use of org.camunda.bpm.engine.identity.User in project camunda-bpm-platform by camunda.
the class UserQueryTest method createUser.
private User createUser(String id, String firstName, String lastName, String email) {
User user = identityService.newUser(id);
user.setFirstName(firstName);
user.setLastName(lastName);
user.setEmail(email);
identityService.saveUser(user);
return user;
}
use of org.camunda.bpm.engine.identity.User in project camunda-bpm-platform by camunda.
the class IdentityServiceAuthorizationsTest method testUserQueryAuthorizations.
public void testUserQueryAuthorizations() {
// we are jonny2
String authUserId = "jonny2";
identityService.setAuthenticatedUserId(authUserId);
// create new user jonny1
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
// set base permission for all users (no-one has any permissions on users)
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(USER);
basePerms.setResourceId(ANY);
authorizationService.saveAuthorization(basePerms);
// now enable checks
processEngineConfiguration.setAuthorizationEnabled(true);
// we cannot fetch the user
assertNull(identityService.createUserQuery().singleResult());
assertEquals(0, identityService.createUserQuery().count());
processEngineConfiguration.setAuthorizationEnabled(false);
// now we add permission for jonny2 to read the user:
Authorization ourPerms = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
ourPerms.setUserId(authUserId);
ourPerms.setResource(USER);
ourPerms.setResourceId(ANY);
ourPerms.addPermission(READ);
authorizationService.saveAuthorization(ourPerms);
processEngineConfiguration.setAuthorizationEnabled(true);
// now we can fetch the user
assertNotNull(identityService.createUserQuery().singleResult());
assertEquals(1, identityService.createUserQuery().count());
// change the base permission:
processEngineConfiguration.setAuthorizationEnabled(false);
basePerms = authorizationService.createAuthorizationQuery().resourceType(USER).userIdIn("*").singleResult();
basePerms.addPermission(READ);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
// we can still fetch the user
assertNotNull(identityService.createUserQuery().singleResult());
assertEquals(1, identityService.createUserQuery().count());
// revoke permission for jonny2:
processEngineConfiguration.setAuthorizationEnabled(false);
ourPerms = authorizationService.createAuthorizationQuery().resourceType(USER).userIdIn(authUserId).singleResult();
ourPerms.removePermission(READ);
authorizationService.saveAuthorization(ourPerms);
Authorization revoke = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
revoke.setUserId(authUserId);
revoke.setResource(USER);
revoke.setResourceId(ANY);
revoke.removePermission(READ);
authorizationService.saveAuthorization(revoke);
processEngineConfiguration.setAuthorizationEnabled(true);
// now we cannot fetch the user
assertNull(identityService.createUserQuery().singleResult());
assertEquals(0, identityService.createUserQuery().count());
// delete our perms
processEngineConfiguration.setAuthorizationEnabled(false);
authorizationService.deleteAuthorization(ourPerms.getId());
authorizationService.deleteAuthorization(revoke.getId());
processEngineConfiguration.setAuthorizationEnabled(true);
// now the base permission applies and grants us read access
assertNotNull(identityService.createUserQuery().singleResult());
assertEquals(1, identityService.createUserQuery().count());
}
use of org.camunda.bpm.engine.identity.User in project camunda-bpm-platform by camunda.
the class IdentityServiceTest method findUserByUnexistingId.
@Test
public void findUserByUnexistingId() {
User user = identityService.createUserQuery().userId("unexistinguser").singleResult();
assertNull(user);
}
use of org.camunda.bpm.engine.identity.User in project camunda-bpm-platform by camunda.
the class IdentityServiceTest method testUpdatePassword.
@Test
public void testUpdatePassword() {
// store user with password
User user = identityService.newUser("secureUser");
user.setPassword("s3cret");
identityService.saveUser(user);
assertTrue(identityService.checkPassword(user.getId(), "s3cret"));
user.setPassword("new-password");
identityService.saveUser(user);
assertTrue(identityService.checkPassword(user.getId(), "new-password"));
identityService.deleteUser(user.getId());
}
use of org.camunda.bpm.engine.identity.User in project camunda-bpm-platform by camunda.
the class IdentityServiceTest method testSuccessfulLoginAfterFailureAndDelay.
@Test
public void testSuccessfulLoginAfterFailureAndDelay() {
User user = identityService.newUser("johndoe");
user.setPassword("xxx");
identityService.saveUser(user);
Date now = null;
now = ClockUtil.getCurrentTime();
assertFalse(identityService.checkPassword("johndoe", "invalid pwd"));
ClockUtil.setCurrentTime(DateUtils.addSeconds(now, 30));
assertTrue(identityService.checkPassword("johndoe", "xxx"));
identityService.deleteUser("johndoe");
}
Aggregations