGroup(GROUP_ONE);
identityService.saveGroup(group);
identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ONE);
thrown.expect(ProcessEngineException.class);
identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ONE);
}
use of org.camunda.bpm.engine.identity.Group in project camunda-bpm-platform by camunda.
the class IdentityServiceTenantTest method deleteTenantMembershipsWhileDeleteGroup.
@Test
public void deleteTenantMembershipsWhileDeleteGroup() {
Tenant tenant = identityService.newTenant(TENANT_ONE);
identityService.saveTenant(tenant);
Group group = identityService.newGroup(GROUP_ONE);
identityService.saveGroup(group);
identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ONE);
TenantQuery query = identityService.createTenantQuery().groupMember(GROUP_ONE);
assertThat(query.count(), is(1L));
identityService.deleteGroup(GROUP_ONE);
assertThat(query.count(), is(0L));
}
use of org.camunda.bpm.engine.identity.Group in project camunda-bpm-platform by camunda.
the class IdentityServiceWithJdbcSimpleProcessingTest method testGroupOptimisticLockingException.
@Test
public void testGroupOptimisticLockingException() {
Group group = identityService.newGroup("group");
identityService.saveGroup(group);
Group group1 = identityService.createGroupQuery().singleResult();
Group group2 = identityService.createGroupQuery().singleResult();
group1.setName("name one");
identityService.saveGroup(group1);
thrown.expect(OptimisticLockingException.class);
group2.setName("name two");
identityService.saveGroup(group2);
}
use of org.camunda.bpm.engine.identity.Group in project camunda-bpm-platform by camunda.
the class IdentityServiceAuthorizationsTest method testGroupUpdateAuthorizations.
public void testGroupUpdateAuthorizations() {
// crate group while still in god-mode:
Group group1 = identityService.newGroup("group1");
identityService.saveGroup(group1);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(GROUP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
// revoke update
basePerms.removePermission(UPDATE);
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
// fetch user:
group1 = identityService.createGroupQuery().singleResult();
group1.setName("Group 1");
try {
identityService.saveGroup(group1);
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(UPDATE.getName(), GROUP.resourceName(), "group1", info);
}
// but I can create a new group:
Group group2 = identityService.newGroup("group2");
identityService.saveGroup(group2);
}
use of org.camunda.bpm.engine.identity.Group in project camunda-bpm-platform by camunda.
the class IdentityServiceAuthorizationsTest method testMembershipDeleteAuthorizations.
public void testMembershipDeleteAuthorizations() {
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
Group group1 = identityService.newGroup("group1");
identityService.saveGroup(group1);
// add base permission which allows nobody to add users to groups
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(GROUP_MEMBERSHIP);
basePerms.setResourceId(ANY);
// add all then remove 'delete'
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteMembership("jonny1", "group1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), GROUP_MEMBERSHIP.resourceName(), "group1", info);
}
}
Aggregations