Example 36 with Tenant
use of org.camunda.bpm.engine.identity.Tenant in project camunda-bpm-platform by camunda.
the class IdentityServiceTenantTest method deleteTenantUserMembership.
@Test
public void deleteTenantUserMembership() {
Tenant tenant = identityService.newTenant(TENANT_ONE);
identityService.saveTenant(tenant);
User user = identityService.newUser(USER_ONE);
identityService.saveUser(user);
identityService.createTenantUserMembership(TENANT_ONE, USER_ONE);
TenantQuery query = identityService.createTenantQuery().userMember(USER_ONE);
assertThat(query.count(), is(1L));
identityService.deleteTenantUserMembership("nonExisting", USER_ONE);
assertThat(query.count(), is(1L));
identityService.deleteTenantUserMembership(TENANT_ONE, "nonExisting");
assertThat(query.count(), is(1L));
identityService.deleteTenantUserMembership(TENANT_ONE, USER_ONE);
assertThat(query.count(), is(0L));
}
Also used :
Tenant(org.camunda.bpm.engine.identity.Tenant)
User(org.camunda.bpm.engine.identity.User)
TenantQuery(org.camunda.bpm.engine.identity.TenantQuery)
Test(org.junit.Test)
Example 37 with Tenant
use of org.camunda.bpm.engine.identity.Tenant in project camunda-bpm-platform by camunda.
the class IdentityServiceTenantTest method deleteTenantMembershipsOfTenant.
@Test
public void deleteTenantMembershipsOfTenant() {
Tenant tenant = identityService.newTenant(TENANT_ONE);
identityService.saveTenant(tenant);
User user = identityService.newUser(USER_ONE);
identityService.saveUser(user);
Group group = identityService.newGroup(GROUP_ONE);
identityService.saveGroup(group);
identityService.createTenantUserMembership(TENANT_ONE, USER_ONE);
identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ONE);
UserQuery userQuery = identityService.createUserQuery().memberOfTenant(TENANT_ONE);
GroupQuery groupQuery = identityService.createGroupQuery().memberOfTenant(TENANT_ONE);
assertThat(userQuery.count(), is(1L));
assertThat(groupQuery.count(), is(1L));
identityService.deleteTenant(TENANT_ONE);
assertThat(userQuery.count(), is(0L));
assertThat(groupQuery.count(), is(0L));
}Example 38 with Tenant
use of org.camunda.bpm.engine.identity.Tenant in project camunda-bpm-platform by camunda.
the class IdentityServiceTenantTest method createTenantWithGenericResourceId.
@Test
public void createTenantWithGenericResourceId() {
Tenant tenant = identityService.newTenant("*");
thrown.expect(ProcessEngineException.class);
thrown.expectMessage("has an invalid id: id cannot be *. * is a reserved identifier.");
identityService.saveTenant(tenant);
}Example 39 with Tenant
use of org.camunda.bpm.engine.identity.Tenant in project camunda-bpm-platform by camunda.
the class IdentityServiceTenantTest method createTenant.
@Test
public void createTenant() {
Tenant tenant = identityService.newTenant(TENANT_ONE);
tenant.setName("Tenant");
identityService.saveTenant(tenant);
tenant = identityService.createTenantQuery().singleResult();
assertThat(tenant, is(notNullValue()));
assertThat(tenant.getId(), is(TENANT_ONE));
assertThat(tenant.getName(), is("Tenant"));
}Example 40 with Tenant
use of org.camunda.bpm.engine.identity.Tenant in project camunda-bpm-platform by camunda.
the class IdentityServiceAuthorizationsTest method testTenantQueryAuthorizations.
public void testTenantQueryAuthorizations() {
// we are jonny2
String authUserId = "jonny2";
identityService.setAuthenticatedUserId(authUserId);
// create new user jonny1
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
// create new tenant
Tenant tenant = identityService.newTenant("tenant");
identityService.saveTenant(tenant);
// set base permission for all users (no-one has any permissions on tenants)
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(TENANT);
basePerms.setResourceId(ANY);
authorizationService.saveAuthorization(basePerms);
// now enable checks
processEngineConfiguration.setAuthorizationEnabled(true);
// we cannot fetch the tenants
assertEquals(0, identityService.createTenantQuery().count());
// now we add permission for jonny2 to read the tenants:
processEngineConfiguration.setAuthorizationEnabled(false);
Authorization ourPerms = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
ourPerms.setUserId(authUserId);
ourPerms.setResource(TENANT);
ourPerms.setResourceId(ANY);
ourPerms.addPermission(READ);
authorizationService.saveAuthorization(ourPerms);
processEngineConfiguration.setAuthorizationEnabled(true);
// now we can fetch the tenants
assertEquals(1, identityService.createTenantQuery().count());
// change the base permission:
processEngineConfiguration.setAuthorizationEnabled(false);
basePerms = authorizationService.createAuthorizationQuery().resourceType(TENANT).userIdIn("*").singleResult();
basePerms.addPermission(READ);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
// we can still fetch the tenants
assertEquals(1, identityService.createTenantQuery().count());
// revoke permission for jonny2:
processEngineConfiguration.setAuthorizationEnabled(false);
ourPerms = authorizationService.createAuthorizationQuery().resourceType(TENANT).userIdIn(authUserId).singleResult();
ourPerms.removePermission(READ);
authorizationService.saveAuthorization(ourPerms);
Authorization revoke = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
revoke.setUserId(authUserId);
revoke.setResource(TENANT);
revoke.setResourceId(ANY);
revoke.removePermission(READ);
authorizationService.saveAuthorization(revoke);
processEngineConfiguration.setAuthorizationEnabled(true);
// now we cannot fetch the tenants
assertEquals(0, identityService.createTenantQuery().count());
// delete our permissions
processEngineConfiguration.setAuthorizationEnabled(false);
authorizationService.deleteAuthorization(ourPerms.getId());
authorizationService.deleteAuthorization(revoke.getId());
processEngineConfiguration.setAuthorizationEnabled(true);
// now the base permission applies and grants us read access
assertEquals(1, identityService.createTenantQuery().count());
}
Also used :
MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization)
Authorization(org.camunda.bpm.engine.authorization.Authorization)
User(org.camunda.bpm.engine.identity.User)
Tenant(org.camunda.bpm.engine.identity.Tenant)
Aggregations
Tenant (org.camunda.bpm.engine.identity.Tenant)47
Test (org.junit.Test)24
AuthorizationException (org.camunda.bpm.engine.AuthorizationException)10
TenantQuery (org.camunda.bpm.engine.identity.TenantQuery)10
Authorization (org.camunda.bpm.engine.authorization.Authorization)9
Group (org.camunda.bpm.engine.identity.Group)9
MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)8
User (org.camunda.bpm.engine.identity.User)8
Matchers.anyString (org.mockito.Matchers.anyString)7
InvalidRequestException (org.camunda.bpm.engine.rest.exception.InvalidRequestException)6
ArrayList (java.util.ArrayList)5
TenantEntity (org.camunda.bpm.engine.impl.persistence.entity.TenantEntity)3
IdentityService (org.camunda.bpm.engine.IdentityService)2
RepositoryService (org.camunda.bpm.engine.RepositoryService)2
GroupQuery (org.camunda.bpm.engine.identity.GroupQuery)2
AuthorizationServiceImpl (org.camunda.bpm.engine.impl.AuthorizationServiceImpl)2
IdentityServiceImpl (org.camunda.bpm.engine.impl.IdentityServiceImpl)2
Before (org.junit.Before)2
AuthorizationService (org.camunda.bpm.engine.AuthorizationService)1
ProcessEngineException (org.camunda.bpm.engine.ProcessEngineException)1
