Search in sources :

Example 6 with AuthorizationCheck

use of org.camunda.bpm.engine.impl.db.AuthorizationCheck in project camunda-bpm-platform by camunda.

the class AuthorizationCheckRevokesCfgTest method shouldUseCfgValue_never.

@Test
public void shouldUseCfgValue_never() {
    final ListQueryParameterObject query = new ListQueryParameterObject();
    final AuthorizationCheck authCheck = query.getAuthCheck();
    // given
    when(mockedConfiguration.getAuthorizationCheckRevokes()).thenReturn(ProcessEngineConfiguration.AUTHORIZATION_CHECK_REVOKE_NEVER);
    // if
    authorizationManager.configureQuery(query);
    // then
    assertEquals(false, authCheck.isRevokeAuthorizationCheckEnabled());
    verify(mockedEntityManager, never()).selectBoolean(eq("selectRevokeAuthorization"), any());
    verifyNoMoreInteractions(mockedEntityManager);
}
Also used : ListQueryParameterObject(org.camunda.bpm.engine.impl.db.ListQueryParameterObject) AuthorizationCheck(org.camunda.bpm.engine.impl.db.AuthorizationCheck) Test(org.junit.Test)

Example 7 with AuthorizationCheck

use of org.camunda.bpm.engine.impl.db.AuthorizationCheck in project camunda-bpm-platform by camunda.

the class AuthorizationCheckRevokesCfgTest method shouldCacheCheck.

@Test
public void shouldCacheCheck() {
    final ListQueryParameterObject query = new ListQueryParameterObject();
    final AuthorizationCheck authCheck = query.getAuthCheck();
    final HashMap<String, Object> expectedQueryParams = new HashMap<String, Object>();
    expectedQueryParams.put("userId", AUTHENTICATED_USER_ID);
    expectedQueryParams.put("authGroupIds", AUTHENTICATED_GROUPS);
    // given
    when(mockedConfiguration.getAuthorizationCheckRevokes()).thenReturn(ProcessEngineConfiguration.AUTHORIZATION_CHECK_REVOKE_AUTO);
    when(mockedEntityManager.selectBoolean(eq("selectRevokeAuthorization"), eq(expectedQueryParams))).thenReturn(true);
    // if
    authorizationManager.configureQuery(query);
    authorizationManager.configureQuery(query);
    // then
    assertEquals(true, authCheck.isRevokeAuthorizationCheckEnabled());
    verify(mockedEntityManager, times(1)).selectBoolean(eq("selectRevokeAuthorization"), eq(expectedQueryParams));
}
Also used : ListQueryParameterObject(org.camunda.bpm.engine.impl.db.ListQueryParameterObject) HashMap(java.util.HashMap) ListQueryParameterObject(org.camunda.bpm.engine.impl.db.ListQueryParameterObject) AuthorizationCheck(org.camunda.bpm.engine.impl.db.AuthorizationCheck) Test(org.junit.Test)

Example 8 with AuthorizationCheck

use of org.camunda.bpm.engine.impl.db.AuthorizationCheck in project camunda-bpm-platform by camunda.

the class AuthorizationCheckRevokesCfgTest method shouldUseCfgValue_always.

@Test
public void shouldUseCfgValue_always() {
    final ListQueryParameterObject query = new ListQueryParameterObject();
    final AuthorizationCheck authCheck = query.getAuthCheck();
    // given
    when(mockedConfiguration.getAuthorizationCheckRevokes()).thenReturn(ProcessEngineConfiguration.AUTHORIZATION_CHECK_REVOKE_ALWAYS);
    // if
    authorizationManager.configureQuery(query);
    // then
    assertEquals(true, authCheck.isRevokeAuthorizationCheckEnabled());
    verifyNoMoreInteractions(mockedEntityManager);
}
Also used : ListQueryParameterObject(org.camunda.bpm.engine.impl.db.ListQueryParameterObject) AuthorizationCheck(org.camunda.bpm.engine.impl.db.AuthorizationCheck) Test(org.junit.Test)

Example 9 with AuthorizationCheck

use of org.camunda.bpm.engine.impl.db.AuthorizationCheck in project camunda-bpm-platform by camunda.

the class AuthorizationManager method isAuthorized.

public boolean isAuthorized(String userId, List<String> groupIds, List<PermissionCheck> permissionChecks) {
    if (!isAuthorizationEnabled()) {
        return true;
    }
    List<String> filteredGroupIds = filterAuthenticatedGroupIds(groupIds);
    boolean isRevokeAuthorizationCheckEnabled = isRevokeAuthCheckEnabled(userId, groupIds);
    AuthorizationCheck authCheck = new AuthorizationCheck(userId, filteredGroupIds, permissionChecks, isRevokeAuthorizationCheckEnabled);
    return getDbEntityManager().selectBoolean("isUserAuthorizedForResource", authCheck);
}
Also used : AuthorizationCheck(org.camunda.bpm.engine.impl.db.AuthorizationCheck)

Aggregations

AuthorizationCheck (org.camunda.bpm.engine.impl.db.AuthorizationCheck)9 ListQueryParameterObject (org.camunda.bpm.engine.impl.db.ListQueryParameterObject)6 Test (org.junit.Test)6 HashMap (java.util.HashMap)4 Authentication (org.camunda.bpm.engine.impl.identity.Authentication)1