use of org.camunda.bpm.engine.impl.db.AuthorizationCheck in project camunda-bpm-platform by camunda.
the class AuthorizationCheckRevokesCfgTest method shouldUseCfgValue_never.
@Test
public void shouldUseCfgValue_never() {
final ListQueryParameterObject query = new ListQueryParameterObject();
final AuthorizationCheck authCheck = query.getAuthCheck();
// given
when(mockedConfiguration.getAuthorizationCheckRevokes()).thenReturn(ProcessEngineConfiguration.AUTHORIZATION_CHECK_REVOKE_NEVER);
// if
authorizationManager.configureQuery(query);
// then
assertEquals(false, authCheck.isRevokeAuthorizationCheckEnabled());
verify(mockedEntityManager, never()).selectBoolean(eq("selectRevokeAuthorization"), any());
verifyNoMoreInteractions(mockedEntityManager);
}
use of org.camunda.bpm.engine.impl.db.AuthorizationCheck in project camunda-bpm-platform by camunda.
the class AuthorizationCheckRevokesCfgTest method shouldCacheCheck.
@Test
public void shouldCacheCheck() {
final ListQueryParameterObject query = new ListQueryParameterObject();
final AuthorizationCheck authCheck = query.getAuthCheck();
final HashMap<String, Object> expectedQueryParams = new HashMap<String, Object>();
expectedQueryParams.put("userId", AUTHENTICATED_USER_ID);
expectedQueryParams.put("authGroupIds", AUTHENTICATED_GROUPS);
// given
when(mockedConfiguration.getAuthorizationCheckRevokes()).thenReturn(ProcessEngineConfiguration.AUTHORIZATION_CHECK_REVOKE_AUTO);
when(mockedEntityManager.selectBoolean(eq("selectRevokeAuthorization"), eq(expectedQueryParams))).thenReturn(true);
// if
authorizationManager.configureQuery(query);
authorizationManager.configureQuery(query);
// then
assertEquals(true, authCheck.isRevokeAuthorizationCheckEnabled());
verify(mockedEntityManager, times(1)).selectBoolean(eq("selectRevokeAuthorization"), eq(expectedQueryParams));
}
use of org.camunda.bpm.engine.impl.db.AuthorizationCheck in project camunda-bpm-platform by camunda.
the class AuthorizationCheckRevokesCfgTest method shouldUseCfgValue_always.
@Test
public void shouldUseCfgValue_always() {
final ListQueryParameterObject query = new ListQueryParameterObject();
final AuthorizationCheck authCheck = query.getAuthCheck();
// given
when(mockedConfiguration.getAuthorizationCheckRevokes()).thenReturn(ProcessEngineConfiguration.AUTHORIZATION_CHECK_REVOKE_ALWAYS);
// if
authorizationManager.configureQuery(query);
// then
assertEquals(true, authCheck.isRevokeAuthorizationCheckEnabled());
verifyNoMoreInteractions(mockedEntityManager);
}
use of org.camunda.bpm.engine.impl.db.AuthorizationCheck in project camunda-bpm-platform by camunda.
the class AuthorizationManager method isAuthorized.
public boolean isAuthorized(String userId, List<String> groupIds, List<PermissionCheck> permissionChecks) {
if (!isAuthorizationEnabled()) {
return true;
}
List<String> filteredGroupIds = filterAuthenticatedGroupIds(groupIds);
boolean isRevokeAuthorizationCheckEnabled = isRevokeAuthCheckEnabled(userId, groupIds);
AuthorizationCheck authCheck = new AuthorizationCheck(userId, filteredGroupIds, permissionChecks, isRevokeAuthorizationCheckEnabled);
return getDbEntityManager().selectBoolean("isUserAuthorizedForResource", authCheck);
}
Aggregations